Comodo firewall block my PC when repair / renew IP

eriarose · June 17, 2007, 4:18am

Hola!

(L)

I have this problem when using Comodo Firewall on my pc using dhcp and a switch / router as dhcp server.

About 3 - 4 hours of continuous usage my PC ip will be dropped and when it tries to renew with dhcp server it is blocked by Comodo. Pardon me if this doesn’t make sense. At least that is how I understood this.

When I try to “Repair” the connection, Comodo will block it every time. Please read the log down bellow.

Anyway I try to add the following rules, but this still happens.

→ Application : c:\WINDOWS\system32\svchost.exe
→ Learn the parent.
→ Allow all activities for this application

TIA,
Eria Rose

Exported LOG (192.168.1.1 is my dhcp server/ router)

Date/Time :2007-06-17 11:58:11
Severity :Medium
Reporter :Application Monitor
Description: Application Access Denied (svchost.exe:192.168.1.1: :dhcp(68))
Application: C:\WINDOWS\system32\svchost.exe
Parent: C:\WINDOWS\system32\services.exe
Protocol: UDP In
Destination: 192.168.1.1::dhcp(68)

Date/Time :2007-06-17 11:57:56
Severity :Medium
Reporter :Application Monitor
Description: Application Access Denied (svchost.exe:192.168.1.1: :dhcp(68))
Application: C:\WINDOWS\system32\svchost.exe
Parent: C:\WINDOWS\system32\services.exe
Protocol: UDP In
Destination: 192.168.1.1::dhcp(68)

Date/Time :2007-06-17 11:57:45
Severity :Medium
Reporter :Application Monitor
Description: Application Access Denied (svchost.exe:192.168.1.1: :dhcp(68))
Application: C:\WINDOWS\system32\svchost.exe
Parent: C:\WINDOWS\system32\services.exe
Protocol: UDP In
Destination: 192.168.1.1::dhcp(68)

panic · June 17, 2007, 7:16am

Hey Eria,

Can you try adding 2 Network Monitor rules with the following parameters;

Action : ALLOW
Protocol : UDP
Direction : IN
Source IP : 192.168.1.1
Destination IP : ANY
Source Port : 67
Destination Port : 68

Action : ALLOW
Protocol : UDP
Direction : OUT
Source IP : ANY
Destination IP : 192.168.1.1
Source Port : 68
Destination Port : 67

These rules need to be moved so they are at the top of the list.

Let us know how whether this fixes things.

Cheers,
Ewen

eriarose · June 17, 2007, 3:27pm

It doesn’t solve the problem, I receive same error in the log.

I have try the same previously by setting ALLOW protocol TCP/UDP, Direction In/Out, port any to 192.168.1.1 in the network monitor rules. And still get the error.

That is why I think the error is with Application Monitor rules. Which is strange because I have set that svchost.exe rules also.

Appreciate the help. Next step?

TIA!