browser loopback problem (new to comodo)

Hello to All (:HUG)

i am new to comodo
i install comodo 3 Alpha 2 version (3.0.25) its very light on resources and feel little user friendly than its pervious version…which i dont understand at all

i dont know regarding comodo firewall rule setting i cannot see my opera browser like i see them in outpost… in comodo it makes loop back to connect how can i connect direct connection with my opera browser i am not using any proxy…

what are rules need to be added in global rules setting… i disable loopback option form defence>advanced>defence+setting>monitor setting…

its would be very kind if some one tell me step by step setting… just one opera browser setting then i set rest of my applications according to that…
which rules i need to Apply and where …i too confused …

Please help regarding that…

i am attaching all screen shots

and last resquest i dont see my Protected files working …

please help regarding that also…

I hope i make you understand my english is not that good…

[attachment deleted by admin]

As I understand, you have changed the Defense + setting (per your screenshot) so that it no longer checks/monitors loopback connections. Have you rebooted since you made that change? It may require a reboot to clear the memory and reset the rules configuration.

Just a note; It is not uncommon that some browsers use the localhost/loopback (127.0.0.1) for certain things; this is not the same as using a proxy, as it is not the point from which the browser connects to the internet; it is local only.

If the reboot does not resolve the issue, you may need to create a Firewall Network or Application rule to Allow TCP/UDP In/Out for the localhost/loopback for Opera.

You may also find it helpful to open Defense +, go to the Security Policy (Advanced settings), Edit the Opera rule and go to Access Rights. Find the “loopback” entry and change to Allow.

LM

thanks for your help kind sir but i didnt understand much…of it… sorry i think i am too stupid for comodo …my browser IE is also working in loopback mode …

can i get some video toturial or flash one for version 3 i cannot set it to tight security like i use to do in outpost sorry but its interface and style is very deffrent it also and application rules and global rules in network security policy where in outpost there is only one…can you tell me

sir…step by step how to configure in network and globel rules rest of applaction i hope i do at my own i just want to know 1 rule set to get the method of rule setting in commodo…i hope i make you understand sir////

Thanks again in advance for your kindly help…

with regards

mack

The Comodo firewall is very different from Outpost, this is true. Unfortunately, for this version (v3 Alpha) there are no flash or video tutorials; in fact, there are no tutorials at this point. This is simply because it is in an early testing stage, and the primary focus is on identifying bugs within the program; users are very much on their own.

The closest thing to a step-by-step instruction for creating rules is located here:
https://forums.comodo.com/index.php/topic,1125.0.html This is a tutorial on Network rules by m0ng0d. It was written for a previous version of the firewall; v3 is quite different, but the principles still apply. This will correspond to the “Global” rules within the Firewall Network Security Policy.

To very briefly explain the relationship of Global & Application rules, they are part of Comodo’s layered protection.

For unsolicited Inbound traffic (something you have not asked for) this must first be approved by the Global rules; if there is not a rule to Allow the specific traffic, it will be blocked and dropped. If there is a rule to Allow it, it passes the Global Network Monitor and moves to the Application Monitor. There must be a specific Application rule set to Allow the receiving application to communicate the way the Inbound traffic wants to. If there is no such rule, the traffic will be blocked and dropped. If there is an Application rule to Allow it, the traffic is allowed, provided the actions taken by the receiving application do not violate the rules for that application, as established by the Defense + rules.

For Outbound traffic, the order is essentially reversed… Defense +, then Application Monitor, then Global Network Monitor.

LM

For specific rules creation, I will try to give you a quick step-by-step for v3 (with screenshots). I am confident that you can do this easily.

Open the Firewall’s Network Security Policy. Click the Application tab. Click Add. At the top of that window, there is a field for Application Path. Click the Select button next to it. This gives several options on how to find the application you want to create a rule for - Search, Running Processes, or different File Groups (for this example I chose a running process).

Having selected the desired application, we move down to the details of the rule. We can choose to use a Predefined Policy (you can Add and Edit Predefined Policies in Firewall/Advanced/Predefined Policies), or a Custom Policy. The Custom Policy can be completely new, or imported from Predefined Policies or other existing rules (for other applications - this could be helpful if you have a very detailed rule for another application, that you would like to use again). For this example I have chose to Add a completely new Custom Policy, which opens the rules detail window.

You must fill in the ‘Description’ field; if you don’t, when you try to Apply the rule, you will get an error message. I want to know whenever this application rule is used, so I check the box “Create an alert whenever this rule is fired.” Select or specify the Action, Protocol, Direction, Source & Destination for IP & Port. In this rule I have specified a Destination IP (85.91.228.149) & Port (173) for this application. Then click Apply. Now you see your rule using the Custom ruleset; click Apply again. This shows the entire list of Applications defined by rules.

