Author Topic: New My Network Zones entry not working  (Read 15005 times)

Offline bladeanon

  • Newbie
  • *
  • Posts: 15
New My Network Zones entry not working
« on: June 19, 2008, 03:51:12 PM »
In CFP 3.0.25.378 I just added a new entry to My Network Zones:
 - Name: My IP
 - Address Type: Single
 - Address: 192.168.1.1

I then added the Zone (My IP) to the destination address of a network policy rule. When trying to connect to the address Comodo passes the rule and prompts me to Allow/Deny the connection.

If I edit the policy rule and change the destination address to a Single IP (192.168.1.1) instead of a Zone (My IP) , it works just fine.

Funny thing is; I have a bunch of existing single address zones that seem to be working fine.

Any ideas?  Thanks.

Offline bladeanon

  • Newbie
  • *
  • Posts: 15
In/Out rule not working with Zones
« Reply #1 on: June 19, 2008, 04:00:47 PM »
In CFP 3.0.25.378 I'm trying to set up a network policy rule for comms between safe networks:

My Network Zones
 - Name: Safe Networks
 - Address Type: Range
 - Address Start: 192.168.0.0
 - Address End: 192.168.255.255

I then added the Zone (Safe Networks) to the source and destination addresses of a network policy rule:

Network Control Rule
 - Action: Allow
 - Log: No
 - Protocol: IP
 - Direction: In/Out
 - Source Address: Zone: Safe Networks
 - Destination Address: Zone: Safe Networks
 - Source Port: Any
 - Destination Port: Any

This doesn't seem to work, even though the local and remote addresses for my connections are both in the Safe Network address range.  If I create two rules; one for inbound and one for outbound, it works.

Network Control Rule
 - Action: Allow
 - Log: No
 - Protocol: IP
 - Direction: In
 - Source Address: Zone: Safe Networks
 - Destination Address: Any
 - Source Port: Any
 - Destination Port: Any

Network Control Rule
 - Action: Allow
 - Log: No
 - Protocol: IP
 - Direction: Out
 - Source Address: Any
 - Destination Address: Zone: Safe Networks
 - Source Port: Any
 - Destination Port: Any

Any ideas?  Thanks.

Offline gibran

  • Average User
  • Comodo's Hero
  • *****
  • Posts: 5056
  • A bad workman always blames his tools
Re: In/Out rule not working with Zones
« Reply #2 on: June 19, 2008, 04:19:11 PM »
Network Control Rule
 - Action: Allow
 - Log: No
 - Protocol: IP
 - Direction: In/Out
 - Source Address: Zone: Safe Networks
 - Destination Address: Zone: Safe Networks
 - Source Port: Any
 - Destination Port: Any

This doesn't seem to work, even though the local and remote addresses for my connections are both in the Safe Network address range. 

Does Windows XP say your network adapter has limited or no connectivity?
Can you reset  your log and take a screenshoot of blocked packets in your logs and other global rules?
« Last Edit: June 19, 2008, 04:51:45 PM by gibran »
"In the beginning the Universe was created. This has made a lot of people very angry and has been widely regarded as a bad move."- Douglas Adams

Offline bladeanon

  • Newbie
  • *
  • Posts: 15
Re: New My Network Zones entry not working
« Reply #3 on: June 19, 2008, 07:23:14 PM »
Thanks for combining my two reported issues - though I believe they separate problems...

Okay, regarding the In/Out to same Zone issue - No - my adapter does not have limited connectivity.

Attached screen shots for your reference.  Thanks.

PS - It's probably important to note that the 10.6.x.x addresses are from a Cisco VPN client and the 10.2.x.x addresses are part of the remote VPN network.

[attachment deleted by admin]
« Last Edit: June 19, 2008, 07:25:15 PM by bladeanon »

sded

  • Guest
Re: New My Network Zones entry not working
« Reply #4 on: June 19, 2008, 07:43:17 PM »
Take a look at http://forums.comodo.com/bug_reports/network_control_rule_cannot_only_change_the_description_3025378_x32-t23946.0.html and http://forums.comodo.com/bug_reports/bug_3025_x32_firewall_my_network_zones-t23520.0.html , other reccent 3.0.25 bug reports.  Seems to be related new issues in 3.0.25.  Suggestion would be to go back to 3.0.24 until the problem is fixed-I am still using that and have no such problems.  You can get it at http://filehippo.com/download_comodo/ .

