comodo firewall does not recognize hostnames in rules?

i have installed cis v3.13.125662.579 (3.14 not contain critical changes for me, also 4.0 too many bugs for now)
and i need to add rules depends on hostname (one hostname with many ip addresses)
rules form have a place for add hostname, but this not work as needed

for example
i use mcafee antivirus and those have a two hostname for updates (http and ftp protocols):
but no one not works if i add this paths in rule
updates works ONLY if i add one more rule after - ASK for an action
cis asks me for an action (different ip for every time) and after if accept that antivirus updates
so it’s hard to use auto-update current process

adding ip range is not a solution for me, because not only antivirus use many ip’s (some use different ranges or with spaces in range) on one hostname
just need a normal work of hostnames recognition

also, need to add numbers of ports in any order, like 1,6,2,4,3 in ONE string
not as now - one ip=one port or unbreakable range (1-6)

hope, comodo team release this functionality in v3.xx line of cis and does not remove later

sorry for my english
writen using google translator :wink:

Wouldn’t “hostname” (source if inbound connexion) work, assuming you should either modify 2 global browser rules (one for ftp, the other for http), either make your own rules for your browser (custom) instead of the global ones?

Wouldn’t “set of ports” do the job?

As for ip, you have no solution if they are not the same or not in a definite range (i suppose it is mostly the case for ftp ports) other then allowing all ip only for your hostname, if it works.

1. need to change global rules? which rule?
i have only
[li]block from any to any icmp message is protocol unreachable- block from any to any icmp messages 13,15,17- block from any to any icmp is echo request[/li]

  • 2. i don’t use set of ports
    [li]enumeration of ports must be in app rules section, not somewhere else, imho[/li]
  • 3. if i understood right, you are wrong
    [li]early (on winxp) i use agnitum outpost firewall and it’s hostnames recognition works fine and not have such limit as in cis, just enter hostname and work, easy as surfing www- also this belongs to ports enumeration - any port in any poisition, not only 1 address-1 port, or 1 address-unbreakable range of ports

more and more inclined to think that i need to buy new version of outpost
freeware comodo is nice, but … the small bugs as written above and the slow interface (especially events log) all spoils

Try giving the updater of McAffee the Web Browser profile. Does that do the trick for you?

this decision, as the fifth leg for dog or a crutch for a healthy person

what blocks to re-enable this feature? (recognition of hostnames)
because in the 2nd version line of cis, it worked fine, as i read on other forums
swearing on suspicious activity? write about it in the manual

Have a problem similar to one described at topic start. I use 4.1 version of Comodo Firewall. I described it here. I also found description of the same problem in this thread that’s started more than a year ago. Sad that bug isn’t fixed for a year. I planned to use hostname based rules for giving access for one host that uses Dynamic DNS. This host hasn’t static IP address and only way to distinguish it’s requests from another is using Dynamic DNS. Apparently I have to find another solution to this problem.

Why hasn’t this been fixed yet? So far specifying hostname as address in rules is useless.

I got the full outpost for free. But i got annoyed about the dns lookups of it, annoyed about it logging ALLOWED things, and no setting, apart from disable logging fixed that. Logging is hogging the hard drive, millions of times un-necessary.
If you have an antivirus, what is wrong to give it “allow outgoing”? I guess, you make ingoing rules, as you find it important to have adress names as rules.
If you dont trust your antivirus to know where to update…

And one other thing. If the antivirus knows the ip, no dns infection can lead it to somewhere else. I dont see why host names are so important or safer then.

Theres no logging problem with comodo. If blocked things dont get logged, change the rule, to enable the logging :wink:

And i got very annoyed about the rules interface of outpost. You have to click on each program, then have to click on each rule to see your rule set.
I want a rule set which i can scroll down, and i know ALL rules.

You see, its preferences, more than needs, what gives these kind of opinions. I have an expencive key, but i use comodo :smiley:

The issue has been reported, I hope they fix it in the next release.

The same problem here… firewall not doing what I ask, why?

COMODO firewall DOES NOT FOLLOW my rules. The last - proper working - version Comodo is 5.0. I’ll try to explain what’s is going about despite my limited English… Well, I have some http/https pages set on “ask” in the firewall, and experience problems with Comodo. When I start browser (Firefox/Opera/Chrome) with https/http pages set in firewall for “ask”, I’m prompted (only one time) to allow to load page… I’ll click ‘yes’ and then the asked page open but…all others https/http pages set on “ask” are loaded automatically not asking for permission anymore!!! When I click ‘no/block’ to first https or http page/site then all pages set on “ask” are automaticaly blocked and restart browser is needed.

