I just reinstalled V.3.0.16.295 Everything in default.
For some reason my CPU jumps sky high if I will open Bitcomet. Is this normal as part of the comodo learning process? Do I need some rules for this? Global rule is empty, Is this the default or I ■■■■■■■ it up? If you need more screenshots just let me know.
Yes, I think I ■■■■■■■ the global rules. I deleted everything in it but it was a good thing that I save a bunch of screenshot before the deletion. I deleted those rules because I saw something that I don’t understand especially the 2nd and 3rd rule about ICMP FRAGMENTATION NEEDED AND TIME EXCEEDED. What are these two rules about?
Anyway, I made the rules again but then my IP addreess is shown as blocked in bitcomet and a zooming log just keeps going that made my PC lags so much. What should I do with these rules? And how can I stop these logs?
I’m no expert on BitComet but you can start by adding a global rule like:
Allow TCP/UDP In/Out, Src Add:Any, Dest Add:Any, Src Port:Any, Dest Port:25747
Put this rule above the other 4. Should cut down on the alerts/events and CPU usage.
Again no expert on ICMP but this protocol is used as a handshake between IP addresses to establish the existence of valid addresses, perform pinging, etc. Among other things your ICMP rule settings will determine if your PC is or is not stealthed.
Here’s a link that was just posted at Wilder’s regarding ICMP and PC security issues. Provides some insight into the selection of the CFP default ICMP global rules.
BitComet is like any other p2p like uTorrent when it comes to CFP rule creation: the ICMP fragmentation and time aren’t absolute necessities, but they help traffic routing. I’ve only noticed a few cases where they popped up when I was p2p’ing and monitoring my log. My recommendation is to leave them as it might help boost download speeds marginally.
There’s supposed to be logging events. It means CFP is doing its job of protecting unwanted incoming connections, which is even more common why P2P. Why? Because we’re obviously connected to many other PC’s and peers.
I deleted the last rule but the same log is going. I made the rule again, rebooted, deleted the logs and it stayed clean but as soon as I open bitcomet and started the download, the non-stop logging just keep coming.
To make sure that Bitcomet is not running, I restarted my PC. Then I tried to clear all the comodo logs and to my surprise, the exact log keeps showing up. How can I stop this logging?
Hi All (L) but after the lst upgrade I lost my rulezzzz as some of you.
unfortunely I have the same issue as discribed here - Bitcomet is not working properly. Everything was fine with the prev version but now I am unable to set it up…
…awating for any further ideas, please confirm this is just not a bug and all we need is to study the forum more
cheers
EDIT:
I have removed Global Rules (even they were fine and should have been working anyway). It is better now. Now Bitcomet shows Detecting - Grey (previously Blocked). I used to have the grey one before so it is rather a question of my network not a CPF conf…
I have one question - I have only a few rules for the apps I run and already set up. Is the firewall going to ask and alert me by default if any new app tries to establish connection? As I mentioned I do not have any global rules and any personal ones for System, Idle, Windows blabla…etc.
Set firewall part of CF to custom policy mode and you’ll always get alerts if application doesn’t have “block unmatching” (or similar) rule at the end of list.
Add “Windows Operating System” to the list of applications (if you are not going to use global rules): add->select->running processes. Define rules for it with last: block/ip/in-out/any/any/any.
I have just done it and it is workign as I see many ICMP type 3 events in the log. Should I add a rule for allowing echo request and time exceeded ones? These are 2 of standard (default) rules discribed in this forum as well
For incoming connections for WOS i suggest you to allow only ICMP fragmentation needed (type 3 code 4) and ICMP time exceeded.
For outgoing (for WOS) you may allow any IP out.