Do u have to add your ISP's DNS server ips to Comodo somewhere?

As I think, Comodo is blocking them and slowing me down.

If u do, how and where do u add them??

And I still havent got an answer (that works) on, how to add Mirc, so I can use DCC files.

I’ve done whats mentioned here and DCC still doesnt work.

And DCC used to work in the previous version of Comodo, but it doesnt work in the latest version.

Adding the DCC ports in the Windows Firewall worked no prob at all before.

But doing it now, it doesnt work.

HELP!

No you dont. But if you have a router. You should add your dns ip numbers within your routers settings.

Hi speedy.

The short answer is no, you don’t have to add anything for DNS. By default DNS is handled by svchost.exe, so unless you have changed the default rules for this, it should work. If you wish, you can change this behaviour, its more complicated, but I’ll take you through it if you wish?

With regard to DCC, apologies, I forgot about that thread. I’ll get back to you…

Toggie

Thanx guys, its just that, on the main PC here (we’re networked), it logs ICMP, and port unreachable, which shows our ISP’s DNS servers ip’s I’ve got on these (dialup not ADSL).

So, I dont use a router.

I’ll wait for your reply Toggie :slight_smile:

Ta

Speedy,

It sounds like you may need to add your ISP’s DNS servers, indeed. There are a couple ways to do so. If you have a (more or less) sequential IP range for these, I recommend doing this:

Go to Security/Tasks/Create a Zone. Give it a name. Utilize the start/finish IP addresses to flesh out the range. Then go to Security/Tasks/Define a New Trusted Network. Use the Zone for that. This will put two rules at the top of your Network Monitor (positions ID 0 & 1). The first will Allow IP Out from Any(your computer) to Zone. The second will Allow IP In from Zone to Any (your computer). This way there’s unimpeded communication between the two, whenever you dial up.

If the DNS servers are individual IPs, and not sequential, I would create individual rules in the Network monitor, following the pattern of the automatic rules. So let’s say one IP is 123.456.78.9; you would go to Network Monitor, right-click the top (Rule ID 0) rule, select Add/Add Before. Create the rule:
Action: Allow
Protocol: IP
Direction: In
Source IP: 123.456.78.9
Destination IP: Any
IP Details: Any
OK. That will create a new Rule ID 0. Now right-click that rule, select Add/Add Before. Create this rule:

Action: Allow
Protocol: IP
Direction: Out
Source IP: Any
Destination IP: 123.456.78.9
IP Details: Any
OK.

Do that for each individual IP address you need as a DNS server.

LM

Will do LM, its only 2 ips for the DNS server.

So shouldnt take that long.

Ta

And another thing is, on the main PC sometimes, it shows something about DNScache. And it couldnt be contacted within 30 secs. This sound like a DNS server issue?

With Comodo?

The DNS server ips are just 67 and 68. So, would just adding the Zone with these ips be enough??

I tested it by selecting create an alert, which seems to be logging ok, it says:

Network monitor access granted ip = dns server ip dns (53). Network ID=2.

This sound right?

Would this be the prob with my DCCing in Mirc? When I first ran Mirc, it came up with a popup, with the DNS server, and I allowed it access to the DNS server ip.

And since it was blocked (till I added this Zone), it was blocking DCC previously?

Ok well, adding that Zone looks like it helped the browser, and kind of 1/2 helped the DCC prob.

I added the ports for Mirc under network monitor (As TCP in/out) or should I add the ports I put in Mirc under separate entries? And put any/any/any and the DCC ports under destination.

And also put the DCC ports under XP’s firewall and ident.

It did manage to work (the DCC), but looked like it was retraining or something. As it got 1/2 way and went backwards lol. Then stopped.

But it still doesnt work!

You’re going to want the DCC rules in Network Monitor separate from other rules. I also recommend separate In from Out rules, especially if there are details such as Port, IP address, etc. That way there’s no confusion about which is Source and which is Destination, for traffic routing.

I presume you’ve been thru this thread: https://forums.comodo.com/index.php/topic,1414.0.html for appropriate rules…

I’d put them right below your two Zone rules for the DNS servers.

You’ll also need an In rule for the application in the App Monitor, with the same destination port listed. Plus the normal Out rule for it there as well (two separate rules, again, because of the Port detail.

LM

Ok done this. I put a separate TCP and UDP In as stated on the link u gave.

Yup thats what didnt work before. I didnt even have to add ports using the prev version of Comodo, they were only added in XP’ firewall and dcc worked.

Done.

Done, however since theres already 2 entries in App Monitor, (for Mirc), if u add 2 more or 1 more, it overwrites whats already there.

And just changes what was there, with the DCC ports I added, that I used for Mirc DCC.