I have used those rules for years and they always worked for me (in the past there were some faulty Comodo versions that didn’t work in proper way but that was incidental and corrected by Comodo in time). As mentioned above, the last proper working version is 5.0 I still had it on my second computer. If there any other rules that suits for that reasons I will gladly check them out and be grateful if someone share that knowledge with me. I tried to rework those rules in many ways, and always is the same, just ASK rule doesn’t work at all since 5 version.

Years ago I used to use Zone Alarm and this program always show very exactly which financial institution I tried to connect, not only IP but as well as name (host). Comodo shows only IP.

I just find this:

Comodo Firewall

  • FIXED! Exceptions could not be added in protections window
    * FIXED! Ask rules do not work in firewall rules when there is an allow/block rule in the policy
  • FIXED! Windows Vista D+ protection was not properly working for pseudo-COM interfaces(e.g. DNS resolver or service control manager access)
  • FIXED! Updates are going to provide configuration migration wizard to make the old configurations compatible with the new one
  • FIXED! Windows Vista virus scanner does not run

…again you have the same problem with “ask rules” http/https

What is the exact question that you are answering to? Thats important.

What are your settings for the question frequence? There are settings which would ask one question before they allow a great amount of traffic. Example: Ask for TCP (ask for protocoll) only. If you answer a question under this setting, you would allow any TCP traffic, from any direction, to any port and address!
Your description let me assume something like this is the case.

And maybe make an anonymized screenshot of the rules set.

Rule “ask” do not work at all, I try to every possible way to set it to work but, in vain. As I said in previous post, I used those rules for years, and they were good.
I also made new rule in “predefinied policies”, used “Set of Ports/HTTP Ports”, as well as https single port 443, too. I check that in another computers and always the same.

Please find some screenshots I enclosew with only one of a method I used (I tested many). I used only https pages/sities. Show me any rule that works, please. It’s impossible, I think.

[attachment deleted by admin]

Hi Arko_123,

What’s the Firewall Security level your running? You need to be running ‘Custom Policy’.

Ronny, I thank you for taking your time and the attention you paid to my problem.

I’m running Custom Policy all the time…
I also had hope that a paid version can meet my need at that point and I tried Comodo Pro version but nothing help… the same problem. Comodo 5.0 work perfectly but I don’t want to roll back to old version.

I were so desperate lately that I tested Online Armour, Private Firewall and ZoneAlarm …and all of them were poor substitute in comparison to Comodo, at least for me, what’s more ZA gave me a few BSD (last one I had a over a year ago), and system booted regulary over 4-5 minutes. I run XP.

Any help will be much appreciated.

The ‘Ask’ rules seem to be working correctly on my system. Are you using a VM?

[attachment deleted by admin]

No, I’m not using Virtual Machine. I just cannot believe that it works properly since I had try to set it to work on many computers and for many months with no effect. The last version that work with my rules is Comodo 5.0. So why 5.0 works flawlessly and all newer ones are not working? Are you used secured sities https with port 443? Have you loaded them one after another, at least two or three. Did you read my first post?

I place it partialy again:

“When I start browser (Firefox/Opera/Chrome/IE) with https page set in firewall to “ASK”, I’m prompted to allow to load page… I’ll click ‘yes’ and then the asked page open but …all others https pages set on “ask” are loaded automatically not asking for permission anymore!!! On the other hand, when click ‘no/block’ to first https page/site set on ASK in firewall, it is correctly blocked but then all other loaded secure pages set on “ASK” are automaticaly blocked without asking me and restart browser is needed.”

I’m sorry, I was not logged and screenshots were not visible, now I see them.

Well I know those rules, when you tick “remember my answer”… firewall will ask you every time only once a new https page is loaded, and what next ??? If rule is remember, it is done once and forever and then never ask again (untill I remove it)!!! I’ve tested that option a few times and it have no use for me. I just need firewall to ask me every time when I load pages set to ASK, just “remember my answer” make DEAD those rules, because if firewall REMEMBER them FOREVER, then NEVER ask again. Am I correct?

Just do not tick “remember my answer”, try to load 2-3 https pages set on ASK in firewall rules, and …you will see that those rules DO NOT WORK, at all…

Rightly or wrongly, I’m pretty sure that’s the way it’s always worked, but I’d have to look at some of the older versions to confirm.

  1. Switch firewall to custom mode (dont mismatch this with proactive mode, its something else)
  2. Firewall behaviour setting, alarm settings: Very high

If you have set this, you should be asked for every attempt of connection. If you use a lower alarm setting, you might allow things unintentionally with a question that isnt explicit related to the allowed things. Example: LOW, ask one question for application.

What was your setting for alarms? This should be clear before we look for other reasons.

That’s how my settings are. As far as I remember, CIS has never stored certain specific details of a connection - for a single session - when using ‘Do not remember’ It’s a bit like using the firewall with the Alert Frequency set to High as opposed to Very High, but only being asked once. Unfortunately, it’s another of those occasions where the firewall could be better.