It would be very convenient for each rule to have an Enabled checkbox (say in the first column on the left), so that individual rules could be disabled without being removed. This would help not only for testing rulesets, but for keeping rules which are only occasionally used (say under special circumstances) disabled, and easily enabling them for a short period without having to recreate them.
Likewise for zone list members and port list members.
Iam a bit sceptically to this… I believe it would be easy to disable a block rule and forget that you did just that… People even disable the whole firewall sometimes and forget they did (even happened to me)… 88) ;D
Also how should a program be threated when you have temporarily disabled a rule? lets say I chose to inactivate file.exe’s allow rule through port 8742 to some IP… When the program tries to call that IP anyway through this port some action must be taken by CIS anyway, allow or block there is none do nothing. The same if I “disable” a block rule. Should CIS ask me? or what did you have in mind…? :)
Iam more willing to see CIS letting us easier change the rules…
Possible a quick click on a rule + some keyboard combo and the block becomes a allow, and vice-versa… =)
Hi Monkey, thanks for the reply and for your thoughts.
If a rule is disabled, it is as if it does not exist. So, if a connection attempt is made, Comodo should act just as if the rule did not exist, and prompt the user.
Kerio has this feature, both for rules and for zones (which it calls groups). It works very well.
I understand your concern. Certainly a user may forget. But, is that any reason to limit Comodo’s functionality? Comodo should be able to accommodate both casual and advanced users. It is already very configurable, but which group of users tends to use the bulk of the configuration options? Is it not the advanced users–those who should know better than to leave something important like a block all rule disabled for any extended period of time?
However, if it is decided that this feature is too risky, I accept that. I’m simply looking to improve the user experience, mainly for advanced users, but without in any way detracting from other users.
May be add the possibility to disable for a certain amount of time for the situation the user forgets he changed it? And also make it possible to have it disabled forever.
:-TU
Or it could detect that there is a Rule, and that the Rule is ‘Disabled’, and ask you if you would like to ‘Enable’ that Rule. ;D
Both excellent ideas!
I’ve just registered to make some wishes and this is one of them. For a long time I used other firewall program which supported such feature. It is very usefull to single-click enable/disable any rule (however I’m sceptic about zone/port checkboxed). Such disabled rule would be ignored. This way we can easily finetune and test rules without the need to switch allow/block. Alternatively there could be option “disabled” beside allow/block/ask (with let’s say gray icon). So my choice is: :-TU
+1 :-TU
Jup a very much missed feature of Kerio
Make it part of an “Advanced” default-off option for uses who like more control ;D