Hi there, for the past few months I’ve been using Eset for my security needs and it’s time to move on.
So far I’m liking everything about Comodo, except I can’t manage to set up the Firewall in a way that I had previously with Eset.
All I need is to apply 3 rules to an application I have installed on my PC.
* Allow everything
* Disallow all traffic to remote port 27030
* Allow traffic to remote port 27030 on IP 41.185.60.43
Essentially only allowing the IP address (41.185.60.43) on Port (27030) for the application.
In tabular form:
Action Direction Local Port Remote Host Remote Port
Allow All Allow Both Any Any Any
Block Port 27030 Block Both Any Any 27030
Allow The IP on 27030 Allow Both Any 41.185.60.43 27030
Please assist, I would hate to have to go back to Eset.
he doesnt ask to open a port for ingoing! (valentinchen, you suggest to put a hole in the firewall for everyone who likes to connect to that pc on port 1723).
and to the opener: why do you want a rule that allows everything in EVERY direction (your first rule says that), and then you try to make one exception?
its a bit funny. basically you can switch of the firewall with your setting. it lets all in and all out. apart from one port… but as you set the allow all rule on top, the other rules dont count anyway.
a rule set of a firewall is a logic game. look carefully what each rule says, and then look what the combination says.
as long as you dont run a server or use p2p, you dont need any INgoing rule for a program.
normally comodo firewall blocks all what is not allowed. so you only should make exception rules for the FEW things that you want to ALLOW.
first of all I didn’t say he should open ports and secondly I assumed that he wanted/needed to add ports clockwork. And no I don’t suggest that he should put a hole in the firewall!
You can make a custom policy for this under Network Security Policy → Predefined Policies.
The policy will need two rules.
Action: Block
Protocol: IP
Direction: IN/Out
Description: Block all traffic
Source address: Any
Destination Address: Any
IP details: Any
Action: Allow
Protocol: TCP/UDP (or just TCP or UDP; that depends on what protocol the program uses)
Direction: Out
Description:Allow traffic on port 27030 to 41.185.60.43
Source Address: Any (or the MAC address of your NIC, or your IP on the LAN when you have a fixed IP address)
Destination Address: 41.185.60.43
Source POrt: Any
Destination Port: 27030
Now make sure the block rule is at the bottom of t new policy and the allow rule on top. Then Ok and Apply your way to the main screen. Now you can assign the new policy to your application.