Please post what you would like to see in upcoming versions of Comodo Firewall Pro here.
thanks,
jasper
-
Port Triggering for secure Torrent downloads as a plug-in that only loads when actually used:: Port Triggering vs. Port Forwarding
-
WhoIs service available on a right-click menu for the Firewall Logs entries. (Script to open the WhoIs web page and paste the IP address into their data box).
-
More information accessible for applications that appear in the pop-up alerts. File version, installation date, author/company, icon, digitally signed?, parent or startup source.
-
Quarantine for unknown files to permit scanning with an AV AS program. Configurable “Send To” function to perform AV AS scans.
I want four different buttons in the pop-up instead of that “Remember…” checkbox
- Allow (once)
- Allow always
- Block (once)
- Block always
So every decision I make only costs one klick which keeps the pop-up so inobtrusive as possible. Average Joe doesn’t want to click a single time more than needed and in this case I don’t want to do that either. :THNK
Hallo,
Comodo has a very active Forum Community and V3 specifically suggest this Forum to ask for Support.
So in order to further improve support requests and troubleshooting V3 should have a Ruleset and Configuration Report.
This way Members don’t have to post screenshots and export Logs.
There should be only one place to go to generate a full textual report that list all the rules in a textual or HTML format.
This will shorten mostly all support Topics and will reduce the need to ask for missing or incomplete infos.
It would be easier to post a report containing something like
[b]iexplore.exe [/b] ALLOW TCP OUT from IP any to IP any where source PORT is any destination port is 80 ALLOW UDP OUT from IP any to IP any where source PORT is any destination port is 53 BLOCK IP IN/OUT from IP any to IP any
[b]iexplore.exe [/b] DNS client Service ALLOW Loopback Networking ALLOW Disk ALLOW Keyboard ALLOW Computer Monitor ALLOW Protected Files and Folders ASK [i]Protected Files and Folder Allowed List:[/i] C:\windows\temp\* [i]Protected Files and Folder Blocked List:[/i] C:\windows\system32\*instead of attaching screenshots or writing a ruleset by hand.
Another way to improve support would be the ability to import a textual rule in an application. So if a member doesn’t know how
to use the configuration dialogs it will possible to import another member generated ruleset for that app.
I guess that D+ Diagnostic can export its report too or provide a more detailed one in order to troubleshoot ceratin incompatibilities and issues.
Hallo,
V3 firewall alerts mimick thesame V2 details.
Anyway the current dialog implementation can be confusing.
I would like to suggest that V3 alert details should match V3 Firewall alert level or the user may be mislead.
Plus there should be an option to decrease the level of details a generated rule should have if the alert leve permit it.
So if an user has set a very high alert level clicking Allow generate the usual detailed rule.
But using dropdown enabled buttons, if the user click on the down arrow part of the buttons there should be a menu listing all the other alternatives for lower alert level settings. This will add much more flexibility.
So a very high alert level dialog can create default rules with protocol ports IPs and in/out details but there will be a chance to generate less detailed rules using ANY.
A very high alert dialog should have Five alternate rules (including the default one) an high alert dialog should have four alternate rules and so on.
Defense+ * policy is a huge improvement to acknowledge the need of few users which would like a less noisy HIPS.
as I tested this new setting to harden my security I found few features I needed (please if it was not intended don’t remove it)
I can override trusted/installer poilicies and I can enforce protection even if CFP gui is closed.
I’ve not tested this extensively but I hope I’ll be able to protect only few critical places at bootup too (a way to log V3 actions during bootup would be a nice addition)
It would be nice to have a * policy to handle bootup or host protection when V3 is closed.
Another addition would be the ability to finetune the installer policy to log all the changes and an option to add some conditional ask permissions (defaut to ask nothing, this way there will be no issues because ask is much like allow, but it will be possible to create an alternate protection ask setting)
A not operation would be useful too to archieve something like NOT in this path or NOT in this registry branch.
A consistent “Summary” User-Interface 
Hi there!
I just replaced Comodo 2.4 with the 3.0 version. The new features are superb and the lower consumption of ressources compared to 2.4 is a very nice thing too
But there are a few inconsistenies in the User Interface:
For example in “Summary” there are the following lines:
[b]Network Defense
The Firewall has blocked 234 intrusion attempt(s) so far
The Firewall security level is set to Train with Save Mode
0 inbound connection(s)
0 outbound connection(s)[/b]
Why I’m only able to access the Firewall security level from this “summary”-page? When I see that there are 234 intrusion attempts I’d like to see those attempts without having to click through various menues. The same for inbound and outbound connections.
The correct description of this part of “Summary” should be (underlined = link)
[b]Network Defense
The Firewall has blocked 234 intrusion attempt(s) so far
The Firewall security level is set to Train with Save Mode
0 inbound connection(s)
0 outbound connection(s)[/b]
There are other cases like in “Proactive Defense” which should be fixed soon to ensure an easy and fast access to points which require attention
Greetings and continue the good work
Timo
I’ve noticed that when I setup my password for Comodo V3 it requires me to type in the password for each and every link (category) listed in Comodo V3 configuration. Can’t you set it up that once you have signed in and typed in your password in the configuration categories that you should only have to do this one time per session. Not each and every time you click on a category.
Thanks for your consideration.
CPF 3.0.13.268.x32 XPpro SP2, up-to-date, Intel P4
Hi all,
Have to mention from the beginning that I’m very happy with ALL CPF v.3 behavior so far.
Thank you again for another great product!
1.
I have wished “a long time-ago” 
and I still do, that my FW will warn me in the event of an attack attempt – port-scan, DDoS… with an optional pop-up, color change, anything …
I was running various FW tests out-there, GRC and similar, and none generated any logs.
Because I’m behind a PPPoE connection, I cannot use the check “and log” option in my last Network Global Rule:
“Block IP In Any Any…”, otherwise the FW log becomes a traffic sniffer, logging all WAN activity.
Therefore, if something will eventually go wrong, I’ll find out about it after it happened.
2.
Another feature nice to see, probably already mentioned before, would be the possibility to import, in a sub-category of “Blocked Net Zones”, databases in Peerguardian or similar formats, from disk or URL’s when running p2p’s. No clue how performance/ behavior can be affected by a 200k+ list of addresses or ranges.
3.
If FW rules, both application and network would automatically receive id’s when created, it can be useful to see another column in logs, with the rule no. or id, generating that event. Can be handy for debugging and fine-tunning.
4.
I need to choose between separate configurations only for FW, not for also D+, like in a previous Beta.
(R)
Gabi
Comodo would be perfect if on Firewall Alert it had a button similar to Kerio’s Advanced Filter Rule.
(see this screenshot)
Basically it would allow to immediately create a custom rule from an alert pop-up, instead of going thourgh Firewall Tasks > Advanced > Network Security Policy.
For now i’m getting back to KPF, but this addition would finally make me switch 
Hi, in addition to the post above of Timo Schmidt, I’d like to add:
Option to customize the links on the Summary page! It would be great to have shortcuts of my own choice, e.g. to rapidly access my application rules or the logs (like Timo suggests).
Thanks Comodo,
LA
Firewall Rule add/support IP list function.
Firewall can monitor and detect listen port created, after ask user how do you do.
Firewall->“active connections” can support display listen port. (System and svchost.exe)
Summary->Traffic realtime support, or support display current speed. (Total:XXXX.XXKB/s)
You may refer to KPF/SKPF. (Kerio Personal Firewall)
I like KPF and CFP too. (not SKPF)
Now I like CFP high than KPF. But CFP design not 100% win KPF.
sorry for my bad english.
+1!
Until you close the GUI, CFP shouldn’t ask for password again.
Yes it would be nice if the password worked the way u suggest but it doesn’t on my Comodo v3. It asks for a password on every single click on a different category config.
I’m voting for this!! :■■■■
-
clear and pure categorized tabs for “Logs, Current activity, Network rules, Application, etc” (I definately miss the clear structure/functionality of 2.4!!!)
-
better structure/clear separation of the firewall and defense+. it’s menustructure is too much mixed up and very confusing.
-
i want network-things (logs, activity, rules) together in the 2.4 style. it’s bad to push people to choose from many options to create rules, predefined rules and to mix this with applications.
simply too much, too confusing, too less straight. keep things clear and simple - v2.4 was a masterpiece of functionality imho; everything was straight and it was there where you expected it.
who expects the logs for a network in a completely different tab than the activity or the rules or the applications??? very very strange.
the creation of rules and their nesting the may be convenient (or fun?) for some kind of people, but for me as a simple minded technician a well arranged table is much easier to understand and to serve.
i hope you don’t get me wrong - comodo firewll is a very good firewall, but the usability of v2.4 has almost completely gone in v3… :-\
i stick with 2.4 and hope for higher usability in a future version
I would like to be able to right click lets say a block in the log (sorry events…) and choose to add/edit the rule that blocked the app, with the IP, port and protocol from the log entry filled in the new rule.
I would also like to have the name application rules for the application rules… and it should be in the same tab as logs.
It would also be nice to keep the log open when you go to the application rules to write a new rule so you remember what to set in the rule. To do that now you have to click the more option in log and then close the first log window to be able to go to the application rules.
Would it be smart to impliment export/import feature for Trusted Vendors list in Defense+ module?
This way you can export and import the list of know good applications some other time (as the list grows and it’s hard to add them again one by one).
Or is there any limitation regarding this feature?
Request for Enhancement (RFE)
While the user can see an event in the log that blocked a connection attempt, I don’t see how the user is supposed to determine which rule or option caused that block. An identifier should be included in the log on a block event that leads the user back to either the rule or an option that caused the block. For rules, the ID could be a unique number assigned to the rule (which remains the same even if other rules are deleted while new rules would get the old numbers no longer assigned). If an option caused the block then the ID should be some string that denotes that option.
When I see a block event in the log, I can’t tell what caused it.
all i’d want is the minor bugs fixed, and i know that will happen!