CFP3 incorrectly blocks fragmented IP traffic

CFP3.0 Advanced settings, “Attack detection settings”, Miscellaneous folder:

  • Block Fragmented IP Datagrams: unchecked (hence set to No)
  • Do Protocol Analyzis: checked (set to Yes)

A couple of sample program, sending and receiving UDP datagrams bigger than 1472 bytes (MTU=1500) showed that CFP was blocking incoming/outgoing fragmented IP traffic.
Unchecked “Do Protocol Analyzis”, then everything worked fine.

This is not normal. Datagrams, although fragmented, were perfectly respecting IP and UDP protocols and should NOT have been blocked.

I had the same problem (using bit-torrent with DHT enabled) but with Comodo v2.4, solved it by
creating a rule in network-monitor that allows “ICMP FRAGMENTATION NEEDED IN”
…maybe it works in v3 also ?

don’t know… settings are significantly different between 2.4 and 3.

Even more surprising was the fact that, even disabling the firewall would not fix the problem: big datagrams were still blocked. So, what do they mean with “Firewall Security Level = Disabled”?