Comodo Firewall Wishlist V6

[Guest]

[jasper2408]

Please post what you would like to see in upcoming versions of Comodo Firewall Pro here.

thanks,

jasper

[AnotherOne]

1. Port Triggering for secure Torrent downloads as a plug-in that only loads when actually used:: http://www.portforward.com/help/porttriggering.htm
2. WhoIs service available on a right-click menu for the Firewall Logs entries.  (Script to open the WhoIs web page and paste the IP address into their data box).

3. More information accessible for applications that appear in the pop-up alerts.  File version, installation date, author/company, icon, digitally signed?, parent or startup source.

4. Quarantine for unknown files to permit scanning with an AV AS program.  Configurable "Send To" function to perform AV AS scans. 

[weaker]

I want four different buttons in the pop-up instead of that "Remember..." checkbox
- Allow (once)
- Allow always
- Block (once)
- Block always

So every decision I make only costs one klick which keeps the pop-up so inobtrusive as possible. Average Joe doesn't want to click a single time more than needed and in this case I don't want to do that either. 

[gibran]

Hallo,

Comodo has a very active Forum Community and V3 specifically suggest this Forum to ask for Support.

So in order to further improve support requests and troubleshooting V3 should have a Ruleset and Configuration Report.

This way Members don't have to post screenshots and export Logs.

There should be only one place to go to generate a full textual report that list all the rules in a textual or HTML format.
This will shorten mostly all support Topics and will reduce the need to ask for missing or incomplete infos.

It would be easier to post a report containing something like

iexplore.exe
ALLOW TCP OUT from IP any to IP any where source PORT is any destination port is 80
ALLOW UDP OUT from IP any to IP any where source PORT is any destination port is 53
BLOCK IP IN/OUT from IP any to IP any

iexplore.exe
DNS client Service ALLOW
Loopback Networking ALLOW
Disk ALLOW
Keyboard ALLOW
Computer Monitor ALLOW
Protected Files and Folders ASK
Protected Files and Folder Allowed List:
   C:\windows\temp\*
Protected Files and Folder Blocked List:
   C:\windows\system32\*

instead of attaching screenshots or writing a ruleset by hand.

Another way to improve support would be the ability to import a textual rule in an application. So if a member doesn't know how
to use the configuration dialogs it will possible to import another member generated ruleset for that app.

I guess that D+ Diagnostic can export its report too or provide a more detailed one in order to troubleshoot ceratin incompatibilities and issues.

[gibran]

Hallo,

V3 firewall alerts mimick thesame V2 details.
Anyway the current dialog implementation can be confusing.

I would like to suggest that V3 alert details should match V3 Firewall alert level or the user may be mislead.

Plus there should be an option to decrease the level of details a generated rule should have if the alert leve permit it.

So if an user has set a very high alert level  clicking Allow generate the usual detailed rule.
But using dropdown enabled buttons, if the user click on the down arrow part of the buttons there should be a menu listing all the other alternatives for lower alert level settings. This will add much more flexibility.

So a very high alert level dialog can create default rules with protocol ports IPs and in/out details but there will be a chance to generate less detailed rules using ANY. 

A very high alert dialog should have Five alternate rules (including the default one) an high alert dialog should have four alternate rules and so on.

[gibran]

Defense+ * policy is a huge improvement to acknowledge the need of few users which would like a less noisy HIPS.

as I tested this new setting to harden my security I found few features I needed (please if it was not intended don't remove it)

I can override trusted/installer poilicies and I can enforce protection even if CFP gui is closed.
I've not tested this extensively but I hope I'll be able to protect only few critical places at bootup too (a way to log V3 actions during bootup would be a nice addition)

It would be nice to have a * policy to handle bootup or host protection when V3 is closed.
Another addition would be the ability to finetune the installer policy to log all the changes and an option to add some conditional ask permissions (defaut to ask nothing, this way there will be no issues because ask is much like allow, but it will be possible to create an alternate protection ask setting)

A not operation would be useful too to archieve something like NOT in this path or NOT in this registry branch.

[Timo Schmidt]

A consistent "Summary" User-Interface


Hi there!

I just replaced Comodo 2.4 with the 3.0 version. The new features are superb and the lower consumption of ressources compared to 2.4 is a very nice thing too

But there are a few inconsistenies in the User Interface:

For example in "Summary" there are the following lines:


Network Defense

The Firewall has blocked 234 intrusion attempt(s) so far
The Firewall security level is set to Train with Save Mode

0 inbound connection(s)
0 outbound connection(s)

Why I'm only able to access the Firewall security level from this "summary"-page? When I see that there are 234 intrusion attempts I'd like to see those attempts without having to click through various menues. The same for inbound and outbound connections.

The correct description of this part of "Summary" should be (underlined = link)

Network Defense

The Firewall has blocked 234 intrusion attempt(s) so far
The Firewall security level is set to Train with Save Mode

0 inbound connection(s)
0 outbound connection(s)



There are other cases like in "Proactive Defense" which should be fixed soon to ensure an easy and fast access to points which require attention


Greetings and continue the good work


Timo

[Seal8]

I've noticed that when I setup my password for Comodo V3 it requires me to type in the password for each and every link (category) listed in Comodo V3 configuration.  Can't you set it up that once you have signed in and typed in your password in the configuration categories that you should only have to do this one time per session.  Not each and every time you click on a category.
Thanks for your consideration.

[gaby]

CPF 3.0.13.268.x32 XPpro SP2, up-to-date, Intel P4

Hi all,

Have to mention from the beginning that I'm very happy with ALL CPF v.3 behavior so far.
Thank you again for another great product!
1.
I have wished "a long time-ago"  and I still do, that my FW will warn me in the event of an attack attempt – port-scan, DDoS.... with an optional pop-up, color change, anything ...
I was running various FW tests out-there, GRC and similar, and none generated any logs.
Because I'm behind a PPPoE connection, I cannot use the check “and log” option in my last Network Global Rule:
"Block IP In Any Any...", otherwise the FW log becomes a traffic sniffer, logging all WAN activity.
Therefore, if something will eventually go wrong, I'll find out about it after it happened.
2.
Another feature nice to see, probably already mentioned before, would be the possibility to import, in a sub-category of “Blocked Net Zones”, databases in Peerguardian or similar formats, from disk or URL's when running p2p's. No clue how performance/ behavior can be affected by a 200k+ list of addresses or ranges.
3.
If FW rules, both application and network would automatically receive id's when created, it can be useful to see another column in logs, with the rule no. or id, generating that event. Can be handy for debugging and fine-tunning.
4.
I need to choose between separate configurations only for FW, not for also D+, like in a previous Beta.

Gabi

[yhancik]

Comodo would be perfect if on Firewall Alert it had a button similar to Kerio's Advanced Filter Rule.
(see this screenshot)

Basically it would allow to immediately create a custom rule from an alert pop-up, instead of going thourgh Firewall Tasks > Advanced > Network Security Policy.


For now i'm getting back to KPF, but this addition would finally make me switch

[LeoniAquila]

Hi, in addition to the post above of Timo Schmidt, I'd like to add:

Option to customize the links on the Summary page! It would be great to have shortcuts of my own choice, e.g. to rapidly access my application rules or the logs (like Timo suggests).

Thanks Comodo,
LA

[Natori]

Firewall Rule add/support IP list function.

Firewall can monitor and detect listen port created,  after ask user how do you do.

Firewall->"active connections" can support display listen port. (System and svchost.exe)

Summary->Traffic realtime support, or support display current  speed. (Total:XXXX.XXKB/s)


You may refer to KPF/SKPF. (Kerio Personal Firewall)

I like KPF and CFP too. (not SKPF)
Now I like CFP high than KPF. But CFP design not 100% win KPF.

sorry for my bad english.

[Eduardo]

+1!

Until you close the GUI, CFP shouldn't ask for password again.

[Seal8]

Yes it would be nice if the password worked the way u suggest but it doesn't on my Comodo v3.  It asks for a password on every single click on a different category config.

[JolietJake]

I'm voting for this!!

[Tags:]