Author Topic: V-3.0.14.276 D+ settings to allow Firefox downloads  (Read 122404 times)

Offline seed.helper

  • Comodo Loves me
  • ****
  • Posts: 105
Re: V-3.0.14.276 D+ settings to allow Firefox downloads
« Reply #15 on: December 24, 2007, 08:48:32 AM »
Just did a re-install of CFP 3 and it did not make any difference.  This is the only glitch that I have with CFP and I just can't get it to work so that Firefox allows downloads.  Is there some way that I can check what is happening when I click download on FF?  I tried logging when FF rule is fired and the logs say everything is allowed. I have tried allowing the temp\* folder as safe,  I have tried allowing all of FF as safe.  I need some more ideas.

John

Just disabled CFP firewall security and Defense+ and it didn't make any difference.  Must be something wrong with Firefox.  Tried FF version 2.0.0.9 same problem.

are you sure that isn't a virus ?
a just want to have sure...

cheers

sded

  • Guest
Re: V-3.0.14.276 D+ settings to allow Firefox downloads
« Reply #16 on: December 24, 2007, 09:13:03 AM »
Does FF fail on both http and ftp downloads?  And all sites?  Did you log all of the rules?  Are you using the attached ruleset with all ports allowed for ftp?  Is FF set as a trusted application?  In FF options/main do you have FF configured to show the download window?  When you try to download, does nothing apper or do you get an error message?  I don't use CAVS-does it scan web traffic?

[attachment deleted by admin]
« Last Edit: December 24, 2007, 09:24:36 AM by sded »

Offline seed.helper

  • Comodo Loves me
  • ****
  • Posts: 105
Re: V-3.0.14.276 D+ settings to allow Firefox downloads
« Reply #17 on: December 24, 2007, 01:30:19 PM »
Does FF fail on both http and ftp downloads?  And all sites?  Did you log all of the rules?  Are you using the attached ruleset with all ports allowed for ftp?  Is FF set as a trusted application?  In FF options/main do you have FF configured to show the download window?  When you try to download, does nothing apper or do you get an error message?  I don't use CAVS-does it scan web traffic?

its a very strange problem... sometimes gives me an error while downloading and sometimes download correctly...

  :(

i dont understand here the problem is...  :-X

sded

  • Guest
Re: V-3.0.14.276 D+ settings to allow Firefox downloads
« Reply #18 on: December 24, 2007, 01:41:02 PM »
Make sure you have the DNS rule in your ruleset.  Sometimes the downloads are on a different server/IP address than the actual website.  Is ftp download vs http download a factor?  What error do you get when it doesn't download correctly?

Offline JJasper

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 1655
Re: V-3.0.14.276 D+ settings to allow Firefox downloads
« Reply #19 on: December 24, 2007, 01:49:48 PM »
Does FF fail on both http and ftp downloads?  only on http
And all sites?  I tried several sites both ftp and http
Did you log all of the rules?  attached my log
Are you using the attached ruleset with all ports allowed for ftp?  yes, changed port 21 on ftp to any
Is FF set as a trusted application?  No, set as web browser
In FF options/main do you have FF configured to show the download window?  yes
When you try to download, does nothing apper or do you get an error message?  I get the error message attached.  The temp file is always different but same path.
I don't use CAVS-does it scan web traffic?no

Thanks for all your help sded and seed.helper, I'm sure we will eventually get it figured out.

John -  Did a Trend Micro scan for viruses - nothing

Also the blocks in my log are before I switched to any from port 21.  Now the logs all say allowed for everything.

