Disable firewall for specific network interface.

Hi.

I’m using your great product (thanks for this) on my PC, which has three network interfaces:
a) Real Network Interface Card - for connecting to home LAN
b) Microsoft Loopback Interface - for developing and testing network applications
c) DVB-T PCI card - it is digital television card acting as network interface

My question is:
Is it possible to disable Comodo Firewall for network interfaces b) and c)? I don’t need to guard this interfaces. I know, I can make the trusted zone for this interfaces, but ther is still firewall activity for this interfaces and UDP flood checking is still active. Sometimes I have even “gaps” in my television stream.

Thank you for your answer.

Klaus.

Welcome, primklaus (:WAV)

AFAIK, the option would be to create the trusted zones. Have you tried that yet? By setting the trusted network it will allow All traffic unchecked… I haven’t tried it myself, but I think this might supersede the flood checking for that as well (not for sure, tho).

LM

Hello LM.

I have created Trusted zone for interface c) but traffic is still “checked”. But - what does it mean “traffic is checked”? When I use my TV show application, Comodo systray icon indicates traffic. Sometimes I get the Comodo log event about DDOS attack UDP flood on this interface and firewall switchs to the emergency mode.

Now I read some postings in this forum and found “maybe” solution: increase the allowed packets per second. I will try it…

Klaus

Yes, you can increase the flood value until you find a setting that works. The downside of this is that it’s across the board, so it would apply to the NIC you use for your active internet connection as well. Just be sure to only increase the flood value for the protocol in question; in this case, UDP.

By “traffic checked” I mean that it is filtered by the Network Monitor rules. The Trusted Network/Zone creates the two rules; one is to Allow IP Out, the other IP In. This means that all IP Protocols are allowed (TCP, UDP, IGMP, ICMP, etc) to/from the computer and the Zone. This is compared to the rules for regular browsing, etc, where only specific protocols or protocol details are allowed.

I thought there was a possibility that creating the trusted network would mean that the Advanced Security checks (for the floods, etc) would be eliminated as well; that apparently is not the case. It’s good to know the security remains intact, but not the optimal solution in your situation.

LM

Hi LM.
I was playing with increasing the allowed packets per second and found “optimal” value for my problem. Thank you.

Klaus

No problem, Klaus. If you don’t mind sharing, what values worked for you?

Thanks,

LM

Hi LM.

I forgot this thread in full! I would like to apologize for my memory :-[.

So this is my Advanced Attack Detect and Prevention settings for DVB-T fluent run (see attachment AADPScr1.PNG and AADPScr2.PNG).

[attachment deleted by admin]

Aw, what’s 6 months or so… :smiley:

Thanks for the followup! So these settings are working for you?

LM