I just installed CPF, and I just found out that there are network monitor rules that hav a higher priority than the application monitor rules.
So there are some network rules that allow TCP/ UDP Out, some ICMP rules and there is a Block All In rules.
This last rules I don’t like, cause when I have to use P2P programs or host online games, I need to make rules for each and every program that wonts to be a server. The good thing is that when I delete this rule and do firewall tests, they still say that the all ports are stealth.
My question is do I need the “Block All In” rule?
kustodian, welcome to the forums (:WAV)
The fast answer to your question is YES! You need the bottom Block All rule; that’s your safety net, it’s what makes sure that the “bad guys” don’t get in.
I understand you need to open up a line in for your p2p app, and that’s easy to do. Check out this link: https://forums.comodo.com/index.php/topic,6167.0.html; it’s a compilation of various tutorials and explanations about CFP, common applications, network rules, etc. It’s locked, so there’s no responses or questions, just easy-to-access info. Each topic has an embedded link (bold red text) back to the original thread where you can post any additional questions you may have about that.
You’ll see there’s a section on p2p apps, which will be useful for you. There’s also an explanation of how CFP’s layered rules work together for your security (you’ve already discovered that the network rules set the stage for communication of allowed applications).
Hope this helps, and for your own security, please restore the bottom Block & Log IP In/Out rule.
LM