Changing an applications access rule

I tested Comodo using GRC Leaktest and it worked.

Leaktest recommends blocking to test the firewall, then allowing it to access to be sure their servers are running. So you prove your leakproof then you prove leaktest is working by test on purpose, which is great.

Except that I can’t get Comodo to let leaktest.exe run. I can rename it and run it but I can’t seem to remove the blocking rule ‘for real’

I removed the entry for leaktest in these locations:
Defense+ Tasks / Advanced / Computer Security Policy
Firewall / Advanced / Network Security Policy

When I run leaktest.exe it adds itself back into both of those locations without prompting and allows it to run.

This behavior is confusing and the fact that there are 2 places for rules is inconvenient.

In “Firewall / Advanced / Network Security Policy” rules can be changed to block or allow, this works. But if a rule is removed, it appears again without a prompt.

In “Defense+ Tasks / Advanced / Computer Security Policy” the rule for leaktest shows ASK on everything, but it doesn’t ask.

The firewall is workable but behaves oddly. I hope this is considered a bug that will be squashed.

Although this thread is a year old, I just tried the same thing and had the same problem.

Yes, leaktest is blocked the first time; there are three prompts.
Then I ran it again to see what would happen if I allowed it; it got through of course.
But I expected that when I deleted the firewall/defence+ entires, that it would be
stopped again. However, it is allowed. No matter what I do, I can’t make it
recognised as a hostile program anymore.

Now let’s apply that to the real world… a virus/trojan causes a pop-up, and I mistakenly
allow it. Realising my mistake I go to the firewall/defence+ sections and remove the
exe from the rules lists, hoping to ‘re-process’ the virus and its actions properly this time.
However, comodo just keeps adding the virus to the safe list again and again, and the
only option I have is to keep it on the safe list with a block action, instead of allow.

Please tell me I’m wrong.

Sounds like CFP still remembers the rule for the duration of a session if you allow something. Haven’t tried it lately, but you may need to turn Comodo off and on to make it reset. Or at least close Comodo GUI. Are you using the firewall portion of CIS RC1 to see if this is fixed in that version?