Comodo v3 Blocking its own update?

Anyway that’s the setting I have, and if I wanted to use P2P I’d add another allow one for the specific BT port above it, it was the same way I did it with v2.

Anyway I’m really looking forward for the guide for dummies… :stuck_out_tongue:

I think Lomayok is interested in stopping the pointless massive logging even if he can't hide himself from the attempts (?).

Yess I want to stop the massive logging. How can I do it? If anybody needs more screen shots just let me know.

Thanks.

UPDATE: I opened bitcomet WITHOUT STARTING ANY DOWNLOAD, cleared the log of comodo and now not a single attemp is logged.

I don’t use P to P filesharing and have been getting assigned the same IP for several weeks on my desktop PC.

I am getting a huge number of comection attempts on port 4662. My suggestion is either create a specific rule blocking this traffic with logging disabled and place it above the “Block & Log All Unmatching Requests” rule.

Or disable logging completely

Or if the heavy logging is not interfering with your PC ignore it.
I choose the later

I hve a laptop on the Same CM and it does not see any attempts to connect on p2p ports
If you choose to analyze logs yoh are going to have to make a lot of assumptions and will see a lot of things that may not look right and some times will see conections attempts that make no sense (block those)
if that block causes problems reopen those ports. My suggestion is if don’t want to see disturbing things stay out of your logs I you don’t mind and want to learn log everything read and study your logs and join discussions like this one

The origanal issue appears resolved and is not being discussed anymore.
I am closing this discussion Reopened
If you would like it reopened an have good reason PM me or another mod

OD

I reopened This issue

Have you tried dissabling logging
Go to Misc. > Settings > Disable logging

Please post your logs anyway

See this it explains how to save a log to HTML T write efective rules I really need more than a snap

OD

Sorry the part in blue was missing from the original post My daugter was pulling on my pc cables and my wife was calling me
FIrst try this
Go to Misc. >Setting> >Logging you will see 2 check boxes
Disable Firewal Logging
Disable Defense+ Logging
there check both

If that works you can try the rule below
first renable logging
Make sure it is above any other blocking rule
“Network Security Center” > “Application Rules” > “System Idle Process” Right click on “System Idle Process” Select add rule
Action: Block
Protocol: UDP
Direction: In
Source Address Tab : Any
Destination Address Tab : Any
Source Port Tab : Any
Destination Port Tab : 26979
“Make sure the Log as a firewall event if this rule is fired”
Is Unchecked

I think this will basically disable bit torrent at the default settings anyway
“Make sure the Log as a firewall event if this rule is fired”
Is Unchecked

Hope this helps

OD

Go to Misc. >Setting> >Logging Disable Firewal Logging

Opus Dei, Thank you so much. It stopped the logging.

Make sure it is above any other blocking rule "Network Security Center" > "Application Rules" > "System Idle Process" Right click on "System Idle Process" Select add rule Action: Block Protocol: UDP Direction: In Source Address Tab : Any Destination Address Tab : Any Source Port Tab : Any Destination Port Tab : 26979 "Make sure the Log as a firewall event if this rule is fired" Is Unchecked
1st I reenabled logging Misc-->Logging. Then I added the above rule. I tried each position of the rule from the top to the bottom but the logging continued.
Click Picture to Enlarge
[URL=http://img267.imageshack.us/my.php?image=comodolog8ho3.png] http://img267.imageshack.us/img267/7281/comodolog8ho3.th.png [/URL]

In your snap shot you have the rule at the bottom CFP reads all rules in all parts from top down, with the “Block and Log All Unmatching Requests” rule above the new rule no traffic will get to the new rule
You need to move the
“Block UDP In Form IP Any To IP Any Where Source Port Is Any And Destination Port Is 26979”
above the rule
“Block and Log All Unmatching Requests”
then you need to hit apply twice

Have the same basic thing going on(on one PC, Destination port 4662 Edonkey, nothing on the other), however, I have seen no noticable performance degradation on the PC and I prefer to log everthing Allwoed and Blocked

I will test a similar rule for Port 4662 and see if it stops the logging
If not I will post a bug report

For now go back to disable logging

Thanks
OD
OD

[attachment deleted by admin]

I will move this to Bug reports I duplicated this and the logging continues the only way to stop this logging is to disable firewall logging completely
At 10:44 I created the rule
“Block UDP In Form IP Any To IP Any Where Source Port Is Any And Destination Port Is 4662”

Hit apply twice and logging continued

Rebooted and logging continued

Can sombody verify this (gibran?)

I guess It is not possible to disable SIP logging ATM. I was not able to do that for comodo updater (which crashes 9 out of 10 times so it’s difficult to test this)

Don’t know if I’m missing anything obvious but the rule without logging is for UDP and all that logging is for TCP?

I myself have disabled logging only for the rule which was blocking all those inbound attempts, while leaving logging enabled in general, and I get the desired effect.

Well slap me and call me stupid
No I missed it.
I guess I assumed That since lomayok was logging UDP 26979. I did not look at my log very well and used UDP 4662.

That fixed it
Thanks Japo
Edit:
Well here is the rule I wrote for lomayok
“Block UDP In Form IP Any To IP Any Where Source Port Is Any And Destination Port Is 26979”
attached is his log
It is correct. and properly positioned should have stopped the logging.
Thanks again catching my error, Japo

OD

[attachment deleted by admin]

As of now, logging is disabled. I just wanna be sure that the firewall is still working, right? At least I feel safer with this. Please post if something comes up.

Thanks guys.

I moved up this UDP rule but it did not work. Logging continues.

http://i17.tinypic.com/6tbg45j.png

Then I noticed that you guys mentioned about UDP and TCP so I made a closer look. I have both.

http://i1.tinypic.com/6z5rber.png

http://i19.tinypic.com/8g82a1h.png

So, I removed the rule on the 1st picture that doesn’t work. Then I made this one:

http://i9.tinypic.com/87mhe2p.png

Then I enabled logging again:

http://i9.tinypic.com/6odev4m.png

Honestly, I do not know if I am doing this the right way. I need you guys to tell me ASAP if I am screwing everything pretty bad.

So far everything seems to be working ok again. I hope this won’t change after reboot or after running bitcomet again hahaha.
I will post the result.

Thanks again.

Lomayok, I think I know what your problem might be. For outbound connections, app rules are consulted first, global ones afterwards. But for inbound connections global rules are consulted first. So it’s not the app monitor what’s blocking and logging but the global one, before it gets trough that rule. The non-logging rule is well written but it should be global, and place above any other broader global rule that would block (and log) that same traffic.