Blocking Everything But a Select Few Programs

Forgive me if this is in the wrong section, but I’ve been googling about this for awhile to no avail, and it does deal with the Firewall.

I’m wondering if there’s a way to create a setting to where the firewall blocks everything while only allowing a few programs to connect to the internet; those few programs being Team Fortress 2, Steam, and Jaangle; and possibly Mumble later on. Usually this isn’t a problem, however, my internet quality has reduced drastically recently and I’m stuck with a Clear 4G Wireless USB hub, which isn’t that great for games believe it or not; especially now that I’m on a competitive TF2 team. And I don’t see my internet conditions improving any time soon.

Regardless, I’m looking for a way to only allow access to those three programs while blocking everything else. But only temporarily. Once I’m done playing TF2, I’d switch back to the default state where the firewall reverts back to normal. Is there a way to possibly do this? I’ve been toying with both Windows Firewall and Comodo for quite a while now with no luck.

Any help would be appreciated.

Thanks,

~Kruger

I can’t offer a solution but I am searching for the same information.

I would like to do something very similar, set up a firewall for two modes of operation: normal Internet access and then a limited setting restricting the connection to a few specific applications.

My reason is to block background traffic like Microsoft, Google, Adobe updates etc. while I have my laptop tethered to my cell phone data connection - I want to be in full control of what applications are running over my mobile data allowance. When I’m back on home wifi everything can run as normal.

Can Comodo be set up in this way?

Thanks for any help.

You can’t do different profiles with CIS.

To my knowledge, the only way to approach what you are looking for is to make a configuration with restrictive rules and save it with a different name than the default ones, then make another configuration with your other rules and save it. You can now toggle between those 2 configurations by restoring the one needed.

But be aware that if you make additional rules be it for AV, FW or Defense+ in one configuration it won’t be ported in the other configuration, you’ll have to make the modifications there again. Also, before restoring the other config save again the previous one to keep the possible changes made.

That might work. Only issue now is figuring out how to make such a file. I looked at the default, but how it’s setup is… boggling, to say the least.

Any possible advice you could give on how to make a configuration to import?

Thanks,

~Kruger

Do you mean help on how to export/import a configuration
or on how to make the FW rules for your games? In which case it would be useful to provide their requirements in protocols and ports and if they need ports to be open for inbound connections.

I do mean how I would actually make a configuration file. I already know how to import and export it, but making the actual configuration code is what I don’t get.

Also, not sure what you mean when you say Protocols, but I can get you ports for the programs.

Team Fortress 2

  1. TCP: 27014-27050
  2. UDP: 3478-4380, 27000-27030

Steam

  1. TCP: 27014-27050
  2. UDP: 3478, 4379-4380, 27000-27030

Mumble

  1. TCP: 64738
  2. UDP: 64738

Jaangle is an audio application and therefore does not require ports; however, it is only added to this application list because it’s connected to last.fm, so it doesn’t matter. And it’s not like it’ll be playing during my competitive matches to begin with (assuming I can actually play with my team).

Thanks,

~Kruger

As you didn’t specify otherwise, I’ll suppose that all the ports you mentioned need to be open. Please, check if it is the case, it’ could be dangerous to have open ports when not needed.

Well let’s go.

  1. Export your current configuration
  2. launch ipconfig /all, find your MAC address and note it
  3. go to Stealth Ports Wizard and select the 3d option
  4. go to FW > Network Security Policy > Applications Rules and remove everything except Comodo Internet Security, Windows System Applications and Windows Updater Applications.
    Right click on Windows Updater Applications > edit > use a Predefined Policy > Blocked application

Now we’ll make files group for each of your games ==> Defense+ > Computer security Policy > Protected Files and Folders > Groups > Add > A New Group > Choose file group name : Team Fortress 2 > apply > scroll down to “Team Fortress 2” > right click > add ==> add the files of Team Fortress 2 requiring internet access.
Do the same for the 2 other games.