Offline gibran

  • Average User
  • Comodo's Hero
  • *****
  • Posts: 5056
  • A bad workman always blames his tools
Re: New My Network Zones entry not working
« Reply #5 on: June 19, 2008, 10:04:38 PM »
You may wish to export your configuration and revert back to a previous CFP version.

It looks that application rules have issues when a Network zone group is used.
Although the test cases are slightly different.

Does this issue affect Global rules in the same way?
Are non VPN networks affected in the same way?

On my machine here I setup a global rule to allow my LAN (one singe IP range) using allow IP IN/out source LAN dest LAN proto ANY followed by a block all IP in/out rule.

Lan connectivity was not affected.
"In the beginning the Universe was created. This has made a lot of people very angry and has been widely regarded as a bad move."- Douglas Adams

Offline AeoniAn

  • Comodo's Hero
  • *****
  • Posts: 317
  • V5.4 customized ROCKS!
Re: New My Network Zones entry not working
« Reply #6 on: June 20, 2008, 08:56:27 PM »
I'm reverting too. v25.378 rules are not trustfull b/c they are forgotten...

THANK's for the advice.  And let's wait for a new version.  AGAIN!
CIS v5.4 full (disabled SB & cloud)
W7-Ultim-x32-BR + XP-PRO-SP3-x86-BR + Ubuntu LTS x32
SBIE+sbiextra; PeerBlock v1.0+r; GPO/Secpol restricted rules + some more... (just in case)
Zero, Nada, No-one single infecction since 2006.
(REAL Thank's to COMODO! - steps ahead, always)

Offline bladeanon

  • Newbie
  • *
  • Posts: 15
Re: New My Network Zones entry not working
« Reply #7 on: June 20, 2008, 10:49:09 PM »
Okay - I seem to have figured it out - I had a pesky period '.' in one of my Predefined Firewall Policies.

It seemed to be affecting that applications' policy and at least some of the application policies that followed it.  Removing the period seems to have fixed everything.

It might be worthwhile for the CFP to validate these type of fields that obviously have naming restrictions.

I figured this out by setting up a very simple test configuration and things seemed to work okay.  Then I looked at my normal config to see what looked non-standard.  I guess I got lucky.

Thanks to everyone that replied!

Offline Haos

  • Newbie
  • *
  • Posts: 9
Re: New My Network Zones entry not working
« Reply #8 on: June 26, 2008, 04:49:03 PM »
From what i tried, the problem happens with both global and application rulesets.

Offline sergeyn

  • Newbie
  • *
  • Posts: 14
Re: New My Network Zones entry not working
« Reply #9 on: August 10, 2008, 01:37:55 PM »
Same here, new added network zones don't work

Offline AndyWarrior

  • Comodo Family Member
  • ***
  • Posts: 76
Re: New My Network Zones entry not working
« Reply #10 on: September 24, 2008, 01:18:46 PM »
Hi, if this can help, I have the same problem on my XP Pro sp3, Comodo firewall v. 3.0.25.378
It's interesting to see that any network zone added automatically by the firewall feature when it detects a new network is keeped and holded in memory, after rebooting too.
Any Network added manually or editing an existing one, added before automatically, is not keeped.
The program doesn't remember any manual entry/editing in this section, upon the next reboot...
Win 10 Pro x64 1809 - ASUS Prime Z270-A (BIOS 1302) - INTEL i5-7600K - NOCTUA NH-D15S - 16Gb RAM GSKILL TRIDENT X DDR4 [at] 3600 MHz - GIGABYTE AORUS GTX1080 8Gb - ENERMAX MODU87+ 700W - CASE THERMALTAKE VIEW 71 RGB - SSD SAMSUNG 960 EVO M.2 256Gb + 3 HDDs x 15Tb

Offline fOrTy_7

  • Comodo's Hero
  • *****
  • Posts: 594
New My Network Zones entry not working[RESOLVED]
« Reply #11 on: September 25, 2008, 04:25:43 PM »
This bug has been fixed in CIS beta2 which include new version of CFP (3.5 beta2).
« Last Edit: September 25, 2008, 04:28:06 PM by fOrTy_7 »

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek