CFP3 incorrectly blocks fragmented IP traffic

jokanaan · January 12, 2008, 12:26pm

Hello,
CFP3.0 Advanced settings, “Attack detection settings”, Miscellaneous folder:

Block Fragmented IP Datagrams: unchecked (hence set to No)
Do Protocol Analyzis: checked (set to Yes)

A couple of sample program, sending and receiving UDP datagrams bigger than 1472 bytes (MTU=1500) showed that CFP was blocking incoming/outgoing fragmented IP traffic.
Unchecked “Do Protocol Analyzis”, then everything worked fine.

This is not normal. Datagrams, although fragmented, were perfectly respecting IP and UDP protocols and should NOT have been blocked.

gordon · January 12, 2008, 12:38pm

I had the same problem (using bit-torrent with DHT enabled) but with Comodo v2.4, solved it by
creating a rule in network-monitor that allows “ICMP FRAGMENTATION NEEDED IN”
…maybe it works in v3 also ?

jokanaan · January 13, 2008, 9:20am

don’t know… settings are significantly different between 2.4 and 3.

Even more surprising was the fact that, even disabling the firewall would not fix the problem: big datagrams were still blocked. So, what do they mean with “Firewall Security Level = Disabled”?