3.0.13.268: Firewall Events

Please consider adding some kind of directional info (ideally arrows or In/Out, etc) within the firewall events. Although most events will be inbound, some (as shown) or broadcasts may be outbound. This will make it easier to read the logs.

:slight_smile:

[attachment deleted by admin]

I agree. It was one of the first things I noticed when I first checked the log: something’s missing

I would also like to see “Local” and “Remote” used instead of “Source” and “Destination”. I understand how Source/Destination works but from a beginners point of view, I feel Local (my computer), Remote (other computers) makes more sense.

:slight_smile:

That isn’t going to happen. If the devs liked the idea on that they would’ve changed it in v3 already.

If it is a developer decision, the developers seem to lack sense of history in terms of what user approaches worked well for previous packet rule firewalls. Even the late, lamented Kerio 2.1 used local and remote in their rules and logs. There was very little confusion on the part of the user, and they also included the directional arrows just in case. Logging and Policies are missing a number of things that power users need. Like numbered rules so source of blocks can be unambiguously determined. Like adding implicit rules to the Policies when they become explicit through use of the triggering application. Like a log all capability (Sygate style) for chasing down difficult problems. And probably other favorites of the various users. I am uncomfortable with the amount of stuff I need to accept on faith with Comodo and am unable to verify from the logs and Policies. Particularly with a significant number of behaviors that are different between user, different between XP and Vista-even things like Tracert are unexplainably ambiguous. ???

I agree Soyabeaner, that “local/remote” probably won’t get added to CFP now that it is final :'(. Both styles achieve the same results yet “source/destination” complicates things and isn’t it all about making things easier for the user ???. Maybe I’ve been using SPF (Kerio’s firewall) for too long :).

Doesn’t CFP3 have a “log all” type rule set in “Global Rules”?

:slight_smile:

You mean you would like a feature in the Global Rules screen to toggle between logging everything on and off ???

Yes, a debug mode for chasing down obscure problems-often caused by the Comodo “secret rules” that don’t appear anywhere the users can see them and evaluate their effects. See Tracert discussions, for example. Couple this with numbers for unique rule identification and it would be even more valuable-leave the “secret rules” blank so we can deal with Comodo over them.

Sorry Soyabeaner, this was in reply to sded’s comment. I’m happy how things are ;D.

:slight_smile: