Can we improve the Firewall Disable functionality?

Some times I need to disable the Firewall or Defence+ temperarily for special purpose, though I know it is not recommended and may be dangerous, but it is desired when trouble shooting. For example, recently I encounter a tough issue that Empire of Age III can’t pass through the Comodo Firewall when gaming with another host in the same LAN (https://forums.comodo.com/firewall_help/can_anyone_make_age_of_empires_iii_work_with_comodo_3_free_version-t44622.0.html;msg322546#msg322546). I spend some time to figure out the problem locates in the Firewall, and I tried various methods searched from this forum and Internet, but can’t make it work. Everything becomes ok after I uninstalled Comodo.

It makes me very frustrating is that either placing Firewall into “Disable” mode or exist Comodo doesn’t really shut down the protection (it seems like there are still background service doing something), until a uninstallation. Personally I think this is a very boring behavior that “Disabling Firewall” can’t really disable it. I know finally (after spending lot of time) someone can help me find out the rules to make my application work. But what I need is just a real “Disabling Firewall”. Can we do it?

Please check your other topic for my reply.

You can disable the Firewall easily though. Click right on the CIS icon in the systray and choose Firewall Security Level and set to disabled. You can do the same thing for D+. Ppermanently disabling D+ can only be done under Defense + settings and requires a restart.

I remember I did exactly as your instructions except performing a reload (I think the problem is more Firewall like). But it doesn’t work, until I uninstalled it. Without a restart, everything becomes ok. That’s why I hesitate whether Comodo Firewall is still working in background in “Disabled level”. Anyway, I will try a restart after disabling Firewall.

I had the same problem everytime I need to shut down comdodo just for a ■■■■■■, uninstall needed in some cases.

Comodo Firewall (CF): Firewall and Defense+ (not CIS) can be permanently disabled (on 32 bit system, as for 64 bit system - confirmation needed) if you rename drivers cmdguard.sys and inspect.sys (e.g. to cmdguard.sys.tpm and inspect.sys.tpm) which are located in special folder (\system32\drivers on Windows XP 32 bit). After you renamed these 2 files, restart computer. Now CF GUI would complain that CF is not working, showing red circle in system tray.
When you need to re-enable CF just return original names for those files, restart computer.

I consider this workaround as a good alternative to uninstallation/reinstallation of CF. This workaround in the form of batch scripts (“automatic solution”) helped me in many cases. If anybody interested i can find these batch scripts resided somewhere on my comp and post them here.

update:
Here they are. Extract 2 files from archive and place them anywhere you like. When you need to disable completely Comodo Firewall double click on disable CF.cmd, let it finish, then restart comp. When you need to re-enable CF double click on re-enable CF.cmd, let it finish, then restart comp.

Here they are in plain text:
disable CF.cmd :


[at]echo off
cls

echo.
echo Press any key to rename drivers (precautionary measure)...
pause >nul
echo.
echo.

:: rename Defense+ driver:
::
ren %systemroot%\system32\drivers\cmdguard.sys cmdguard.sys.tpm
if errorlevel 1 echo unknown error while trying to rename Defense+ driver (cmdguard.sys) ! & pause & echo.

:: rename Firewall driver:
::
ren %systemroot%\system32\drivers\inspect.sys inspect.sys.tpm
if errorlevel 1 echo unknown error while trying to rename Firewall driver (inspect.sys) ! & pause & echo.

echo.
echo.
echo restart computer for changes to take effect...
pause >nul

re-enable CF.cmd :


[at]echo off
cls

echo.
echo Press any key to return original names to Comodo drivers...
pause >nul
echo.
echo.

:: return original name to Defense+ driver:
::
ren %systemroot%\system32\drivers\cmdguard.sys.tpm cmdguard.sys
if errorlevel 1 echo unknown error while trying to rename Defense+ driver (cmdguard.sys) ! & pause & echo.

:: return original name to Firewall driver:
::
ren %systemroot%\system32\drivers\inspect.sys.tpm inspect.sys
if errorlevel 1 echo unknown error while trying to rename Firewall driver (inspect.sys) ! & pause & echo.

echo.
echo.
echo restart computer for changes to take effect...
pause >nul

Very primitive, but works well, safely and fast… at least for me :slight_smile:

[attachment deleted by admin]