Blocked Incoming Traffic from Router in Trusted Network

Help for v3
#1

Hi all,

I’ve set a trusted Network Zone for my aDSL Router connection (192.168.1.1 / 255.255.255.0) and Comodo has correctly created the appropriate entries in the Global Rules section (Pict 2 - 1).

But, in the log files I see tons of entries about incoming traffic at port 5000 that had been blocked (Pict 1) for no apparent reeason. In addition to Comode’s rules for the Network Zone I’ve also defined my own Global Rules but to no avail (Pict 2 - 2).

I am pretty sure that the rules are ok. At some point I suspect “Attack Detection” and I tried to disable it (Pict 3). Defense+ is also Inactive

I don’t know how that is affecting the connection with my router (I can’t see any problems with communicating with the router), but it bothers me to see all that entries in the log files. Does someone have any suggestions?

Thx in advance,
Nikos.

Pict 1:
http://img153.imageshack.us/img153/9529/snap1qz0.th.jpg

Pict 2:
http://img153.imageshack.us/img153/1729/snap2kd8.th.jpg

Pict 3:
http://img112.imageshack.us/img112/5189/snap3rh5.th.jpg

#2

Do you have application rules for WOS to allow the TCP in to port 5000? All the inbound global alloe rules do is pass the packets to the application rules. There have been reports of the global allow rules not logging properly also.

#3

“System” is configured to send and receive traffic from the specific network zone. Do I need anything else in the application rules?

Thx.

#4

Do you have “Windows Operating System” under application rules? What rules does it have?

#5

Yes, WOS is where the blocks are, so that is where the rules go

#6

No, I don’t…

Has anything to do with “Windows System Applications” under File Groups?

P.S. Where are these File groups defined?


http://img87.imageshack.us/img87/6529/snapvb9.th.png

#7

Not sure, but i guess no.

Try the following: export your current configuration (Miscellaneous tab), delete all global rules.

Add WOS (windows operating system) to the list: application rules->add->browse->running processes.

Create rules for it and move it to the top of the list:

allow/ip/out/any/any/any
allow/ip/in/zone:router/any/any
block&log/ip/in/any/any/any

If won’t help instead of zone:router (second rule) type in single IP address: 192.168.1.1.

Btw, try this on new v3.0.17.