Bug? Cannot change rules name + strange behavior

EDIK · September 25, 2008, 2:40pm

I have CFP Firewall 3.0.25.378, installed Firewall only (no leak protection, nothing else, just firewall); set to Custom Policy Mode and defined a set of rules. Runs on fresh WinXP SP3
It seems a nice product, thank you for making it free!

But …
Some unexplicable problems!

I want to change the name of a Network Security custom rule that I have defined - after entering new rule name and confirming with Apply name is not changed (workaround: I change also the protocol type, confirm, go back, rechange protocol type to protocol i want). Seems like a silly BUG
If I enable DNS query (UDP packet OUT on port 53) where can I enable/disable the UDP answer (UDP packet in on same port)? it seems it is always enabled. Strange behavior…

Thanks!

system · September 25, 2008, 2:51pm

Previously reported bug; not fixed in CIS beta 2
SPI rules supersede attempts to block responses. Haven’t found a way.

EDIK · September 25, 2008, 2:56pm

Thank you for lightning fast answer!

lets wait silly bug is fixed!
what do you mean by that?
CFP has a door open to anybody to connect to a (legitimate or not) client application via UDP packets on port 53?

system · September 25, 2008, 3:06pm

The DNS SPI (Stateful Packet Inspection) rules allows responses to DNS requests on port 53-iaw, since you asked for the response, the response is allowed. Doesn’t allow unsolicited UDPs on port 53. SPI rules are checked ahead of global and application rules. DHCP requests work similarly.

EDIK · September 25, 2008, 6:07pm

Clear. Thank you.
I suppose I cannot customize CFP SPI rules, is that what you mean?

I had noticed similar behavior for DHCP IP renewal requests, that is answered by your remark.

Is there any reference to understand what CFP SPI rules do allow themselves and how it is done?

system · September 25, 2008, 6:14pm

We only know by experimentation; Comodo seems reluctant to provide documentation.