Hi i recently switched to Comodo from ZA.
I noticed repeated blocked connections in the firewall event viewer. Here are the 2 most consistent:
Application: windows operating system, protocol: udp, source ip: 11.24.0.1 port 67, destination: 255.255.255.255 port 68.
and
Application: windows operating system, protocol: icmp source ip: 10.170.160.1 type(3), destination: my ip code(13)
There are quiet a lot of this two. Are they supposed to be blocked or i’m doing something wrong?
I’m using windows xp sp2, and comodo 3. I’m not behind a router, connected to a modem on USB cable, there is another computer connected to the same modem but no home network between them.
My Comodo setting are safe mode in both, and in the stealth port wizard i chose block all incoming connections.
If you behind a hardware firewall which you are with you router you do not need those global rules cause your NAT covers incoming connections. The only global rule I have is the one that is there when you install Comodo for P2P. Anything Windows related should be outgoing only such as svchost or system.
You still need to create a trusted zone for your LAN
[ 0 ] Allow IP Out From IP Any To Zone [Local Area Network] Where Protocol Is Any
[ 1 ] Allow IP In From Zone [Local Area Network] To IP Any Where Protocol Is Any
Use the stealth wizard to define a trusted network
Thank you for your answers, i did what you said gibran.
The auto detect new private networks is checked, and there is already “local area network #1” behind the loopback one in my network zones, so i added the rules you said with this zone specified.
The connections from 11.24.0.1 have stopped, but since i added the local area network rules my utorrent became non connectable… Which is weird cause i haven’t changed anything in the utorrent rules. I can download, but barely upload and my status changes between red icon to yellow triangle, while before i always had the green one. And checking the peers list in the torrent site show me as no connectable.
I even tried to move the utorrent rule ahead of the all other rules but it didn’t change much.
I’m not sure if my local area network in comodo is configured properly, it shows 192.x.x.x ip while i’m not behind a router. When i click on local area connection in windows panel i get regular ip (not starting with 192).
So my question is what should i fill in this screen if any?
The trusted lan rules are ALLOW rules so they don’t block anything.
The purpose of trusted LAN rules was to allow your lan traffic that could have been blocked by your last global rule.
The green light means all is OK (ports are forwarded and you are receiving incoming connections)
The yellow light means that you have no current incoming connections. If this never turns green, this means that your port is not forwarded. The best way to check is with the µTorrent port checker, found in the Speed Guide. If the port checker says your port is open, then everything is most likely fine.
The red light means that µTorrent was unable to bind a listening socket. Most likely, this means a firewall is blocking it. It’s also possible that another torrent client is using this port, which will require you to change ports, or not run both clients at the same time.
I deleted the local area network rules and utorrent is seeding again.
I wish Comodo would have added some rules automatically like ZA do when you use it for the first time. What is Comodo equivalent of this screen in ZA? Can Comodo automatically figure out my internet adapter subnet or it’s not needed in Comodo?
This capture is from the internet as i don’t have ZA installed on my computer anymore.
Yes i used Ragwing’s option 1 and it worked ok till i added the local area rules. I’m not behind a router and i don’t have hardware firewall. Besides utorrent never gave me problems before.
