Do I need some rules for global if I go to bitcomet?

I just reinstalled V.3.0.16.295 Everything in default.

For some reason my CPU jumps sky high if I will open Bitcomet. Is this normal as part of the comodo learning process? Do I need some rules for this? Global rule is empty, Is this the default or I screwed it up? If you need more screenshots just let me know.

Need some advise.

http://i29.tinypic.com/2i1o0zn.jpg

http://i27.tinypic.com/11m8gt1.jpg

EDIT:

Yes, I think I screwed the global rules. I deleted everything in it but it was a good thing that I save a bunch of screenshot before the deletion. I deleted those rules because I saw something that I don’t understand especially the 2nd and 3rd rule about ICMP FRAGMENTATION NEEDED AND TIME EXCEEDED. What are these two rules about?

Anyway, I made the rules again but then my IP addreess is shown as blocked in bitcomet and a zooming log just keeps going that made my PC lags so much. What should I do with these rules? And how can I stop these logs?

Needs help…

http://i30.tinypic.com/ffd16u.jpg

http://i29.tinypic.com/2db5u10.jpg

http://i29.tinypic.com/2vxlzx3.jpg

Good morning lomayok,

  1. I’m no expert on BitComet but you can start by adding a global rule like:

Allow TCP/UDP In/Out, Src Add:Any, Dest Add:Any, Src Port:Any, Dest Port:25747

Put this rule above the other 4. Should cut down on the alerts/events and CPU usage.

  1. Again no expert on ICMP but this protocol is used as a handshake between IP addresses to establish the existence of valid addresses, perform pinging, etc. Among other things your ICMP rule settings will determine if your PC is or is not stealthed.

Birdman

Yes this is right rule to allow bitcomet and stop appropriate logging, but change it a little: instead of In/Out set In only.

Do not know, but here are some observations:

ICMP TIME EXCEEDED is needed to receive replies for tracert.exe.

ICMP FRAGMENTATION NEEDED is needed sometimes (my case) to have some forums to function properly.

Here’s a link that was just posted at Wilder’s regarding ICMP and PC security issues. Provides some insight into the selection of the CFP default ICMP global rules.

Birdman

http://www.spirit.com/Network/net0700.html

BitComet is like any other p2p like uTorrent when it comes to CFP rule creation: the ICMP fragmentation and time aren’t absolute necessities, but they help traffic routing. I’ve only noticed a few cases where they popped up when I was p2p’ing and monitoring my log. My recommendation is to leave them as it might help boost download speeds marginally.

As confirmed by Egemen, there is more than one way to configure the rules. My setup doesn’t contain any Global Rules because I like to organize all rules in one page. Here’s something related I posted:
https://forums.comodo.com/frequently_asked_questions_faq_for_comodo_firewall/tutorial_for_utorrent_with_comodo_firewall_3-t15677.0.html;msg128291#msg1282913

As for why cfp.exe is eating cpu, maybe when you try to open the first log window ??? Is this a constant or temporary issue?

As advised, I added the rule in global, [IN ONLY] but the logging is still going.

http://i28.tinypic.com/535oau.jpg

http://i27.tinypic.com/dng585.jpg

There’s supposed to be logging events. It means CFP is doing its job of protecting unwanted incoming connections, which is even more common why P2P. Why? Because we’re obviously connected to many other PC’s and peers.

I deleted the last rule but the same log is going. I made the rule again, rebooted, deleted the logs and it stayed clean but as soon as I open bitcomet and started the download, the non-stop logging just keep coming.

http://i29.tinypic.com/2mxfp1y.jpg

To make sure that Bitcomet is not running, I restarted my PC. Then I tried to clear all the comodo logs and to my surprise, the exact log keeps showing up. How can I stop this logging?

http://i31.tinypic.com/1z3qvxx.jpg

Try to modify last block rule for bitcomet.exe and last global block rule: remove checkmarks “Log as a firewall event when this rule is fired”.

Global rule doesn’t had checkmark. And the Bitcomet exe doesn’t had block rule. If I need to make one for bitcomet exe, what rule should I make?

http://i25.tinypic.com/2itg20k.jpg

http://i25.tinypic.com/2edxmz8.jpg

This is not necessary if firewall is in custom policy mode.

Hi All (L) but after the lst upgrade I lost my rulezzzz :wink: as some of you.

unfortunely I have the same issue as discribed here - Bitcomet is not working properly. Everything was fine with the prev version but now I am unable to set it up…

…awating for any further ideas, please confirm this is just not a bug and all we need is to study the forum more

cheers

EDIT:

I have removed Global Rules (even they were fine and should have been working anyway). It is better now. Now Bitcomet shows Detecting - Grey (previously Blocked). I used to have the grey one before so it is rather a question of my network not a CPF conf…

I have one question - I have only a few rules for the apps I run and already set up. Is the firewall going to ask and alert me by default if any new app tries to establish connection? As I mentioned I do not have any global rules and any personal ones for System, Idle, Windows blabla…etc.

thanks

Hi,

Set firewall part of CF to custom policy mode and you’ll always get alerts if application doesn’t have “block unmatching” (or similar) rule at the end of list.

Add “Windows Operating System” to the list of applications (if you are not going to use global rules): add->select->running processes. Define rules for it with last: block/ip/in-out/any/any/any.

Thanks Goodbrazer.

I have just done it and it is workign as I see many ICMP type 3 events in the log. Should I add a rule for allowing echo request and time exceeded ones? These are 2 of standard (default) rules discribed in this forum as well

cheers
Lukasz

For incoming connections for WOS i suggest you to allow only ICMP fragmentation needed (type 3 code 4) and ICMP time exceeded.
For outgoing (for WOS) you may allow any IP out.