Another "Wish to see"

I think? it would be usefull to see in log section of Firewall by wich Rule traffic was blocked or allowed.

p.s. Sorry, if someone already wrote this wish before.

What I’m talking about:
In COMODO, Section “Firewall”, Button “View Firewall Events”.
There I’m able to see logs in Log Viewer. It’s a table with columns “Application”, “Action”, “Protocol”, etc.
So, I’m able to see, for example, such record:
System, Blocked, UDP,, 138,, 138, 23.02.2008 00:00
That’s Ok for me. Almost. But I also want to know by what rule this traffic was blocked ? Or Allowed in other case :wink:

Isn’t it obvious once you know the application, which is in the log? Global rules in show up as WOS in my log, as well as WOS rules, which is only a little confusing. ??? The only problems I have sometimes are with the “stealth” or SPI rules that don’t appear anywhere in the policy but sometimes get logged anyway (like the pesky WOS in blocks).

But I have one interesting situation:
I have NO ONE rule with “Allow/Block AND Log”
So, I think I will not see any row in Events.

But I have a thousands events with “Windows Operating System” in Application-column. So I wonder - what was that rule which blocks this traffic?

Also it is usefull while you are creating and testing new custom rules. For example, I often create Rule to block some traffic & another Rule to block ALL traffic. So at this time I sure that traffic is blocked, but I don’t know by what rule. May be it was first rule? Or may be I create it with mistake, so it was blocked by second rule?