Bug? Cannot change rules name + strange behavior

I have CFP Firewall, installed Firewall only (no leak protection, nothing else, just firewall); set to Custom Policy Mode and defined a set of rules. Runs on fresh WinXP SP3
It seems a nice product, thank you for making it free!

But …
Some unexplicable problems!

  1. I want to change the name of a Network Security custom rule that I have defined - after entering new rule name and confirming with Apply name is not changed (workaround: I change also the protocol type, confirm, go back, rechange protocol type to protocol i want). Seems like a silly BUG :slight_smile:

  2. If I enable DNS query (UDP packet OUT on port 53) where can I enable/disable the UDP answer (UDP packet in on same port)? it seems it is always enabled. Strange behavior…


  1. Previously reported bug; not fixed in CIS beta 2
  2. SPI rules supersede attempts to block responses. Haven’t found a way.

Thank you for lightning fast answer!

  1. lets wait silly bug is fixed!

  2. what do you mean by that?
    CFP has a door open to anybody to connect to a (legitimate or not) client application via UDP packets on port 53?

The DNS SPI (Stateful Packet Inspection) rules allows responses to DNS requests on port 53-iaw, since you asked for the response, the response is allowed. Doesn’t allow unsolicited UDPs on port 53. SPI rules are checked ahead of global and application rules. DHCP requests work similarly.

Clear. Thank you.
I suppose I cannot customize CFP SPI rules, is that what you mean?

I had noticed similar behavior for DHCP IP renewal requests, that is answered by your remark.

Is there any reference to understand what CFP SPI rules do allow themselves and how it is done?

We only know by experimentation; Comodo seems reluctant to provide documentation.