Automatically block internet access of unknown applications, and don't block lan

im having a hard time configuring comodo on my 64bit XP:

  • I want all trusted aplications to have internet access and Lan access
  • I want all other applications to have full lan access and no internet access
  • Lan should be ethernet and hamachi
  • i don’t want to get any notifications of programs trying to access anything

Right now i have comodo set to custom policy mode,
hamachi and ethernet in “my network zones”.
But none of the above works.

and I thought this would be the way most people would want thier firewall to work …

Hi glockmeister,

I can not verify this will work as you intended but i will take a punt at it,forgive me if it doesnt work im only trying to help.
First off lets look at your application rules---->Firewall/Advanced/Network Security Policy…This is where you can give any applications you Trust,“Trusted Application” status.
Highlight the application check “Use a pre-defined policy” and choose “Trusted application”
This will give the application the rule “Allow all Incoming and Outgoing Requests”(see Pic1)
You may need to manually add some applications by clicking Add/Select/Browse to app

This is where it gets tricky!
Go to Firewall/Common Tasks/Stealth Ports Wizard/Click “Next”/I would like to trust an existing my Network Zone should be checked/Now from the drop-down choose the zone you wish to trust and click “Finish”
This should now give you two applcation rules under “System”:-
Allow system to send requests if the target is in[your network zone name]
Allow system to receive requests if the sender is in[as above]…Pic2

Also there should be 2 Global rules:-
Allow all outgoing requests if the target is in [your zone name]
Allow all incoming requests if the sender is in [your zone name]…Pic3

Now we need to make a rule for All Applcations(which will go at the bottom of the application rules list so anything above it,ie a Trusted application will be allowed to connect out)

Firewall/Advanced/Network Security Policy/Application Rules/Now “Add” then “select”/File groups/All applications/Now next to Where use a custom policy is checked click on Copy from/Pre-defined security policies/Outgoing only/APPLY/APPLY…This is to give us the Block and Log all unmatching requests rule,Pic5.

Now open application rules again and scroll to the “All applcations” entry/Highlight the Allow Outgoing TCP or UDP requests rule and click “Remove”
Now right click on “All applications” and select “Add Rule”

Description=Allow outgoing requests if the target is in [your zone name]
Source Address=Any
Destination Address=Check Zone and from the drop-down choose your zone
IP Details=Any

Now Repeat above for incoming rule,

Description=Allow incoming requests if the sender is in [your zone name]
Source Address=Check Zone and from the drop down choose your zone
Destination Address=Any
IP Details=Any

Now highlight the Block and log all unmatching entries and make it the bottom rule in All Application

APPLY to close all windows.

You should end up with a rule for “All Applications” as the bottom rule something like Pic6

Hope this works as you wish,maybe you could use the rules given to “System” by the “Stealth ports wizard” for Hamachi for the VPN


[attachment deleted by admin]