Application Monitor Rules Hierarchy

Well golly gee, Soya! That there’s the exact one about which I thought. :wink: Thanks for providing that in order to keep my sanity.

My apologies for using proper grammar. The current generation of American public school grads won’t present you with that issue, that’s for certain. :frowning:

LM

I just tried it and it’s as you posted. It if it’s to be uniformly sorted in alphabetical order, then this is a bug because Allow should be before Block.

If I already have a blocked rule on an app and create another rule to allow that same app, there won’t be 2 app rules; it’ll just replace the current one. Another inconsistency.

AM is a joy :slight_smile:

Another twitchy glitchy with it that I have noticed is that when (for instance) AF is at High (which would require Port/Protocol/Direction in the details), that if you have a rule that stipulates a port, and another rule that is “Any” port, it will create a prompt. In order for it to work, each port has to have its own rule (or be included in a “range” on one rule).

I first really noticed this because of BOC using an FTP server for updates. I created a rule to allow the port 21 connect, and let it popup for the other two, which I allowed without remember. That kept failing if I wasn’t at the machine, so I finally made a second rule (below the port 21 rule) to allow Any port for the FTP site. Doesn’t work. It still alerts on each additional port. Maybe that’s because I included too much detail (the IP address) for the AF level; I really dont’ want to go to Very High to include the IP though, as I don’t want 5000 popups a day (number used for effect only; not an indication of reality).

LM

My BOC rules currently are:

port 21 TCP OUT
Port 51000 - 55000 TCP OUT
Port 80 TCP OUT

Plus DNS entries. This seems to work ok, I’ve not received any additional prompts for quite a while. However, I don’t know for sure what the port range is exactly.

I’ve never seen it do port 80 out. Although it does do a DNS connect on 53. But that’s enough about BOC; that’s not the topic of this thread. How’s that, Soya? Proud of me for steering the topic back? ;D

LM

That was such a shocking development that I almost had a heart attack there.

So what’s there more to type? Who’s going to file a http://support.comodo.com ticket on this?

Which bit :stuck_out_tongue_winking_eye:

Why there are so many :-Xbugs:-X mysteries on AM rules?

In all seriousness, I agree a ticket should be raised, but I think a definitive list of issues should be included as part of the request. We could just ask something like, why does AM rearrange rules, but it’s a bit woolly.

What I’d like, is a solid explanation from one of the devs, about how AM is supposed to work…

How about, “Please see this thread, and respond…” ?

That might work :slight_smile:

Hey Opus, sorry we hijacked your thread :slight_smile:

No problem
I,ve found it interesting
and almost impossible to get AM to do exactly What I wanted

What I would like is an expert mode in AM that would dissable auto sorting within Rule sets.
Rule sets being defind as a group of rules where the “Path” Application and the “Parent” application are all the same.

Also I would like An option to log all traffic allowed or blocked or better yet an option to Select loging for specific rules Like Net Mon

Programs that auto arange things are always great for beginer users but it always seams tyo be a pain for the advanced uses if you cant turn off the auto arrange features

I seem to remember requesting something similar myself, can’t remember which wishlist…Oh well V3 comes soon…

One I forgot :slight_smile:

If one has a application with several parents, and one of the parents gets wiped (yes it does happen) AM leaves all the other parents alone…

As an example (this has happened to me several times with both fx and tb) Take firefox

It has several parents and each parent has several rules. For one reason or another, yet to be established, I find that one set of rules, related to a single parent has been set to ‘skip the parent’ all other rules for each or the other parents are fine, that is, they retain their respective parents.

My ticket to support reads as follows:

Will you please review this thread and comment on Application rules and why they don't function as it seems they should?

https://forums.comodo.com/index.php/topic,8863.0/topicseen.html

Thanks, we’d really like a concise answer on this confusing issue.

LM

I think it is a good plan to file the ticket.
I doubt they will do anything about it in version 2 but with this and if it is not improved in V3, We should keep afte them in the beta program.
Enough Voices will probably eventualy be heard. :SMLR

If this was fixed I believe Comodo would have a world class Firewall Comprable with most of the ones out on the Commercial Market

I have not worked with Checkpoint in years but I’d like to hear of Some opinions of people who have worked with some of the commecial enterprise firewall and get their opinions of Comodo

If this applies to anyone out there if it does Please post your opinion of the two in comparison. maybe I will post a poll.

Hey Opus, it might be worth pursuing that conversation in the Computer Firewalls forum. It’s likely you’ll get a better response :slight_smile:

LM, do you want me to file a ticket too?

I think that’d be good. Not to overwhelm, but to make sure they realize it’s not a random issue or question.

LM