Automating rule management

Comodo Internet Security - CIS Firewall Help - CIS
#1

Is it currently possible to programmatically (or otherwise) add/delete/enable/disable (global) rules?
I could live with a commandline tool, a DLL, a COM interface, or whatever CIS currently provides.

(Enabling and Disabling global rules would probably be enough for now; then I would simply define all the rules I need and enable/disable specific ones depending on the conditions I define)

#2

are you using this in an enterprise setting?
if so pls use one.comodo.com which is free. it has scripting language to automate pretty much everything.

#3

No it’s for private use. I have a laptop that I use in multiple locations (different networks). Therefore I want to be able to lock it down pretty much - which is not a problem. What is a problem though, is that I need to open some sets of ports for different occasions (sometimes I need remote access to that laptop from within the network for remote control via android app, sometimes I need the device to be discovered through DLNA/UPNP, sometimes even SSH access to a virtual machine I have running).
With the Windows Firewall I can use “netsh” to manage individual rules. Since Comodo is a much finer grained firewall, I would very much prefer to use that over the Windows one, but didn’t find a way so far to use my automations.

#4

You could use registry keys. That’s one way. Adding new rule (operation) is probably not possible since unique identifier is assigned. Others should be possible, I’m guessing.

Global rules are stored under:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\CmdAgent\CisConfigs[b]X[/b]\Firewall\Policy\Global Rules
where X = active configuration

#5

That could be a good start. Thanks for that hint!
A problem is, though, that these changes (apparently) don’t immediatly activate. Since cmdagent cannot be restarted (for good security reasons), I need some way now to notify CFW about changed rules.

#6

I did not test it extensively. That would make some sense. I’m imagining there’s a performance cost when accessing registry. Hmm. What’s wrong with terminating cmdagent.exe process? Does it solve that issue?

Sorry for the late reply.