a question from a gamer's perspective.

ok i serve a game called Tachyon the Fringe / multiplayer online.

Comodo is the first FW solution that has allowed me to view conections in real time,
and also display the incoming IP address, along with the ports.

heres my question:

after installing the beta, (126) i served the game and it popped up a box and i clicked remember and allow.
now i can run a 2nd instance of the game to enter as a player which also pops up its box because its a separate install of the game, with its own path .

fine no problems so far.

i can serve, the game shows up in the novaworld lobby.
i can also run a 2nd instance and enter my own game, serving above.

now if someone tries to connect and join the game they say it blocked them.

ok heres what i did.

i removed that 1 “block & log” rule that comes by default.

then everyone started showing up ingame.

is THAT what was blocking the ppl from getting in?

also:

do i just tell the fw that tach is ok? ( define a new trusted app)
and do games have a parent application or do i leave that blank?
also, do i also have to make ports rules so it doesnt block the game server ports?
2766 (incoming) and 6862 (outgoing) UDP

i was able to serve the game the other nite,
and most everyone got in,
but i just want to know once and for all the correct way.

ALSO:and this is important to me as a game adminsitrator/server guy.

can Comodo keep a log of all people connecting to my game?
i mean does it only log attacks or does it log everything?

if it doesnt thats my suggestion from a gamers point of view since it already can display all of that can we have an option to select which types of connections it logs?

so that i can just setup a pc to serve the game and come back in an hour pull up a log and see all connections and ips of all players in the game?

now that would rule!

Thank you for such a cool product as this !

so any gamers out there? how do you config for game serving?

edit: also theres a few submenus in the Advanced Security Configuration section.
how many of those switches need to be on to serve a game?

i dont want the fw to interfere with the game yet it should provide protection,
just want to be sure im copasetic with the Comodo devs.

Thanks in advance !

Slippster

Have Fun! (R)

First you need to put the block rule back!
Thats the main protection for your PC.
You should make rules in network monitor for your server ports instead.
Check the log option and see what kind of info you will get.
Network monitor works like a router, so you have to “forward” port(s),
like you do in a router, for apps like Torrent/P2P.

Go to Network monitor (security/network monitor).
Right click on your top rule and add/add after.
Do these settings.

Action : Allow & log
Protocol : UDP
Direction : In
Source IP : Any
Destination IP : Any (or zone if you have one)
Source Port : Any
Destination Port : A single port : 2766

If it doesn’t seem to work, restart CF or reboot your PC.

Always remember to place your allow rules you make, above the default block rule.
Network monitor reads the rules from the top to the bottom.

Also check the log in activity/logs and try to see which rule that blocks your app.

You should not need to make a out rule since there is a default out rule for “any”.
You can add the game as a trusted app.
I don’t know if you need it for game servers, but for a web/ftp server you often need to go to security/advanced/misc and check the “skip loopback … TCP/UDP” option.

If your game still get blocked, you can check the log what ports and what rule that stops it.
Try this and report back here how it goes.

since i couldnt duplicate the rule for that 1 block, i just reinstalled beta 126.
the block rule is back now.

ill experiment tomorrow and see if i cant put together a port based rule then,

Thanks for the help on this, i really appreciate your time.

Ok.
Report back here how it goes.

this is giving me a headache.

in the rule box ;

source = player connecting to me? their ip?
destination = my machine?
those words are innocuous, confusing, and seemingly interchangeable.

very confusing.

I entered that rule as you instructed,
rebooted and ill run the game now and see what happens.

“server” is a generic gaming word.

im “serving” a game not “running a server”

im not offering files for download,
im serving a 1st person- space combat- flight sim; GAME.

i dont completely understand how it connects but thats what im “running”

will post more when i have more…

why does it matter where it is on the list ?

at any rate its in the #1 slot

OK GAME RUNNING

http://gamingpix4.com/pix/Tachserver.png

display above shows ONLY THE GAME with no ppl in it yet.
************************************************8
also 1 player was able to enter ( tachs a dying game sadly)

so far so good, will monitor…

Thanks buddy. ill keep you posted.

im still not confident about this. but im learning. (S) (R)

results:

for a long time was only me and 1 other guy.
then 2 others showed up.
so i guess im ok now.

is this right? this is the game-server rule:
should i “allow all activites” or what i have here?

http://gamingpix4.com/pix/isthisright.png

i also have this configged under Miscellaneous tab:
is this ok?
remember this is just a game and nothing else runs while the game is being served except maybe a 2nd instance of the game running that i use to play.
( one instance serves, 2nd is for me to enter and play)

http://gamingpix4.com/pix/alsothis.png

About network monitor rules, and why the order of them matters…
They are read from the top to the bottom, so a connection starts with rule ID 0 and try to get in. If that doesn’t work it tries with ID 1 and so on… Finally, if you don’t have an allow rule for that connection, the last block rule stops it.

For a IN rule “the others” are source, and YOU are "destination. For out it’s the other way around. That why I prefer to keep the rules separate, instead of both in/out on the same rule, I make one IN and one OUT rule.