Or is that what you’re meant to do? Just go into the entries that are there (for Mirc), and change the dest port to the DCC ports I’ve put in, in Mirc?

And if theres already 2 entries for Mirc here and I add 2 more, then go back into App Monitor, there’s still only 2 entries there not 4.

And if u change it, Mirc will just ask for access again and change what I’ve just entered back to what it was before.

So its going round in circles. If theres 2 entries there and I add 2 it overwrites them. So theres still only 2 entries in App Monitor.

And if I change the entries, as above they’ll just get changed again when I run Mirc again.

Can u delete this annoying default block and log rule?? In Network Monitor?

Without affecting security?

I think this is one of the main culprits, thats screwing things up including Yahoo.

As its got some of Yahoo’s ports in it, which are getting denied.

Speedy.

If you need specific ports opened, just create allow rules above the default block rule.

The default block rule is there to protect you.

Toggie

Well adding the DCC ports I’ve got in Mirc, to Comodo, isnt working.

I’ve tried 10,000 times, and it just wont work!

Unless I’m doing something wrong, but as previously stated, I followed the FAQ here, for DCC, and it still didnt work.

And if I have to add to the App Monitor (for Mirc), it’ll just get overwritten everytime I run Mirc. So, whats the point of adding anything else to the App Monitor for Mirc?

All I’ve got in Network Manager atm, are the 2 DNS server entries, the 2 NIC entries for the network, and the others are the default rules.

And as stated previously as well, I added ident to XP’s firewall, added the DCC ports to XP’s firewall, thru the LAN and the dialup connection. It still wont work. I’m pretty sure with the previous version of Comodo, All I did was add the DCC ports under the dialup and the LAN (under XP’s firewall). And it worked.

Atm, the DCC ports I’ve got in Mirc are 2075-2080, so wouldnt that just be TCP In (or would it be TCP In/Out, or TCP In and UDP Out)?

Then any/any/any/2075-2080 in Network Manager?

Speedy.

First of all, I hope your not using the XP firewall and CFP together?

Second, here’s an idea. In CFP, go to Security/Advanced/Misc and set the Alert Frequency to Very High (the top setting)

Then open MIRC and do all the things you want to do. You are going to get a LOT of prompts, some of which will be duplicates. Answer allow and remember to each. Then finish your session and check the AM. You will have to work through each rule, find the duplicates and modify them so they merge.

The end result, assuming everything worked in your on-line session, will be a complete rule set for MIRC.

Don’t forget to return the Alert Frequency to Low after you finish, otherwise you will get LOTS of prompts

DON’T OPEN ANYTHING ELSE WHEN YOU DO THIS TEST, JUST MIRC!

Toggie

Nope, never have had both going. XP’s firewall is off, but it doesnt mean ports etc dont have to entered under its exceptions. Even if its off, programs will add whatever to it, except Mirc.

Or you’ll have to add whatever yourself.

I’ll do this next, and see what happens.

Well, I put it on High, deleted the Mirc entries that were already there. Ran Mirc again, gave access to both ips relating to the DNS server, 113, 59, and the Austnet ip.

Added the DCC ports to the exceptions and to the LAN / dialup on this.

5 entries altogether. Still no go.

Should I be adding anything to the Network Monitor, even tho there are 5 entries under the App Monitor for Mirc? If so, what?

I tried TCP In any/any/any/ and the ports I put in Mirc. Still no go.

Speedy:

5 entries altogether. Still no go.

Please post the exact details of the new AM rules and also your NM rules.

Toggie

Screenshots attached.

I havent added anything else to Network Monitor,besides the DNS/NIC and the other default rules.

[attachment deleted by admin]

Your Network Monitor should have an In rule for TCP and/or UDP for MIRC, DCC, etc. You have an Out, but I don’t see an In (except your two trusted Zones). Without that In rule with the defined Destination Port that you’re using, your application will not be able to receive the inbound communication. It has to be able to Listen on the port. At present, it cannot.

Also, your TCP/UDP Out rule (Rule ID 4) looks like it has Ports defined. Depending on what those are, it may interfere with general usage… (Edit: Never mind, I didn’t scroll far enough over to see the other “Any”)

LM

Rule 4 is one of the default rules. Not one I put in.

I only put in the DNS and NIC entries, the others were there by default.

I’ll try and put TCP in under network monitor. And see if it works then.

Well TCP In , with any/any/any and the ports for DCC dont work.

WHAT exactly should I be putting in Network Monitor, the above, or something else?

Speedy.

As LM states, you will need TCP IN for port 59, which is DCC. I am also surprised you don’t have an IN rule for IDENT, which also uses TCP on port 113.

Toggie