[attachment deleted by admin]

[attachment deleted by admin]
« Last Edit: December 24, 2007, 02:11:33 PM by JJasper »

sded

  • Guest
Re: V-3.0.14.276 D+ settings to allow Firefox downloads
« Reply #20 on: December 24, 2007, 02:19:17 PM »
Your log says you are only blocking passive ftp, and only some of the time.  The port 21 is the control connection, and is followed by the passive tcp data connection to an arbitrary port, which is sometimes blocked.  All the port 80 http stuff is allowed.  Some of the later log entries make no sense, like with multiple control connections with no data connection attempts, followed by http.  Worth rechecking your ftp rule again-an allow/tcp/out/any/any/any/any rule shouldn't show those blocks no matter what else you allow as long as you also allow DNS.  It covers loopback, http also.  ??? 

Offline JJasper

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 1655
Re: V-3.0.14.276 D+ settings to allow Firefox downloads
« Reply #21 on: December 24, 2007, 02:46:55 PM »
All my logs have no blocks in them now.  I checked ftp rule it is allow - tcp - any - any - any - any. Tried setting DNS destination from port 53 to any.  Nothing.  Tried setting HTTP destination from set of HTTP ports to any. again nothing.  Global rules are default.  I put the temp folder in the D+ protected files folder with a * for allowed.  Put it in the D+ run an executable for allowed.  I clicked apply about 4 or 5 times.  Put FF\* in both as well.  Still nothing, I still cannot download HTTP.

John

sded

  • Guest
Re: V-3.0.14.276 D+ settings to allow Firefox downloads
« Reply #22 on: December 24, 2007, 04:55:17 PM »
Which default set of global rules do you have?-there are more than one.  Again, your log shows you are not blocking http downloads (which would be a block of port 80) but only passive ftp downloads, the stuff after a tcp connection to port 21.  Do you have the DNS Client service turned off?  Or  other significant services that are usually on auto?  And FF is defined as a Web Browser?  Your log doesn't seem to match the description of your rules. ???  What are the firewall rules for CAVS?-Avast! can grab onto and confuse http requests, but I don't know CAVS at all.  Maybe add allow/tcp/out/any/any/any/any to CAVS rules?  Have you tried killing BO Clean, which has caused some issues with D+ in earlier posts?  I also don't use BOClean. ;)  But your Comodo rules sound fine, don't match the log, so where else is the problem?

Offline JJasper

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 1655
Re: V-3.0.14.276 D+ settings to allow Firefox downloads
« Reply #23 on: December 24, 2007, 06:03:51 PM »
Hi Ed

Here goes another round.
Which default set of global rules do you have?-there are more than one.  Again, your log shows you are not blocking http downloads (which would be a block of port 80) but only passive ftp downloads, the stuff after a tcp connection to port 21.  Do you have the DNS Client service turned off?  Or  other significant services that are usually on auto?  And FF is defined as a Web Browser?  Your log doesn't seem to match the description of your rules. ???  What are the firewall rules for CAVS?-Avast! can grab onto and confuse http requests, but I don't know CAVS at all.  Maybe add allow/tcp/out/any/any/any/any to CAVS rules?  Have you tried killing BO Clean, which has caused some issues with D+ in earlier posts?  I also don't use BOClean. ;)  But your Comodo rules sound fine, don't match the log, so where else is the problem?

1. Global rules in attached photo
2. DNS Client service is turned on as is everything on the D+ Monitor settings tab.
3. FF is defined as Web Browser.
4. The logs now are not blocking anything at all but still get the same error msg.
5. Put FF, BOC,CMF,and CFP all in CAVS HIPS exclude list.
6. Tried killing BOC,CMF and CAVS all at the same time and disabled all their services as well.

It is probably something simple once we figure it out.  I appreciate your tenacity.

