Comodo blocking entire application instead of just 1 port

Hello,

I’ve configured Comodo to ask me what to do when Firefox wants to connect to a site through a port that is not 80, 443 or 8080.

Now, when I use google, it sometimes want to connect to a site using port 21, and sure enough, a popup from Comodo appears, asking me if I want to allow Firefox to connect using port 21.

However, when I click in ‘deny’, Comodo doesn’t just block port 21, but it block Firefox entirely; I need to restart firefox to enable it to connect to the internet again.

I do not want to permanently block port 21, because for other sites, I might want to use it.

How do I configure Comodo to work properly, or is it just a bug?

Greetz

Unfortunately it’s not a bug, it’s just doing what it’s supposed to. The alert is not about port 21, its about the application attempting to access port 21. The BLOCK applies to the application, not to the port. The need for application based security is increased if you are using a tabbed browser. How would we differentiate between an allowed port 21 access for one tab and a blocked port 21 access for another, as both requests are coming from the one instance of the browser?

Imagine you were using another application that was transferring data via FTP (port 21) while you were telling CFP to BLOCK port 21 for Firefox. If the port was blocked, the FTP transfer would fail. Also, port 21 CAN be valid within a browser, as some downloads are configured to use HTTP (port 80) and others are set to use FTP (port 21).

I can’t think of a way to achieve what you want, other than creating custom network monitor rules blocking port 21 for specific IP addresses, but this would only apply to the IP addresses in the rules.

Hope this helps,
Ewen :slight_smile:

Thanx for your response.

I guess a feature request for Comodo would be that the message box in Comodo would have options, like: block application entirely, block port X for this application, block application for this ip address and block port X for this application for this ip address.

I agree that it is impossible to have 1 tab in Firefox allowed for port 21, and 1 disallowed, unless you block the port for specific ip addresses.