Hi there :),
I’m pretty n00b when it comes to Comodo Personal Firewall but I’ve been using firewall for already quite some time.
It’s just that I’m afraid I still haven’t fully understood how CPF graphical interface works.
What I need is to have CPF blocking all inbound traffic except for FTP (port 21).
Soon I will change this to SSH and then I will only open port 22 instead.
Could somebody please give me a hand with some step-by-step tutor on how to do this?
Many thanks in advance 
(V)
Well they’ll correct me if i’m wrong but I think the best way to do this would be to go to Network Monitor and right click each rule, select edit, and choose block in the drop down menu. Then make a rule right above the last one on that list. Last one says “block and log ip in/out where ipproto is any”.
Thanks Ehgreg
Anyone cares to correct or add anything to Ehgreg’s post?
Otherwise I will try this in approx 12 hours since that’s when I’ll have my laptop back from PC Clinic since it was massively attacked last time I was trying to use FTP.
I must have accidentally open all traffic…
Cheers
that will block all outgoing traffic as well and as I understand your post
that’s not what you want ? You only want to bloc incoming, right?
a solution would be to remove all rules you might have
in network-monitor that allow incoming and then make a rule allowing
incoming only to the port you use for FTP.
By default, there are no Network Monitor rules to allow Inbound traffic. Unless you have added some, there’s no reason to change anything.
Just add a rule to allow TCP In to Destination Port 21. Whatever application you are using to control the FTP transfers will have to be running actively, listening on port 21, or the traffic will not be allowed.
Hope that helps,
LM
Hi guys,
Thanks for your support.
In fact I added a TCP allow on port 21 In/Out and I was able to ftp from the office to my home PC.
But then again I only succeeded because I used ftp.exe CLI that comes with windows.
When I tried to use MS Explorer as a client or even IExplorer or even Mozilla, I always received a “425 can’t open…” .
Using TCPView by Mark Russianovic I discovered that the CLI client only opens port 21 whereas all other clients were opening many other ports randomly and without being able to decide on the range to apply.
Is this in any way documented, or is it a known issue?
This does not have anything to do with CPF even because using Windows’ firewall I got the same behaviour.
It’s just that I don’t know anywhere else to ask these questions ;).
Regards,
Rui Correia
It’s true that the basic behavior of an FTP connection is that Port 21 is first accessed to establish the connection, then typically two other ports are opened for the transfer. They do not appear to be assigned or determined in any specific way, and vary greatly in range. I certainly don’t know enough about FTP to understand how/why it works that way.
I have an application that updates using FTP, and it’s very annoying, as I can’t define specific rules for the additional two connections; I just have to wait for the popup and click Allow each time. If I miss it (not at computer, for instance), the app won’t update.
From the standpoint of running an FTP server, I don’t know how you’d set that up. There must be a way, though… I’ll dig around a bit and see what I can find out.
LM