Unable to browse when comodo firewall is on :(

[Guest]

[shirish]

Hi all,
     I'm unable to browse either through IE 7 or FF 2.0 whenever Comodo firewall is on. My router is bridged (which basically means all the ports are open) hence need to use a firewall which enables me to do torrenting as well as do browsing as well as mailing. Please lemme know what steps with screenshots I need to do in order to surf/browse the net. Hoping for some solution. Thnx in advance

[Little Mac]

Hey, shirish, I'm betting you've inadvertently blocked something, and since neither browser works, I'm betting it's svchost.exe.  Check your Application Monitor for "Blocked" application, and the logs (Activity/Logs) for entries of what's being blocked; therein will lie your clues.

If you want, you can Export the logs to HTML when you can't access the internet; open the saved file, copy & paste as text into your post, and we'll take a look to see what's going on.

LM

[ray098]

wen ever theres "popup alerts " from the Comodo firewall you should check the little box on the bottom "Remeber my answer for this appplication" and then click allow. * if u kno that program usually I just allow them.
your prob: u mite hav pressed "deny" or ignored.
Solution: U might hav to re start your computer and accept everythin to trry...

I hope i helped..imi kinda new here , anyway good luck!

[Bubu74]

Have you set your network as a trusted zone?

[shirish]

Hi all,
        First of all thnx for the replies. Bubu74 as far as network is concerned, there is no network, it's just a single comp. used for accessing net so no LAN
        Little MAC here are the contents of the logs.html maybe u can figure out. Btw there is no mention of svchost.exe in the application monitor. I haven't denied but many a time there are n no. of popups so when I say accept for e.g. firefox  going to some address or something there are 10 more which the popup says are waiting. When I click accept on the 1st one then the rest disappear. Sorry if I'm confusing u more but then I'm myself confused
           I tried to put the full log here but it doesn't take more than 4k words hence put the 50kb file in rapidshare. Here is the link

http://rapidshare.com/files/14651862/logs040207.txt.html

 Thnx for ur time


 

[Little Mac]

Okay, there's a lot of blocked incoming TCP traffic, and a fair amount of blocked outgoing ICMP, which I'm guessing is probably related to your ISP; but we'll get to that later...

What I'm going to focus on right now is this entry:

Date/Time :2007-02-04 09:36:09
Severity :High
Reporter :Application Monitor
Description: Suspicious Behaviour (firefox.exe)
Application: C:\Program Files\Bon Echo\firefox.exe
Parent: C:\Program Files\Bon Echo\firefox.exe
Protocol: TCP Out
Destination: 127.0.0.1::2802
Details: C:\Program Files\Bon Echo\firefox.exe is an invisible application

In your Application Rule for Firefox, under the miscellaneous tab, it's not checked to allow it o be invisible (ie, connect without your knowledge).  And that's fine.  The 127.x.x.x address is a loopback, used for internal communication, and FF needs to access it silently.  This may be messing you up.  We can resolve that one very easily...

Go to Security/Advanced/Miscellaneous.  Make sure the two boxes, "Skip loopback... TCP/UDP" are checked.  Click OK.  Reboot your computer.

Now see if you can connect with FF, or IE.

LM

[shirish]

Better than before, I can browse but not when utorrent is on & the firewall is on also. When the firewall is off then I can browse as well as do utorrent. Utorrent works fine with the firewall on independantly, it still doesn't  work fine with FF independantly . I just get a screenshot which I don't understand.


Looking forward for ur reply & suggestions, thnx in advance

[Little Mac]

That traffic message is kind of odd; don't necessarily take it at face value.  What it means is that of the traffic that is present, utorrent is 98% of it.  With a torrent running, that's probably not unlikely.

However, have you created Network Monitor rules for utorrent?  And an Application Monitor rule?  If not, you need to.  Some basics with utorrent to get you the green light are:

In utorrent, you have to disable UPNP, and disable the automatic port setting.  Instead, manually indicate which port you want it to use. 

If you have a physical router, you'll probably need to set it up for port forwarding on that port. 

Then same thing in CFP.  Set the Application rule for that, and then the two rules for the Network Monitor as well. 

Here's a link to the tutorial on p2p apps.  http://forums.comodo.com/index.php/topic,411.0.html

It's also possible that with both your browser and utorrent fully active and in use, it's consuming the majority of your resources and bogging you down.  If you set the firewall to Allow All, can you browse and run utorrent at the same time?