We’ll make ports sets forTeam Fortress 2 ans Steam ==> FW > Network Security Policy > Ports Sets > Add > A new Ports Set > Type name of port set : UDP ports for Steam > apply > scroll down to “UDP ports for Steam” > right click > add > a single port : 3478
add > a port range : 4379-4380
add > a port range : 27000-27030
Do the same for the UDP ports of Team Fortress 2

Global rules to open the ports

==> FW > Network Security Policy > Global Rules > add

Action: Allow
Protocol: TCP
Direction: In
Description: Rule for incoming TCP connections for Team Fortress 2 and Steam
Source Address: Any Address
Destination Address: your MAC address
Source port: Any
Destination port: A Port Range : 27014-27050

Action: Allow
Protocol: UDP
Direction: In
Description: Rule for incoming UDP connections for Team Fortress 2
Source Address: Any Address
Destination Address: your MAC address
Source port: Any
Destination port: A Port Set : the port set you have made ie “UDP ports for Team Fortress 2”

Action: Allow
Protocol: UDP
Direction: In
Description: Rule for incoming UDP connections for Steam Fortress 2
Source Address: Any Address
Destination Address: your MAC address
Source port: Any
Destination port: A Port Set : the port set you have made ie "UDP ports for Steam "

Action: Allow
Protocol: TCP or UDP
Direction: In
Description: Rule for incoming TCP or UDP connections for Mumble
Source Address: Any Address
Destination Address: your MAC address
Source port: Any
Destination port: A Single Port : 64738

Move these rules above any Global Blocking Rule

Applications Rules

==> FW > Network Security Policy > Applications Rules > add > Select > Files Group > Team Fortress 2 > add (lower left) :

Action: Allow
Protocol: TCP
Direction: In
Description: Rule for incoming TCP connections
Source Address: Any
Destination Address: Any
Source port: Any
Destination port: A Port Range : 27014-27050

Action: Allow
Protocol: UDP
Direction: In
Description: Rule for incoming UDP connections
Source Address: Any
Destination Address: Any
Source port: Any
Destination port: A Port Set : the port set you have made ie “UDP ports for Team Fortress 2”

Action: Allow
Protocol: TCP or UDP
Direction: Out
Description: Rule for outgoing TCP and UDP connections
Source Address: Any
Destination Address: Any
Source port: Any
Destination port: Any

Action: Allow
Protocol: ICMP
Direction: Out
Description: Ping the server
Source Address: Any
Destination Address: Any
ICMP Details: Message: ICMP Echo Request

Action: Ask (Also select the check box ‘Log as a firewall event if this rule is fired’)
Protocol: TCP
Direction: Out
Description: Rule for HTTP requests
Source Address: Any
Destination Address: Any
Source port: Any
Destination port: A Single Port : 80

Action: Block (Also select the check box ‘Log as a firewall event if this rule is fired’)
Protocol: IP
Direction: In/Out
Description: Block and Log All Unmatching Requests
Source Address: Any
Destination Address: Any
IP Details: IP Protocol: Any

Do the same with Steam and Mumble

Make a last Application rule ==> add > Select > Files Groups > All Applications > use a Predefined Policy > Blocked application

Finally, move the 2 blocked application rules (ie Windows Updater Applications and the All Applications one) below all the other Application rules.

Edit : don’t forget to set the FW Security Level on Custom Policy

Did what you suggested and there seemed to be a small decrease in lag, but my ping seems to be staying in the same range. Guess I’ll have to make do with what I got.

I exported the Original Configuration before continuing with your Tutorial. After all was finished, I exported the modified config and saved it. Imported the Original config to overwrite the edited one, then imported the Edited one as a new config.

So since I have a “Normal” Config and a TF2 Config, do I still need to use Custom Policy on the Firewall Security Level? If so, I’ll give that a go either later tonight or tomorrow.

Thanks,

~Kruger

FW Custom Policy mode is needed in your TF2 config. In safe mode, if I’m not mistaken, notwithstanding your All Applications blocking rule, applications deemed safe By CIS will have internet access.

Ping remains in the same range, however, lag seems to have improved. A few stalls here and there, but they only lasted a few seconds.

So, I’ll deal with what I got, now. It’s much better than it was before getting all this set up.

Thanks for your help,

~Kruger