Most often in a IN rule you have ANY on source IP and port, and your IP/zone/any on destination IP and the specified port on destination port.

I hope it works for you now.

Hey slippster,

The terms source and destination as they apply to CPF can be a bit confusing at first, because what they mean depends on whether the rule is an inbound rule or an outbound rule.

INBOUND RULES
Source IP : This means the other person “out there” that is trying to initiate contact with you.
Destination IP : This is you

OUTBOUND RULES
Source IP : This is you - you are trying to initiate contact with something outside your PC
Destination IP : This is whatever you are trying to contact.

Although you can set up IN/OUT rules in CPF, I believe it is better to have separate IN rules and OUT rules. While this may mean that you have more rules, it makes it easier to work out what’s gone wrong when/if something goes pear shaped, as you can turn on logging for either rule.

"server" is a generic gaming word.

im “serving” a game not “running a server”

im not offering files for download,
im serving a 1st person- space combat- flight sim; GAME.

i dont completely understand how it connects but thats what im “running”

Your game server is a software component running on your PC listening on a specific port for people to contact and join the game you’re hosting. To allow them to contact your server, you have to have a CPF network monitor rule that allows inbound contact on the port required for the server.

why does it matter where it is on the list ?

at any rate its in the #1 slot

CPF reads the network monitor rules from position 0 downwards. Whenever something is trying to get in or out, CPF first tests the request against rule 0. If it does not meet that criteria, it is then tested against rule 1, then 2, then 3 and so on, until it either A) metts the criteria of a rule or B) gets all the way to the bottom of hte list where it will be blocked by the default “catch-all” blocking rule. This is why the position of the rule is important and explains why the catch-all rule MUST beat the bottom of the list.

Hope this helps,
Ewen

edit:
i dont think you answered my question about the application control rule
in the screnshot above.

I now understand the network rules setup ( Thank You, so much!)

but i need clarification on the application control rule window.
scroll back up to that screensot, please.
( destination is me? + the other questions at the screenshot )

Thanks again, guys.
Slip

oh my gosh! you guys are awesome! a million thank yous ! :BNC

you have just made my universe a much happier place to live in.

ok now that we solved that,

one last request:

will comodo output some kind of file showing all connection attempts to my game?
( i know comodo isnt setup to monitor JUST my game)
but id like to have a login list of all ips that connect to my pc and thus my game so that if anyone hacks or cheats i can put their IP on a block rule.

can comodo do this?

or does the log only show attacks?

can you walk me thru how to obtain such a log? thanks guys you rock!

and if it doesnt this would be my suggestion for such a cool feature for gamers!!

now i gotta rethink my rules setup, now just my brain just melted… (:LGH)

edit; in fact if your devs put on their GAMER hat, you guys could build SPECIFIC GAMERS features into Comodo which would truly make Comodo a stand out product from anything the competition has to offer.
example: maybe have a gamers tab with everything that pertains to serving games in 1 spot.
network rules, ip rules, logging, think of it as an extension to whats already there,
but more user friendly for noobs.

just something to think about… (:WIN)

" the only BAD idea is the one left unexpressed"

First, you can put your requests in the wishlist. Please do!
Comodo listen to their users, so nothing is impossible.
They are making the log better.
You can as I said in a previous post, chack the log option in your network monitor rule for your game. You can then go to the log and right click somewhere in it, and save it as html.

About your application monitor rule, you should make separate rules for in and out.
Like I and Panic said, in a IN rule, YOU are the destination, and in a OUT rule, YOU are the source.

Skip advanced, and allow invisible, is only needed if you can’t get your app/game/server working without it. You should uncheck those if it works without them.

If you want real control of what ports and IP’s are used, you should go to security/advanced/misc and uncheck “do not show alerts for apps certified by Comodo”, and raise the alert frequency slider to the top.

Hey slip,

All you need to do is select “Create an alert if this rule is fired” on the inbound rule that you created for the games server. This will capture the IPs and times of connections.

Hope this helps,
Ewen

ok panic i think i got it now.

i was able to serve game to 5 people from all over the planet.
Germany, France, Romania, England, USA.

Tachyon has a diverse international player roster.

that checkbox imho is not labeled properly.
it should say something about its ability to log.
other than just “tell me if something tried to change it”
that is not obvious as “log all activity”
more precise.

and it finally sunk in that i can ADD an application rule.

i mistakenly thought i couldnt do anything there.
i thought that those showed up because i clicked a button in another window,
“define a new trusted app”

it would be nice to be able to right click
on an ip in Connections window and allow or block it.

its strange NOT to be able to right click on anything in that window.

hey thanks guys i understand things much better now.

now to try out logging !
this is gonna RULE ! (J) (:CLP) (:CLP) (:CLP) (:WAV)

There used to be a CLOSE button in the connections window, but it disappeared over the course of the last two beta releases. Personally, I hope it comes back, but I think Comodo are running up against physical space restrictions in the user interface due to the toolkits used to develop the UI.

Isn’t it fun when the pieces start to fall into place!

Cheers,
Ewen