Hello, I want to configure the Comodo firewall rules in order to block all outgoing TCP and UDP connections (access) to the internet, but, to only allow access to one single IP address range (eg 70.167.25.1 to 70.167.25.254). How do I configure the firewall settings to acheive this goal? Thanks in advance. Much appreciated. Kind regards, Rod.
You can make such a rule set under global rules.
Rules are valid from top to bottom.
Thanks for you reply. I tried that. I had the following 2 global rules:
-
“Alllow” “TCP or UDP” “out or in” connections from “any” source address to destinantion address range “70.167.25.1 to 70.167.25.254” using “any” source port and using “any” destination port.
-
“Block” all TCP or UDP outgoing connections from any source address to any destination address using any source port and any destination port.
The 2nd rule works and blocks all access to the internet so this works fine. But the 1st rule does not allow me to connect to the specific web server that has an ip range “70.167.25.1 to 70.167.25.254” , instead i dont have access to any website. Could that be something to do with Loopback or DNS server? Or have i set up my global rules incorrectly?
Thanks in advance.
Regards
Rod
You can also make just a block rule with an “if not” exception.
For the testing phase or in general its recommended to have logging enabled for block rules. That way you can consult the logs to see reasons for something not working.
Is it a computer that should be accessible on that address later (server)? Or do you want to use the internet with that computer? In active scenarios you dont need to allow ingoing. As you request packets which can arrive.
Clear all previous Global Rules and make the following two rules apply:
Rule 1 (make sure this is the topmost rule.)
Action: Allow
Protocol: TCP (use TCP only as this is a web request)
Direction: Out (no need to have this bi-directional. You’re only interested in sending web-requests)
Description: Be as creative as you like 
Source address: Leave at Any Address if unsure. Specify your computername using Hostname if you want to further restrict/specify.
Destination address: Use either IPv4 address range or IPv4 Subnet Mask to only match the specified subnet of your choice.
Source Port: Any (this number is randomly generated, so no point restricting it)
Destination Port: Select Single port and the number 80 to only allow outbound HTTP requests (web requests).
Rule 2.
Action: Block
Protocol: TCP or UDP
Direction: In or Out
Description: Deny All (or something similar to describe blocking everything)
Source Address: Leave at default
Destination Adress: Leave at default
Source Port: Leave at default
Destination port: Leave at default
Remember to tick the “Log as Firewall event…” to be able to troubleshoot if needed (as pointed out by Clockwork previously). This rule is the last to be triggered if above rules doesn’t match any of the inbound/outbound traffic. As this rule matches everything, it will block everything too.
Hope this helps. Good luck!