We now want to make certain that the traffic the application is allowed to generate is allowed by the Global rules, so click the Global tab. By default there are only two Global rules - Allow All Outgoing Requests, and Block All Incoming Requests. Thus, the rule I created fits the established Global rules; the traffic will be allowed by these Monitors. However, let us presume that I have modified the default rules, and only kept the Block All Incoming Requests rule; the Outgoing rule I have replaced with one that is more detailed, to define the Destination Ports that requests can be sent to. Let us presume that so far I have Allowed TCP/UDP Out from Any Source IP to Any Destination IP, on Any Source Port, to Destination Ports/Set of Ports: 80,443,53,67,110,25. These will allow browsing, email, DNS, and DHCP Outgoing. However, the port I defined for this application (173) is not in that Set. I need to Add a new Global rule to Allow a Single Port 173 (I could also add the IP at that point as well). Click Apply; this will take you back to the Global Rules. Click Apply again to set all the changes you have made.

You can define additional Sets of Ports in Firewall/Common Tasks/My Port Sets; these can be used in the creation of Global Rules. The same applies to My Network Zones.

I hope this helps,

LM

[attachment deleted by admin]

I dont know how to thank you sir … its realy very kind of you i set all the rules for my application…

but i am still facing some troubles…

Q 1 . is there any java scripts, referrer logging and cookies blocking in comodo like in out post so i dont need to set again and again for my other browsers too firewall do all common work for my opera firefox and IE …?

Q2 i am posting my settings the problem i am facing is that 1st again i dont see my opera or any other applaction which uses port 80,443 work on loopback port i see other applactions connected on other port but not which are connected on 80,443 …
secondly i disable loopback networking option what i see is that it still looping back my irc.icq.com(64.12.165.56) when i reboot or exit and restart my comodo firewall its changes to (56.165.12.64) so i added it to my network zone option and add zone in destination address of both Applaction rules and global rule…but its still changes after reboot and restarting comodo firewall now i added both the ip address in zone(64.12.165.56 and 56.165.12.64)…to solve the problem… how can i get rid of adding 2 address insted of 1
even if i use loopback networking why dont just need to type one loop back address (56.165.12.64) why keep changing after reboot…or exit and restarting comodo …

thanks again for giving you important time on that subject…

with regards

mack

[attachment deleted by admin]

Mack,

  1. No, CFP does not provide any scripting/popup/referrer/cookie blocking. It is considered to be the realm of the browser rather than firewall. Granted, IE does not have the same functionality, but Firefox is certainly capable of blocking all those things.

  2. I’m not sure about this one. This Alpha release has been known to lose the saved rules on restart/reboot, but it doesn’t sound like this is the case for you; just that the connections are changing each time, even though the rules are being kept. Perhaps they are related, though.

I am also not sure exactly what you are wanting to do in regards to the loopback, or what you are considering a loopback…

Normally, the loopback is through the localhost 127.0.0.1, but your connections don’t seem to be routed through that internal address.

Are you wanting to allow your applications loopback access on localhost, or you wanting to stop/block them from that access?

In CFP, when it refers to monitoring loopback, I believe this refers to the localhost 127.0.0.1, as mentioned above.

LM

Sorry i was out of town THANK FOR YOUR HELP Sir…

but what problem i am facing here is if i connect on any other than port that 80 or 433 it will not loop back throw system idle process …its show opera exe connected …for example of icq when i connect to icq its show opera.exe is connected on port 64.12.165.56:7012 while on other case when its connect opera on port 80 and 443 its show system idle process connected to 64.15.34.32:80 …etc…

when ever i try to connect any browser its ask for loopback connection in pop up window… when i block that request in popup window of and not allowing the loopback conection… its dont let me connect the internet throw browser…i always need to allow loopback…in Defence+ mode …

I think what you’re experiencing is this:

ICQ uses Opera to connect; thus, Opera is shown connecting on port 7012.

When Opera connects by itself (to browse), it is showing the normal web port of 80.

Opera (as do many applications) use the internal loopback to communicate internally; not leaving the computer. This is why you will see a loopback alert, if you have not allowed the application to communicate that way. It does not mean that the application is connecting to the internet this way.

However, if you deny that, the browser application cannot establish the internal communication necessary to support its connectivity; thus, it is blocked or otherwise unable to access the internet.

Either that, or by blocking the loopback connection, CFP thinks that the entire application needs to be blocked. I know this happened some with version 2.4; it’s possible that the process is carried over to v3.

LM