LM

[shirish]

That traffic message is kind of odd; don't necessarily take it at face value.  What it means is that of the traffic that is present, utorrent is 98% of it.  With a torrent running, that's probably not unlikely.

However, have you created Network Monitor rules for utorrent?  And an Application Monitor rule?  If not, you need to.  Some basics with utorrent to get you the green light are:

In utorrent, you have to disable UPNP, and disable the automatic port setting.  Instead, manually indicate which port you want it to use. 

If you have a physical router, you'll probably need to set it up for port forwarding on that port. 

Then same thing in CFP.  Set the Application rule for that, and then the two rules for the Network Monitor as well. 

Here's a link to the tutorial on p2p apps.  http://forums.comodo.com/index.php/topic,411.0.html

It's also possible that with both your browser and utorrent fully active and in use, it's consuming the majority of your resources and bogging you down.  If you set the firewall to Allow All, can you browse and run utorrent at the same time?

LM

  I have bridged the router as I was having issues with manual port-forwarding. Correct me if I'm wrong but with bridging I do get  better throughput but at the cost of having open ports. The manual port-forwarding is a pain in the a**. Hence the need for a good firewall. I'll be posting in some-time both the network rules monitor as well as application rule monitors as they stand today. I did try setting as given http://forums.comodo.com/index.php/topic,411.0.html but the settings don't stick, in the sense the port settings don't stick there. Don't know wht the issue is there. But atleast utorrent works I have made so tht the upload & download speeds are 80% of the speeds I get so I can browse also. Lemme know where I'm going wrong .

[Little Mac]

shirish,

You might check out this thread about utorrent:  http://forums.comodo.com/index.php/topic,5785.msg42844.html#msg42844  It's shorter and more specific to utorrent.  Perhaps that will help.

Yes, I understand that bridging can speed things up at the expense of opened ports.  I think port forwarding is generally considered the answer.

As far as how you're doing with it, on that I can only point you in the general direction, as I haven't used p2p apps.  AOwl is far more knowledgeable than I on that, and has done a lot of work to test and get those figured out.

LM

[shirish]

Hi,
   Sorry but I un-installed Comodo firewall, it was giving me too many problems. I had to re-format my system just so I can browse easily. Another thing which I noticed tht Comodo firewall is good till 3 attempts in one session, meaning after the 3rd attempt its kinda unresponsive, it doesn't respond well to being forcefully turned on & remains off. Another suggestion would be to have some kind of FAQ and/or wiki so people know what settings are to be done if ur on the bridge mode or dial-up mode. I know its not a popular way of doing things but there are people like me who would be doing it . I do really hope tht the product does mature, remains free & becomes more usable in the long run

[Little Mac]

Sorry things got to that point, shirish.

One of the development team gave me some feedback on the issue and said that with the bridging done, there is a good possibility that it's throwing the firewall for a loop, causing problems with IPs being read and accepted, and the odd traffic logs.  Apparently bridging is a complex issue, and if not done absolutely correctly, can cause a lot of conflicts within the system.  For this purpose there are firewalls designed especially for bridging (you might check SourceForge).  It was indicated that reseting the router might (temporarily) resolve your issue.  As stated before, although it may be a bit of a pain, forwarding ports in the router setup is considered the better route to take.

However, you've obviously moved past that by uninstalling CFP and reformatting...

No doubt Comodo will take your experience and work from it, so as to continue to develop their product in effective ways.

LM

[comicfan2000]

Sorry things got to that point, shirish.

One of the development team gave me some feedback on the issue and said that with the bridging done, there is a good possibility that it's throwing the firewall for a loop, causing problems with IPs being read and accepted, and the odd traffic logs.  Apparently bridging is a complex issue, and if not done absolutely correctly, can cause a lot of conflicts within the system.  For this purpose there are firewalls designed especially for bridging (you might check SourceForge).  It was indicated that reseting the router might (temporarily) resolve your issue.  As stated before, although it may be a bit of a pain, forwarding ports in the router setup is considered the better route to take.

However, you've obviously moved past that by uninstalling CFP and reformatting...

No doubt Comodo will take your experience and work from it, so as to continue to develop their product in effective ways.

LM

Yes, the team is very intelligent and i'm sure they will figure it out. 


Paul

[Little Mac]

TNX for the PM, shirish.  I have not forgotten about you, and will look into that.  I'm posting this so it'll be a reminder to me to get back with you....

LM

[Little Mac]

Shirish, I PM'd you some info on bridging firewalls.  Hope it's helpful.

LM

[Tags:]