CFP ignores global rules

I have set my global rules as shown in GRules.png (FYI, “DomaciSit” is “HomeNetwork” in Czech). You can see the zones in Zones.png. My aim was to enable any communication within my home network. But the firewall still asks me to allow/deny communication as you can see in the other pictures. It considers or as Internet. I have to create (or let create) application rules to make it work.
It’s quite irritating. Have I set anything incorrectly?
Version (filename): CFP_Setup_3.0.25.378_XP_Vista_x64.exe

[attachment deleted by admin]

I set the rules too quickly and I didn’t change the protocol to IP in the second rule (from the preselected TCP/UDP) by a mistake. But this doesn’t change anything important.

Sorry; can’t see your rules. Seems to be a problem with the attachments.

I can see them only if I’m logged in.
According to the view counters, other people viewed them.
I’ve just tried showing GRules.png in full size and it’s OK.

OK; seems to be an Opera problem only. You need to set up application rules in addition to the global rules in CFP3. All the application rules do is provide an extra layer of permission on inbound and outbound traffic passing to and from the application rules.

Seems I should have read CFP help more carefully.

  • A connection must obey both global and application rules to go through CFP.
  • It’s impossilble to simply allow all the communication within a zone.

Is it correct?

Try setting up your zone and then using the “Stealth Ports Wizard” you can let the rules be applied for you.

Set up your zone/run the wizard/Define a new trusted zone/Next/Choose the zone from the drop down/next.

This should set up 2 rules in “Global rules” and 2 in “Application rules” under system Allow outgoing requests if the target is IP in (zone)" + Allow incoming requests if the sender is IP in (zone) for Global Rules.
Under system in application rules,
Allow system to send requests if the target is IP in (zone)
Allow system to recieve requests if the sender is in IP (zone)


OK, that’s a nice way to set up the rules but it’s still necessary to (let) create the application rules.