Thanks and have a Merry Christmas

John

[attachment deleted by admin]
« Last Edit: December 24, 2007, 06:06:36 PM by JJasper »

sded

  • Guest
Re: V-3.0.14.276 D+ settings to allow Firefox downloads
« Reply #24 on: December 24, 2007, 07:09:12 PM »
And FF /Options/ Advanced/Network/Settings shows direct connection to internet?  Merry Christmas.  Maybe all this data will give someone an idea. ???  Regards; Ed.
« Last Edit: December 24, 2007, 07:11:50 PM by sded »

Offline seed.helper

  • Comodo Loves me
  • ****
  • Posts: 105
Re: V-3.0.14.276 D+ settings to allow Firefox downloads
« Reply #25 on: December 25, 2007, 03:42:03 PM »
And FF /Options/ Advanced/Network/Settings shows direct connection to internet?  Merry Christmas.  Maybe all this data will give someone an idea. ???  Regards; Ed.

well is strange because i trust in comodo and i never tried another firewall in long time.... but in my laptop i have recently formated and this error apears again... i think is from comodo firewall....

but i continue to say... its a very strange error and im afraid to go to site of my bank

sorry for my bad english

merry  christmas

Offline lobster

  • Comodo Family Member
  • ***
  • Posts: 63
Re: V-3.0.14.276 D+ settings to allow Firefox downloads
« Reply #26 on: December 25, 2007, 10:31:35 PM »
Don't know if this will help but...what I would try in this situation is to remove ALL rules relating to FF from Firewall and D+, then modify the "Web Browser" rule to have a "Ask and log" rule at the bottom instead of the default "Block" rule. Now try a download and allow any popups generated - these will show up in your firewall logs for checking out and modifying any rules after the download has (hopefully) completed. I had problems getting some things to work correctly at first using the default web browser rule - which is why I modified it as below...no probs since then.
You might also want to check that there are no folders listed under D+ > Computer Security Policy > Application System Activity Control > Process Access Rights > Protected Files/Folders [Modify] > Blocked Files/Folders.
These are the settings I am using without any issues on 4 PC's.



[attachment deleted by admin]
« Last Edit: December 25, 2007, 11:49:13 PM by lobster »
Windows XP Home 32x SP2
Celeron 2.66Ghz 768MB Ram
Comodo Firewall Pro 3.0.18.309
avast! AntiVirus 4.7 Home Edition

Offline JJasper

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 1655
Re: V-3.0.14.276 D+ settings to allow Firefox downloads
« Reply #27 on: December 26, 2007, 01:07:46 PM »
Thanks lobster

Quote
remove ALL rules relating to FF from Firewall and D+, then modify the "Web Browser" rule to have a "Ask and log" rule at the bottom instead of the default "Block" rule.
  Done

Quote
Now try a download and allow any popups generated - these will show up in your firewall logs for checking out and modifying any rules after the download has (hopefully) completed.
  Opened FF and tried the download.  Allowed 2 popups but download failed the same as before.  Logs show all allowed. (see photo)

Quote
check that there are no folders listed under D+ > Computer Security Policy > Application System Activity Control > Process Access Rights > Protected Files/Folders [Modify] > Blocked Files/Folders.
  See photos

There was no change at all in my downloads and no logging that I can use to make a rule.

Did this help you at all seed.helper?

I will keep on trying.  Any more ideas from anyone?

John

[attachment deleted by admin]

Offline JJasper

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 1655
Re: V-3.0.14.276 D+ settings to allow Firefox downloads
« Reply #28 on: December 26, 2007, 02:04:12 PM »
Just another update

I downloaded Opera to test my download problem on it as it does not cause the problem in IE7.  It worked perfectly with Opera as "Custom" in application rules of network security policy.  I am still going with my previous theory that it must have something to do with Firefox, and not CFP 3.  CFP works flawlessly on everything else that I am leaning to the idea that it has nothing to do with CFP.

The only problem is that I prefer Firefox to Opera and really want to get it working properly.

I welcome your thoughts and ideas

John

Offline seed.helper

  • Comodo Loves me
  • ****
  • Posts: 105
Re: V-3.0.14.276 D+ settings to allow Firefox downloads
« Reply #29 on: December 26, 2007, 02:47:43 PM »
Did this help you at all seed.helper?

I will keep on trying.  Any more ideas from anyone?

John

No that dont worked...

sorry...

or this is a nasty virus or i dont understand what it is!

cheers

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek