Author Topic: CFP 3.0.9.229 BETA 32-Bit Bug Reports [CLOSED]  (Read 91742 times)

Offline rcbblgy

  • Comodo Loves me
  • ****
  • Posts: 130
Re: CFP 3.0.9.229 BETA 32-Bit Bug Reports
« Reply #165 on: October 07, 2007, 11:58:34 PM »
A post by rcbblgy prompted me to run som tests as to exactly when during the boot procces the fire wall went active.  I am pleased to announcehowever
Attached is the methodology from the test

I am sorry , I was wrong . I try it again , when CPF is being initalized , a program can not connect to Internet which has no rules , but CFP doesn't give me an alert , it just deny the program . However , Defense+ can't protect system when CFP is being initalized .

Offline pacechristopher

  • Newbie
  • *
  • Posts: 1
CFP 3.0.9.229 BETA 32-Bit is less stable than 3.0.8.214
« Reply #166 on: October 08, 2007, 06:04:47 PM »
CFP 3.0.9.229 BETA 32-Bit is less stable than 3.0.8.214 and still contains many of the same problems. Development seems to be going in the wrong direction. Here is my testing summary of 3.0.8.214. Version 3.0.9.229 problems with wireless connections make it un-testable for me. Even the most basic functions of the firewall contain bugs at this point, you should label it ALPHA. Most people don’t know whether or not the firewall is functioning or not, and many of the people on this forum are not attempting to use many of the functions that are in the product. I look forward to a functional, tested BETA version in the future. I certainly support your goals.

I've used Comodo Firewall for over a year now and I am anxiously awaiting a quality version that works on Vista, so I decided to donate some of my time to testing version 3 beta 2 (3.0.8.214). In my 25 years of performing software development and testing, I have experienced many alpha and beta products - this version definitely stretches the definition of beta. If you are not a computer professional, this beta version is not ready for you. An October 2007 release date is extremely aggressive. I hope we see a few stable beta and release candidates before the public version. Here are some of the problems I found. All of these comments apply to the 32-bit version on Windows XP (all service packs and updates applied).
(1)   The Comodo uninstaller does not reset the Windows Security Center after an uninstall. The security center still thinks that the Comodo firewall is installed and is turned off. Some other firewall products actually reset the registry keys and activate the built-in Windows Firewallwhen they are uninstalled.
(2)   [Known Problem, won’t be implemented until version 3 public release] Version 3 does not report correctly to the Windows Security Center, so the user gets notified of a security problem unless they deactivate monitoring.
(3)   Performing an application scan during setup does not set up rules correctly for (a) svchost and (b) explorer.exe, the user is queried anyway when these execute. The user is also queried about the following (may or may not be in the safe list yet) by both the firewall and defense+ – loopbacks (127.0.0.1), googleupdater.exe, wuaudt.exe (Widows Update), verclsid.exe, hamachi.exe, googleupdaterservice.exe, googleUpdaterInstallMgr.exe, & msiexec.exe (Windows Installer).
(4)   Windows XP has a known bug that causes icons not to be displayed in the task bar (after boot and afte ran explorer.exe crash). This affects the firewall icon. A workaround must be built into the firewall application to re-display the task bar icon occasionally.
(5)   Modifying the log file size from “options” resets the log file size to zero, at least that is what is reported.
(6)   Viewing Firewall Events brings up a dialog with a ‘more” button, clicking this button causes a Microsoft Visual C++ exception. The dialog shows no events. If there are a sufficient number of events (? don’t know the magic number), clicking the “more” button brings up the log viewer. User interface is inconsistent – Are they “events” or is it a “log”? Make up your minds and call it the same thing everywhere.
(7)   Running diagnostics indicates problems, but fixing them does not work.
('8')   Edit my custom safe list does not work; the safe list is not displayed for editing.
(9)   Installing version 3 does not save any settings or rules from a version 2 installation.
(10)   On Firewall Common Tasks, the user can define network zones with “My Network Zones”, and generate rules for a blocked network with “My Blocked Network Zones”. What happened to a rules generator for generating rules for a trusted network – “My Trusted Network Zones”? Again, very inconsistent user interface – leaving functions out, mixing definition of zones with wizards, etc. A much simpler interface is very doable.
(11)   Under “Attack Detection Settings” – “Miscellaneous” – “Block Fragmented IP Datagrams”, the word “barely” should be “rarely”. And what is this phrase supposed to mean – “This option must be disabled unless necessary…”? What makes it necessary? If you are going to give help or guidance, make it worthwhile. The advice makes no sense, after just explaining that fragmented IP datagrams are rarely needed.
(12)   Throughout the product, the “Apply” button is used incorrectly (not according to standard user interface practice). The “OK” button is missing and you are using the “Apply” button as an “OK” button. The “Apply” button is traditionally used to APPLY changes without leaving or closing the current dialog box. The “OK” button is used to APPLY changes and close the dialog.
(13)   Most of the product is built on an “allow”-“block”-“ask” model. So why did you change this model for “Protection Settings” and go to an “Active” – “Yes/No” model? This model is much more confusing for the user after you have already trained them on the first model. It brings up questions such as – What does Active mean? Does answering “No” make it Inactive? Is No the same as “allow”? etc.
(14)   The renaming of predefined security policies does not propagate properly. The old names show up in the network security policies.
(15)   After defining more than 3 predefined security policies in defense+, the drop-down box for “Treat this application as” on a Defense+ popup shows only 3 choices, even though more exist.
(16)   Viewing of the Firewall and Defense+ Events are both full of unimplemented functionality and outright bugs. They are not even in Alpha stage. Here are a few examples besides the ones already mentioned above – The “more” button should be grayed if there are no more to view. The “more” button is really an “Log Viewer” button. The log can only be cleared in the log viewer. The sorting by column does not work. The events in defense+ are in the reverse time order of the firewall events. Logs are not in there correct folders – for example, TODAY does not contain today’s events. Etc.
(17)   In the SAVE FILE Dialogs, there are no file extensions, for example saving a config file. Extensions should exist and be registered for the firewall application.
(18)   Now that you have separated the firewall RULES into “Application Rules” and “Global Rules”, a simple top down execution of rules from one list doesn’t exist anymore. In fact, throughout the forums you continue to state that the global rules take precedent over the application rules. That is not true any longer. If you test it, you will now see that you have confused either your programmers or your support personnel. Here’s what is really happening – (a) If I create an application rule to BLOCK some application behavior, this BLOCK rule will take precedent over any ALLOW global rule. (b) If I create an application rule to ALLOW some application behavior, this ALLOW rule will NOT take precedent over a BLOCK global rule that blocks the same global behavior. In other words, the BLOCK global rule takes precedent. (c) The GLOBAL rules are followed in a top down fashion. This is why so many people are experiencing problems with software like UltraVNC. They create Application Rules to ALLOW behavior, but the GLOBAL rule to BLOCK & Log incoming keeps the software from working.
(19)   It’s easy to demonstrate the behavior described in (18) above – create some application rules to BLOCK certain behaviors, then create a global rule to ALLOW it – you’ll see it blocked. Create 2 rules at the end of the global rules list – one to ALLOW all outgoing TCP/UDP & log, the next to BLOCK all incoming and outgoing IP & log. These are the last two rules after all other rules you created to explicitly ALLOW certain traffic. The first rule catches all the remaining outgoing traffic you failed to explicitly ALLOW and logs it. This will give you ideas for additional rules, but will keep you notified of suspicious behaviors.

Offline Little Mac

  • Forum Volunteer
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 6303
  • The Colonel told me to.
Re: CFP 3.0.9.229 BETA 32-Bit Bug Reports
« Reply #167 on: October 09, 2007, 10:39:33 AM »
Welcome to the forums, pacechristopher ~

A lot of the issues with this older version have already been addressed with the current release; I'm sorry your system has had such trouble with it.  The architecture went through significant changes with this release; thus (as per Egemen's release post) you cannot import the config files/profiles from the old version - he specifically requested that everyone do a clean install.

I completely agree on item 13.  I think it's confusing.

On eighteen I think you've misunderstood CFP's order of operations.  This does function exactly the same as 2.4, as far as controlling traffic and applications.  "Application Rules" = 2.4's "Application Monitor;"   "Global Rules" = 2.4's "Network Monitor." 

Your scenario is absolutely correct, but it's not a malfunction; it's because it's operating exactly as it is supposed to.  For INBOUND traffic, Network Monitor/Global Rules is applied first.  If it matches an Allow rule, it will pass through to Application Monitor/Application Rules.  If it matches an Allow rule, it will pass through to the behavioral control settings (ABA & Component Monitor/Defense +).   For OUTBOUND traffic, Application Rules are applied first; if approved/allowed, the traffic passes to the Global Rules.  Global rules filter from the top downward; architecture for Application rules is different than in 2.4, and I think (not 100% sure) that a complex rule structure for an individual application will filter the same way - thus if for application abc.exe you place a block rule before an allow rule, the app will be blocked.

There is a tutorial on CFP's layered rules in this thread, which you may find helpful:
http://forums.comodo.com/index.php/topic,6167.0.html  it was written for 2.4, but the theory still applies.

LM
These forums are focused on providing help and improvement for Comodo products.  Please treat other users with respect and make a positive contribution.  Thanks.
Forum Policy

fOrTy_7

  • Guest
Adjusting ports in 'A Port Range' works incorrectly.
« Reply #168 on: October 09, 2007, 01:29:12 PM »
Adjusting ports in 'A Port Range' works incorrectly. If you type a port number which is above 1000 and then you adjust the range using arrows (keyboard or GUI) then there will appear unnecessary 'Space' between digits and the final rule will be saved incorrectly.
e.g.:
Setting:
Start port: 1000
End port:   1 010
      
will be saved as:
Start port: 1000
End port:   1

OS: Windows XP 32-bit Pro SP2 + online updates.
Active protection: Avira Antyvir(the latest freeware version), BOClean 4.25
Passive protection: HOSTS file, Sbybot Search & Destroy, SpywareBlaster.
« Last Edit: October 09, 2007, 01:31:21 PM by fOrTy_7 »

fOrTy_7

  • Guest
Ports aren't verified when creating a new rule.
« Reply #169 on: October 09, 2007, 01:40:58 PM »
Ports aren't verified when creating a new rule. As we all know the valid port range is from 0 to 65535, but CFP doesn't check this at all when you create a new rule. You can type more than 5 digits and also negative value and this will be accepted and stored by CFP as a random port. Also I think that we shouldn't be able to type letters in fields designed to type ports just like in fields designed to type IPs.

OS: Windows XP 32-bit Pro SP2 + online updates.
Active protection: Avira Antyvir(the latest freeware version), BOClean 4.25
Passive protection: HOSTS file, Sbybot Search & Destroy, SpywareBlaster.

Offline axl

  • Comodo's Hero
  • *****
  • Posts: 491
Re: CFP 3.0.9.229 BETA 32-Bit Bug Reports
« Reply #170 on: October 09, 2007, 02:30:07 PM »
Installation cannot start, even in SAFE MODE.

Windows XP SP2
Compaq W4000 2.4 Ghz
1 gigabyte ram
ATI AIW 9700 Pro
SCSI drives

Visual Studio 2005 returns this message:

Unhandled exception at 0x028d083d in CFP_Setup_3.0.9.229_XP_Vista_x32_BETA.exe: 0xC0000005: Access violation reading location 0x003eead1.


Previous version and beta installed without problem.


(:AGY)

Offline gibran

  • Average User
  • Comodo's Hero
  • *****
  • Posts: 5056
  • A bad workman always blames his tools
Re: CFP 3.0.9.229 BETA 32-Bit Bug Reports
« Reply #171 on: October 09, 2007, 02:59:29 PM »
Installation cannot start, even in SAFE MODE.

Windows XP SP2
Compaq W4000 2.4 Ghz
1 gigabyte ram
ATI AIW 9700 Pro
SCSI drives

Visual Studio 2005 returns this message:

Unhandled exception at 0x028d083d in CFP_Setup_3.0.9.229_XP_Vista_x32_BETA.exe: 0xC0000005: Access violation reading location 0x003eead1.


Previous version and beta installed without problem.


(:AGY)

Please Look for CFP_Setup_3.0.9.229_XP_Vista_x32_BETA.exe Digital signature details using properties.
« Last Edit: October 09, 2007, 03:09:58 PM by gibran »
"In the beginning the Universe was created. This has made a lot of people very angry and has been widely regarded as a bad move."- Douglas Adams

Offline axl

  • Comodo's Hero
  • *****
  • Posts: 491
Re: CFP 3.0.9.229 BETA 32-Bit Bug Reports
« Reply #172 on: October 09, 2007, 03:12:06 PM »
Please Look for CFP_Setup_3.0.9.229_XP_Vista_x32_BETA.exe Digital signature details using properties.

"Digital Signature Information
This digital signature is not valid.
Signer information
Name: Comodo CA Limited
Email: Not available
Signing time: Friday, September 28, 2007 9:31:11 AM"

"Issued to: Comodo CA Limited
Issued by: UTN-USERFirst-Object
Valid from 5/13/2007 to 5/13/2010"

Is there some other information I should be looking for/posting?

Offline axl

  • Comodo's Hero
  • *****
  • Posts: 491
Re: CFP 3.0.9.229 BETA 32-Bit Bug Reports
« Reply #173 on: October 09, 2007, 03:23:20 PM »
Please Look for CFP_Setup_3.0.9.229_XP_Vista_x32_BETA.exe Digital signature details using properties.

Ok, gotcha.
Redowned file, sig checks ok, install starts ok...

Of the hundreds of files downed, this is a first...

IAC, Thanks!

Offline xiuhcoatl

  • Unaffiliated Forum Volunteer
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 911
Intermittent CFP errors on boot
« Reply #174 on: October 09, 2007, 05:38:41 PM »
I am pretty sure that these errors are on happening on cold boot.  I can not think of anything I have done differrent on shutdown or start up. The have been happening since 3.0.8 and continue to happen on 3.09.  I think they started when I installed memory guardian.(This was uninstalled due to the fact I thought it generated thes errors) I am not sure what version

As I said they are intermittent and I believe CFP conntinues to function after they appear althought the interface must be stated from the start menu.  Ussually  my practice has been to click OK on both and the start the interface from the start menu
they pear in this order
CFPA3.0.2.5_error 01.jpg
CFPA3.0.2.5_error 02.jpg

I  have not reported these before and I don´t know if they have been reported previously by anyone.


Thanks
OD

[attachment deleted by admin]
« Last Edit: October 09, 2007, 05:56:47 PM by Opus Dei »
When things go wrong, and they usually will,and your daily road, seems all uphill, when machines are down,and tempers high, when you try to smile, but can only cry,and you really feel you'd like to quit, don't run to me I don't give a sh*t.
(A semi retired systems analyst's credo)

Offline panic

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 11728
  • Linux is free only if your time is worthless.;-)
Re: CFP 3.0.9.229 BETA 32-Bit is less stable than 3.0.8.214
« Reply #175 on: October 09, 2007, 05:41:19 PM »
G'day,

Firstly thanks for taking the time to A) dig deeply into CFP and B) posting your finding here. Now that they are out of the peak development cycle and have been allowed up for air, the dev team constantly monitor these forums. Please be assured that your comments will be considered. They may not be actioned, but they will not be ignored.


(1)   The Comodo uninstaller does not reset the Windows Security Center after an uninstall. The security center still thinks that the Comodo firewall is installed and is turned off. Some other firewall products actually reset the registry keys and activate the built-in Windows Firewallwhen they are uninstalled.


While scrubbing settings from the registry is one answer, removing the references this way doesn't remove the WMI info stored in the repository, which  is the root cause of the WSC alerts, not the registry. Ideally, both will be done (WMI removal and reg. removal).

Quote

(4)   Windows XP has a known bug that causes icons not to be displayed in the task bar (after boot and afte ran explorer.exe crash). This affects the firewall icon. A workaround must be built into the firewall application to re-display the task bar icon occasionally.


Is it a bit harsh to expect a third party app to develop a fix for an known, underlying OS issue? It'd be nice if it did, but I, for one, don't expect them to. The disappearing system tray icons are acknowledged as a bug by MS. They don't have a definitive casue, nor do they have a definitive long term solution. Besides, if Comodo fixed everything in the OS it'd be call *nix.  ;)

Quote

(7)   Running diagnostics indicates problems, but fixing them does not work.


This has been reported to, and acknowledged by, the dev. team.

Quote

('8')   Edit my custom safe list does not work; the safe list is not displayed for editing.


Works consistently on 30+ PCs here. I've never actually heard of a report of this not working. Is this reproducible on another PC or isolated to a single instance?

Quote

(10)   On Firewall Common Tasks, the user can define network zones with “My Network Zones”, and generate rules for a blocked network with “My Blocked Network Zones”. What happened to a rules generator for generating rules for a trusted network – “My Trusted Network Zones”? Again, very inconsistent user interface – leaving functions out, mixing definition of zones with wizards, etc. A much simpler interface is very doable.


OMG~! I can't believe that you didn't think to look under "Stealth Ports Wizard"!  :D

Quote

(12)   Throughout the product, the “Apply” button is used incorrectly (not according to standard user interface practice). The “OK” button is missing and you are using the “Apply” button as an “OK” button. The “Apply” button is traditionally used to APPLY changes without leaving or closing the current dialog box. The “OK” button is used to APPLY changes and close the dialog.


Well picked up. We should all give ourselves a collective uppercut for not picking this up earlier.

Quote

(14)   The renaming of predefined security policies does not propagate properly. The old names show up in the network security policies.


This also has been previously reported.

