First of all, I want to say that I really liked this firewall when I found it a couple days ago. It immediately became one of my favorites. But, yesterday I noticed a bug which made me rethink my opinion, and eventually uninstall the application. What happened was that the firewall wasnt considering the fact that I added both PnkBstrA.exe and PnkBstrB.exe to the Network Security Policy with the Trusted value. What I mean is, the first time it properly detected both .exe-s and allowed them to communicate properly but after a while it somehow blocked both of them, making my ONLINE GAMING(for the games that used Punkbuster) go totally wrong. I was being kicked in Call Of Duty 4 and Quake III Arena, plus other games(with the clear error that PnkBstrB.exe wasnt able to communicate).
My computer has an Intel E2180 Dual Core CPU and Windows XP SP2. What I tried before the uninstall was:
reinstalling the application;
deleting the Punkbuster files from the Rules and then setting the Firewall to Learn mode(which didnt really work at all).
installing the application without Defense+.
changing through all the settings (Training, Training with Safe Mode, Custom Policy → for the Firewall; Training, Clean PC, Disabled → for Defense+)
Also, what I noticed was that when I disabled the firewall, PunkBuster ran fine(I was testing at every step with the “Punkbuster Service Setup” or “pbsvc”). I hope this information turns out to be useful and that a fix cand be produced.
One possible reason is that those executables were trying to accept incoming connections and firewall blocked these attempts on global rules level. What did log show after blocking those exe-s?
You may try reinstall Comodo, delete all Global rules, define those exe-s as trusted and play those games with firewall in train w/safe mode.
Ok, so I reinstalled the app. I think I know what I did wrong before. I always ran the “Stealth Ports Wizard” and set the second option after I installed the program. This added a Global Rule to my Network Sec Policy. I think this was what blocked the two Punkbuster executables. I am not sure tough. Ill have to wait and see. Ill post here if anything good or bad happens.
EDIT: I started testing some more and found out that it wasnt the Global Rule that was blocking PB. What I found out is that if you have one host name on "My Blocked Network Zones" it interferes directly with PB for whatever reason :o . I always added a couple of sites there for safety reasons, but now it seems Ill do without that feature.
What do you mean by “interferes directly with PB”? Pls, explain.
What hostname? Do IPs from that hostname appear in the log as blocked events after your game exe-s were blocked?
Well, overall the good thing is that I solved the problem, sadly, at the cost of another program function. I`ve attached a picture below to show you exactly how I did it.
The workaround is the folowing(i encountered the issue myself):
1.Install Punk Buster Setup from evenbalance website,update your games.
2.Restart computer for the Punk Buster A Service to start.
3.Make for the yourgame.exe the folowing rule “Alow UDP In/Out where everything is any"and the second rule “Alow TCP out where everything is any” ,in the general rules the Inbound should be blocked on Ip everything is any(this general rule is good to avoid questions from the firewall and for best protection during gaming).
4.Before starting the game, set the Firewall rule on " Train with safe mode” and the Defence+ module on “Training” (not the one with safe mod, this setting is vital for the Punkbuster to not lock your system and train itself)
5.Now we have to build the rules for the Punkbuster,they can be build by responding to the trainig questions or manually,anyway at all questions about Punk answer yes.
Manually add a rule in the firewall for PKbstrA.exe(this file is found in “Windows” folder in “system32” folder,as for the “game” exe create similar rules Alow all UDP in/out and TCP out only.Now you have to create same rules for the PnkbstrB.exe another file from Punk Buster that you find also in system 32 but this file appears usually after you lunched the game and you atempt to enter on a server with punk buster,anyway if you are asked by the firewall for this 2 punkbuster executables you just need to put your game in the tray and manage manually the rules like i told you.After you made this rules enter in a gaming server with Punk Buster so the Defence+ to train then exit from the server recheck the rules from the Aplications list be sure the rules for the “yourgame” executable and those 2 Punk Buster files/processes are properly made.After checking revert the Defence+ seting to “Train with safe mode”(the best way to keep Defence+) and the Firewall rule to “Train with safe mode” or “Custom Rules mode”.
I personally use an older Comodo 3 version 3.0.15 or 3.0.14 but if you are stable with the latest keep it.Latest version for me means conflicts with BD 2008 antivirus.
Well guys wait a moment. I would like to know if there is a bug or not.
Reading Sm3K3R post I understand that punkbuster need both D+ and F+ rules to properly work.
XFAktOR explained he added punkbuster executables as trusted apps in F+ but he didn’t mention any setting on the D+ side.
My suggestion is to add all related Punkbuster executables to “My own safe list” and test again.
Open question.
Why blocked network list should cause issues to Punkbuster?
Please take a screenshot of your blocked network Zones dialog when Punkbuster don’t work.
This way developer could reproduce these settings to see if this is a bug or not.
According to your results we could have to change this topic title too.
If adding any entry to blocked network zones cause such unrelated issues that is.
By gibran`s demand I made not a only screenshot, but a small video in which I depicted how the bug can be produced. You can view it in the link below.
PS: The website “8v8.biz” that I enter in the “Blocked Zone”(in the video) is very dangerous and should not be accessed, unless you want to get infected by malicious exploits.
No problem, I am glad that I could report this find, and maybe help the Firewall developers at making it a better application in future versions.
EDIT: Yes, I get the same result with any host name that I input. This bug may not even be restricted to hostnames, maybe all the other options have the same effect.
EDIT#2: I`m doing further tests right now. And it seems I was wrong a couple minutes ago. At the moment I think that if in the “Blocked Zones” the first value entered is a hostname that starts with a number, then it blocks PunkBuster(and maybe other services).
EDIT#3: So, I think I pin-pointed the exact cause. Here it is: If on that list there is a hostname with an unknown or unusual domain type(suffix) like “.biz” the list blocks PunkBuster(and maybe other services or functions).
Well I could paste the contents of the “hosts” file here but the problem is, that it has huge contents, because I used “Spybot Search and Destroy” to immunize my PC. What I`ll do instead is post a link where you can download the file and analyze it :).
You are correct gibran. If any of the entries you input in the “Blocked Zone” are also in the “hosts” file, then it creates a conflict(probably when it tries to resolve the hostname and finds out that it is the loopback zone, which PunkBuster uses for package transmission) and blocks PunkBuster. That seems to be the case, because Ive tested with "8v8.biz" now(and a couple other addresses), after deleting it from the "hosts" file, and the Firewall doesnt block the loopback zone(e.g. PunkBuster) like before. Thank you for your help. Much appreciated!
I have no problem with Punkbusters. I used traing mode for both firewall and D+ and it works just fine. There is Punkbusters A and B. Both need to be trusted in firewall and D+.
This problem has already been solved, you can find the actual way it was caused and the way it can be solved on the first page of the thread. Thanks to those who tried to help by giving their advice(especially gibran).
