comodo doesn't recognize existing rules

Hi folks,

I’ve got a big problem with my comodo firewall.
I created application control rules for opera and IE.
In these rules I allow the connection to every destination on every port in udp and tcp.
When I’m surfing with the IE everything works like it should do (there is no popup). When I’m surfing with Opera, comodo asks for every new website.
So I have to allow every single connection (both to a destination and a port).
Even a changing of the application rules (combining some rules by setting one to allow [all]) doesn’t change the behaviour.
While surfing to a new site the popup appears.

I’m working on a newly installed computer with Altiris SVS, where Opera is in a layer.
IE of course isn’t in a layer.
Tried to play with another application, to verify the behaviour of comodo - even the same!

When I look in the application control rules, the opera.exe is recognzied as this: “D:\Altiris\fslrdr\23\D:\Opera\Opera.exe”
I’m wondering, if comodo doesn’t like the colon in the middle of the path.

Due to that case comodo does not appear as my favourite firewall (Opera is just the application, that everybody can reproduce).

I hope that anybody can help me before I sadly have to install another firewall…
Do you have any clue for me?

Hello pjorn

Can’t say I know a lot about Altiris SVS but there is a pdf on using this with firewalls here:

Hope this helps.


Hey Toggie,

thanks for your reply, but that just describes the configuration of the deployment server.
My problem is, that a virtualizied application causes continuous notifications at the comodo firewall.

Can anybody help me, please!

Yes having the same problem as pjorn. Both Comoda FW and Altiris SVS use low level file system calls. Altiris SVS applies file filter and file redirects. We will need to get the engineers of Comado and Alitris together because only they can tell us if the programs apply conflicting strategies. The problem is that a program to be checked by comodo at say
is physically locate on the disk in folder D:\Altiris\fslrdr\23.…\Opera\Opera.exe
where … is a very long path name in the Aliris folder naming convention. It seems that when comodo does the firewall-check Altiris returns a pseudo pathname D:\Altiris\fslrdr\23\D:\Opera\Opera.exe and it is this path that is stored in the comodo application monitor list.

Maybe Altiris should not return this string as a path+file name but there is definitely some error at the Comodo end because if you request Comodo to remember your answer in the the application monitor list it does so every time you launch the application and before know it there are very very many identical entries in the application monitor list.

And BTW I’m using Comodo fire wall version

Oh, it’s fantastic, that I’m not alone with my problem… :frowning:

After trying out many other firewalls, I discovered this problem only with comodo.
Altiris installs a filter, so that files are virtually in a specific folder (e.g. when you look in the explorer you will find the opera.exe in the path D:\Opera\Opera.exe, but originally it is in the path D:\Altiris\fslrdr.…\Opera\Opera.exe.
With Altiris it is possible to obscure the strange looking path, where the files are stored, so that you won’t see any file like this on your computer: D:\Altiris\fslrdr\23.…\Opera\Opera.exe, the only appearance is D:\Opera\Opera.exe (made a search through all partitions).

So I think comodo uses another identification of path+file, which causes the error. All I discovered is, that comodo does NOT like the colon in the specifed path in the application rules.

It would be great, if the support could answer my tickets than just closing them.

Evening/Morning (As Applicable)… I too am bedeviled by this issue and have tried creating a ‘wide open’ Rule for a Virtualised App allowing everything possible within this rule and again flagging it to remember my selection permanently, only to have Comodo flag every time I reopen the App(s) in question. Principal culprits in this example - Portable Firefox and Thunderbird 2.0…

As a possible workaround, or method to reduce the accumulation of pointless rules, you may set your Alert Frequency in CFP to Very Low - this will generate only one popup per application (in normal circumstances), as it is Only Application-driven (no other info/details in the rules created). This way, when you get multiple popups for the same app, due to the virtualizing methodology of Altiris, the old rule should (hopefully, if I’ve understood the situation correctly) be overwritten by the new. Path could be an issue though.

pjorn, if your Support Ticket has been closed out, you can log back in to Support, View your Tickets, find that one and reply therein to get it reopened (check the posted Status on it), or generate some more interest. If you don’t get anything, post your Ticket ID here, and we’ll see what we can get stirred up for you.