Quote

(16)   Viewing of the Firewall and Defense+ Events are both full of unimplemented functionality and outright bugs. They are not even in Alpha stage. Here are a few examples besides the ones already mentioned above – The “more” button should be grayed if there are no more to view. The “more” button is really an “Log Viewer” button. The log can only be cleared in the log viewer. The sorting by column does not work. The events in defense+ are in the reverse time order of the firewall events. Logs are not in there correct folders – for example, TODAY does not contain today’s events. Etc.


During the dev. cycle, there was a change from one database to the current SQL Lite one.  Perhaps this has something to do with the current Log Viewer issues, as it used to be smoother than it is now.

Again, thanks for your detailed postings. Please continue to contiribute, this is how we all end up with what we want/need.

Cheers,
Ewen :-)
As your mums would say, "If you can't play nice with all the other kiddies, go home".
All users are asked to please read and abide by the  Comodo Forum Policy.
If you can't conform, don't use the forum.

Offline TronixA8372

  • Comodo Member
  • **
  • Posts: 31
Bug: Version 3.0.9.229 won't always prompt for user action and one other bug.
« Reply #176 on: October 09, 2007, 10:11:38 PM »
In using the Beta software, I have found that I like it more than version 2.0 because it's easier to set the permissions and they seem to work for the most part. The first bug has something to do with the fact that the program isn't detecting that I'm using certain software such as Microsoft Word and it was causing problems with Word being able to print even though my print drivers were set up correctly. If I close Comodo and Word, then restart Comodo then launch Word again, it will then prompt me to set the permissions. After this the program usually works. I have seen this happen with Caldendarscope as well so I'm not sure why the software will block something without asking.
    My second small gripe is that a Trusted application should be allowed to accept uninitiated connections such as with a proxy server software I have. Even though the software is marked as trusted, the Firewall side of the software continues to block incoming connections on it's port (443 in this case). I had to put a rule on the firewall side to always allow port 443 because the Defense+ rules won't override any of the set firewall rules.
Thanks!!

Offline axl

  • Comodo's Hero
  • *****
  • Posts: 491
Re: CFP 3.0.9.229 BETA 32-Bit Bug Reports
« Reply #177 on: October 09, 2007, 10:28:43 PM »
I have been a fan of Comodo since 2.4, but this is should not be called beta.
Twice in an hour I have tried to click on Defense+ dialog box that would not accept click.
Beta is for minor cosmetic difference; for this Alpha I had to Ctrl-Alt-Del to Task Manager to do log off just to regain control of system.
Your developers need to go back down in submarine to coding basement to complete job.
No way this can be ready for even November release without that!

Offline grampa

  • Comodo's Hero
  • *****
  • Posts: 392
Re: CFP 3.0.9.229 BETA 32-Bit Bug Reports
« Reply #178 on: October 10, 2007, 03:53:58 AM »
Hey,
I don't know if this has already been addressed as I haven't read every single bug report but I just tried to update Firefox and there was no chance to do that. I usually use Opera, so I somehow didn't get round to updating FF. However, even with 'treat as Windows installer' the update would always stall after about 1/3 was completed. So I did it in safe mode; no problem. But then CFP wouldn't alert me that the cryptographiv signature had been changed. It let the updated version of FF open without complainig.
Otherwise it's been working smoothly and I love it (though I haven't yet understood everything  ;) )
Cheers,
grampa.
"It is a mistake to think you can solve any major problems just with potatoes." (Douglas Adams)

Offline TronixA8372

  • Comodo Member
  • **
  • Posts: 31
Bug: Version 3.0.9.229 won't always prompt for user action and one other bug.
« Reply #179 on: October 10, 2007, 03:36:10 PM »
     I had posted before in the parent topic folder and it was deleted so I thought I would post the bug here since this is probably where it belongs. I have noticed that Comodo seems to cause applications such as Calendarscope and MS Money to freeze. When Comodo is shut down, the application becomes responsive again.
     Another issue is where Comodo will not allow an application to connect to a system object such as the print devices. The only way to correct this problem is to shut down commodo and the application, restart Comodo then offending application. Comodo should now prompt you for an action at this point.
     Thirdly I have noticed that the Firewall rules will prevail over a Trusted application. I use Psiphon on my machine and the software listens on port 443. With Comodo running with default firewall rules, it will still block port 443 inbound connections even if the application is trusted. The only way to allow inbound connections to an application like this is to open the port up on the Firewall section of the program. These minor bugs should hopefully be fixed by the full release version of the software.
     On the positive side, I haven't experienced any BSODs or crashes and the program seems pretty stable. A big change from using Agnitum's products.

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek