Block Fragmented IP Datagrams Bug?

Hey Hey!

Brilliant Firewall… Have used since V2.

In version 2, out of the 4 computers I installed it on (only 3 are on the domain) 1 computer would never authenticate a login using active directory. I found in V2 that this could be fixed by disabling the block on fragmented packets (which I think was ticked by default)… I would love to know why this PC is special, it’s well known Active Directory uses UDP and if the packet sent is large enough it will become fragmented. Active Directory will not accept fragmented packets. I haven’t altered the MTU myself and would welcome any comments on how to fix this (there are NO problems on other computers in the house :slight_smile: )

In V3 however there seems to be things going the other way around, by default the boxes on the Attack Detection “Miscellaneous” tab are NOT ticked. So one would assume there is no protocol analysis and no blocking on fragmented data.

However this PC could NOT login to the domain after installing the new version of Comodo Firewall. Infact even setting both of Comodo’s features to disabled (Defense+ and Firewall) it could still not login… uninstalling Comdo and everything goes wonderful.

Eventually I came up with an idea, I would try and get it to say what was dodgy about those connections so I turned the option to block fragments “on”

Allow me to get to the point.

The Bug: In Comodo Firewall V2, the box was checked to Block Fragmented IP Datagrams by default… Fragmented IP Datagrams were blocked and logged in the log.

In Comodo Firewall V3, the box to “Block Fragmented IP datagrams” is unchecked, however they do appear to be blocked… to STOP them from being blocked, you have to tick the box to BLOCK them. Nothing has been logged either way (Perhaps related to this bug :

If you need me to do any network sniffing please let me know how I identify a fragmented packet in Wireshark… I am only “Intermediate” at networking, I tend to only know what will help me get things going :slight_smile:

If someone can confirm this bug (or help me to confirm it) I’ll submit it in the bug forum :slight_smile: