CPF blocking DHCP lease renewal by default? [Resolved]

I’ve been using Comodo for a few weeks now and overall I like it a lot but I have been experiencing one particularly vexing problem. The DHCP lease time is set to 1440 minutes (1 day) by default on my router and when that time has expired I lose my internet connection. If I attempt to manually release and renew with ipconfig it reports “no connection to the gateway” - ie, the router at 198.162.1.1. After much tinkering around with the router’s settings (as I had replaced its firmware with dd-wrt), I moved on to tinkering with CPF. I finally tried exiting CPF then running ipconfig /renew and this worked.

The only custom rule I have created for CPF so far is to allow my torrent client to listen to a specific port. I suspect that one of the default rules is blocking the DHCP lease renewal request from my machine to the router. At any rate, this is such a basic problem that I’m sure I’m overlooking something so any help would be much appreciated!

If you define a zone tha tincludes the IP addreses of all your PCs and your routers and then set that zone as trusted, this will allow full communications between IPs within the zone.

Hope this helps,
Ewen :slight_smile:

I had a feeling this is what I would need to do - so I just did it :wink: - but I didn’t do it in the first place because, a), I did not expect a firewall to prevent dhcp lease renewal and, b), because it seemed a little counterintuitive to create a rule/trusted zone that allowed any local ip to communicate with any other ip in either direction… ?! A little over 16 hours to go until the next automatic dhcp renewal so I’ll post back after that and let you know how it went.

Thanks for the quick response!

No love… Once again Comodo blocked dhcp renewal so I had to exit the program to manually renew my ip address.

There are a couple of interesting clues in the log, though, that might point to a solution. Comodo logged 4 “high” severity violations when I ran “ipconfig /renew” before exiting it. The evil application responsible was svchost.exe and it seems it was trying to talk to my computer (192.168.1.102) and the gateway (192.168.1.1) on ports 68 (dhcp) and 53 (dns). I’m no certified network engineer, but it does seem to me that my installation of Comodo is, in fact, blocking dhcp renewal by default. I’ve been trying lots of firewalls in the last couple of months and have settled on Comodo because it works, and I can work around this problem easily enough, but I really want to know how to fix it properly.

Finally, I just noticed that I should have posted my problem in the “help” forum, not this one. Sorry for the mistake!

Do you have any rules for svchost in application monitor?

AOwl - yes there is, and lo and behold, it seems tcp and udp out are blocked from any port to any port.

I just tried deleting this rule and still no love…

I just tried creating two new application rules to specifically allow svchost.exe to send UDP out to 255.255.255.255 on any port (67 actually used) and receive UDP in from the gateway 192.168.1.1 on any port (68 actually used) but this didn’t work either.

Setting Comodo’s security level to “Allow All” works, though, so obviously there is a rule, somewhere, that is thwarting my attempts to specify exceptions.

Make application rules like this, just to try if it works.
You can worry about tightening up the rules later.

Application : C:\WINDOWS\system32\svchost.exe
Parent : C:\WINDOWS\system32\services.exe

General
Action : allow
Protocol : TCP or UDP
Direction : In

Destination IP : Any

Destination Port : Any

Miscellaneous


Application : C:\WINDOWS\system32\svchost.exe
Parent : C:\WINDOWS\system32\services.exe

General
Action : allow
Protocol : TCP or UDP
Direction : Out

Destination IP : Any

Destination Port : Any

Miscellaneous


Make sure that you have made a trusted zone also.
Reboot your PC.

AOwl: that did the trick - thanks!

Now, why would Comodo create the block all tcp/udp access rule for svchost.exe in the first place? I can’t imagine it being done by default, but I don’t recall answering any popups from Comodo that would have led it to do so.

Also, do I need to reboot or exit/restart Comodo each time I create a rule. I ask not only because you mention doing so but because I previously created two similar rules (allow UDP IN and UDP Out) but they didn’t work.

Once again, thanks for the help!

You’re welcome. ;D

No, Comodo doesn’t create that rule by default. Probably you have denied a popup…

No, you don’t have to reboot all the time, but if you have problems and think you have made the rules right, a reboot can at least be done just to be sure…
In this case when there is a system file involved, a reboot is sometimes necessary.
Sometimes it’s enough to put it to allow all for a few seconds, and then back to custom.
Sometimes a restart of the firewall is the way to go.
Most often you don’t have to do anything.

Hey, tesseract, if this has been resolved for you, would you be so kind as to edit your original post in the following way:

Go to the Edit icon of your first post in this thread (lower right, by your IP address), and click that. Then add “[Resolved]” to your subject line, either before or after your original text.

That way other users will know there’s a potential solution.

Thanks,

LM

I will put resolved on this.
Tesseract, you can start a new topic if you have any other issues.