Blocking IPs

fogga April 29, 2007, 3:39pm 1

HI,

I just tried to block a website as a test and done the following:

Accessed: Security >> Network Monitor

Then added a new rule as follows:

Source IP: 192.168.1.2
Dest IP: xxx.xxx.xxx.xxx
Source Port: Any
Dest Port: Any

After doing this I could still access the website?

grampa April 29, 2007, 4:21pm 2

Hi there,
just tested it myself with a site to make sure I’m not telling you anything wrong.
So here we go:

go to Network Monitor
add new rule

action: block (and log)
protocol: IP
direction: OUT
Source IP: Any (or your IP: “any” for convenience as you are always the source with outbound rules)
Destination IP: IP of the site you want blocked
IP Protocol: Any

MOVE THE RULE TO TOP POSITION!!!

That should work.

Read here https://forums.comodo.com/index.php/topic,1125.0.html to learn more about network monitor rules.

Hope that helps,
grampa.

EDIT:
Of course you can also setup an Inbound rule so that that particular site cannot contact you.
In this case the site’s IP is the source IP and yours is the destination IP (“Any” will do as you are always the destination with Inbound rules).

EDIT 2:
https://forums.comodo.com/index.php/topic,5147.0.html

Here’s also a very helpful link by a much wiser peron than myself (just found it).
Instead of “protocol: IP” he advises to use “TCP or UDP”
Is probably even better as I’m only a novice when it comes to protocols.

Either way it should work, though you might want to find out which protocol to block.

fogga April 29, 2007, 5:34pm 3

Ok so all the block I move to the top? I have added another block but I can still access the website.

grampa April 29, 2007, 5:48pm 4

Hi,
it depends on your other rules where you have to put it.
The rules are ordered hierarchically, i.e. Comodo parses the rules from TOP to BOTTOM

If you have a general “allow” rule above a specific “block” rule your block-rule is redundant as COMODO will think:
“Oh, he wants me to allow everything. So let’s just do that. No need to bother analysing the next rules.”

If you order them the other way round, COMODO will think:
“Oh, he wants me to block this very IP-address. So let’s just…” (you get the point?)

Whereas for all other pages COMODO will think:
“Oh, he wants me to block site x. Well, he’s not trying to access that one. So let’s see what the next rules say.”

Hope that helps.
I can only recommend to read the two tutorials (linked above) and make sure wheter to use IP or TCP/UDP protocols in your rule.

Cheers,
grampa.