Comodo and EventGhost Webserver

lostramblin · September 2, 2014, 10:04pm

Trying to set up EventGhost web-server on Win 8.0 - 192.168.0.6
Current set to use port 99, but can use whatever works.

Communications from 192.168.0.2 fail when firewall is enabled.

Communications from 192.168.0.2 work when firewall is disabled.

However, I do not see anything on the log regarding the blocked communication from .2 . I’ve gone through and enabled logging on all rules, still do not see a blocked request from 192.168.0.2 .

I’ve also created a custom rule for all ips, all incoming to 99… still nothing until the firewall is disabled.

I had this issue on my other PC and ended up just removing comodo, no problems with Windows Firewall.

Any ideas? Let me know what else you need.

Netguy101 · September 2, 2014, 10:21pm

This worked for some users maybe it will work in your situation. You can use this to open specific ports.

You can replace the mac address part with “any”.

lostramblin · September 2, 2014, 10:41pm

Thanks for the suggestion!

No luck though, still blocked, still no logging

Netguy101 · September 2, 2014, 10:55pm

If it’s not being logged than it probably because by default Comodo blocks all incoming connections unless specified not to do so. Do you have the following options enabled? If so try disabling them and see if it works.

“Do protocol Analysis”

“Enable anti-ARP spoofing”

Also try creating an Allow TCP “In” rule for the port you want to allow incoming connections.

To do this go to Tasks> Firewall Tasks > Advanced Settings > Global Rules

Add a new rule as such

Action : Allow

Protocol : TCP

Direction : IN

Description : Open port for Webserver

Source Address : (Local Address of server)

Destination Address : Any Address

Source port : A Single Port: (Port you specified)

Destination port : A Single Port: (Port you specified)

Hope this helps

Also make sure the “Allow” Global rule is above the block ones
See image for example

[attachment deleted by admin]

lostramblin · September 3, 2014, 1:41pm

Thanks again

Made the changes as suggested, Still no luck

Netguy101 · September 3, 2014, 3:11pm

Some extra things you can try:

Set CIS to “Alert incoming connections” in the Stealth Ports wizard.

Here are the alert settings in a better detail:

I also recommend you set the firewall alert level to medium or high (Temporarily as this will result in more firewall alerts) so that Comodo will alert you when the connection is being made from the webserver to your computer so that you can choose whether to allow or block.

lostramblin · September 3, 2014, 6:01pm

Thanks for your continued efforts…

Still blocked. Just to check I brought down the firewall again, msgs send no problem.

POTTER3390 · September 5, 2014, 10:23pm

Yes i have the same proble, with evenghost, but my logs shows the block, but i can’t do anything

Netguy101 · September 5, 2014, 10:47pm

In addition to what I posted before, anyone having trouble can try adding the port they want here:

POTTER3390 · September 6, 2014, 3:57pm

i have some news, at least i think, first i add some of my logs where the aplication that appears is “Windows Operating System”, second i make an aplication rule that allow all apps as “allow apps”, so there is a rule that can resolve this and is an aplication rule and not a port rule

edit: i creat an aplication rule for “Windows Operating System”
allow
TCP
in
source port and ip any
Destionation my mac and port 1818 and it work finally ;D

Now while i was creating this rule i accidentally delete one for “windows system aplication” that was generate by comodo automatically, so if anyone know how it goes please tell me

[attachment deleted by admin]