Here’s a novelty. As you can see from the alert, if a rule exists it won’t allow another. Persists after a reboot too.
[attachment deleted by admin]
Try this one.
Disable the behavior blocker. Make sure you are in Proactive Configuration.Enable just hips like you said. run the Comodo Leak Tester.
Hips should ask you allow or block for every test, make sure remember this action is unchecked for every question go through the whole test. you will get a 340/340.
now go look in the hips rules and you should find a custom ruleset defined even though i didn’t check remember for a single question. change all of the ask to block and you have an automatic leak test pass. If you run clt.exe as limited or as administrator. It passes the test fast too. Do you have any other files or tests to see if hips just creates rules even though it’s told not to when it asks?I hope it’s just not unique to CLT.
I don’t have a third pc to try this on and i don’t know if just configuring it over and over created the magic leak test rules on two pc’s or?!
CIS managed to do the above all by itself. The only thing I did, remove the default firewall rules and reboot.
So what you are saying is you deleted the default firewall rules. rebooted and it created two sets of new default rules and argues with it self constantly?
Pretty much, only it seems quite happy with the duplicate rules! Diagnostics doesn’t complain either.
Oops! it did it again! Different PC, different installation, different program.
<PolicyItem UID="{E09DB2E4-45F0-4099-B7E2-0796392C6204}" Flags="0" Filename="C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE" DeviceName="C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE" LastID="2" TreatAs="">
<Rules>
<Rule UID="{D5EC58AA-4920-422F-B42C-CB9A78B14E74}" Days="127" StartHour="0" StartMinute="0" StopHour="0" StopMinute="0" ID="1" Protocol="6" Action="2" Direction="1" Description="">
<SourcePort Type="8" SetName="" PortType="8" PortStart="0" PortEnd="65535"/>
<DestinationPort Type="8" SetName="" PortType="8" PortStart="0" PortEnd="65535"/>
<SourceIP Type="4" Name="">
<Address Type="4">
<MAC AddrType="8" MAC="000000000000"/>
</Address>
</SourceIP>
<DestinationIP Type="4" Name="">
<Address Type="4">
<MAC AddrType="8" MAC="000000000000"/>
</Address>
</DestinationIP>
</Rule>
</Rules>
</PolicyItem>
<PolicyItem UID="{E09DB2E4-45F0-4099-B7E2-0796392C6204}" Flags="0" Filename="C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE" DeviceName="C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE" LastID="2" TreatAs="">
<Rules>
<Rule UID="{D5EC58AA-4920-422F-B42C-CB9A78B14E74}" Days="127" StartHour="0" StartMinute="0" StopHour="0" StopMinute="0" ID="1" Protocol="6" Action="2" Direction="1" Description="">
<SourcePort Type="8" SetName="" PortType="8" PortStart="0" PortEnd="65535"/>
<DestinationPort Type="8" SetName="" PortType="8" PortStart="0" PortEnd="65535"/>
<SourceIP Type="4" Name="">
<Address Type="4">
<MAC AddrType="8" MAC="000000000000"/>
</Address>
</SourceIP>
<DestinationIP Type="4" Name="">
<Address Type="4">
<MAC AddrType="8" MAC="000000000000"/>
</Address>
</DestinationIP>
</Rule>
</Rules>
</PolicyItem>
</PolicyItems>
[attachment deleted by admin]