Enable File Sharing Applications like BitTorrent and Emule

I have setup Comodo Firewall for BitTTorrent using a ruleset per the version 12 user manual here (steps (rules) 1-5 for utorrent):

[i]Comodo Internet Security Help Guide

Regarding Rule 5:

[i] Action : Block (Also select the check box ‘Log as a firewall event if this rule is fired’)

Protocol : IP

Direction : In/Out

Description : Block and Log All Unmatching Requests

Source Address : Any Address

Destination Address : Any Address

IP Details : IP Protocol : Any[/i]

Forget for a moment that I don’t understand what unmatching requests means :); With this setup, in a matter of a few minutes, I get thousands of “network intrusion” hits, since according to the guide, logging for these intrusions is on. I have to believe that something is not right with this setup. Please, there has to be someone on these forums who can point out to me what unmatched requests are and how to sort this out properly, because following the official manual seems to result in a sub-par solution.

The guide makes it way harder than it needs to be, all you need to do is create an allow incoming global rule for the port the client is using to listen for incoming connections. As long as the client has a trusted file rating, you don’t need to set a firewall application rule for the application as CIS now allows trusted rated applications to receive incoming connections.

I’m grateful that someone took the time to write a guide. However, maybe time has passed this one by. It looks like the same guide carried over from older user manuals, unchanged.

The client has a trusted file rating and vendor rating is trusted as well. However, client signature is from 2011, and I don’t know if CIS discriminates against old signatures.

I have set up a global rule which allows incoming TCP and UDP traffic to one specific port I have designated in the client. I just came in from a walk and found the client blocked by the firewall. Also there were 10 network intrusions listed. This is after setting up the global rule. And BTW, I have the firewall in proactive mode based on cruelsisters config (HIPS off). I do not know if this makes any difference when it comes to this client.

In addition to the global rule I just created an application rule also, because the global rule alone did not seem to be enough. Then lo and behold, I notice that most of my files seem to have been reset as unrecognized. But the vendor list appears to be unchanged. Might it be related or a separate bug? Something else?

Yes they don’t change much and just use the same text for each new version help guide.

The client has a trusted file rating and vendor rating is trusted as well. However, client signature is from 2011, and I don't know if CIS discriminates against old signatures.
No it doesn't matter, as long as it is set to trusted and the digital signature has not expired or been revoked it will be trusted.
I have set up a global rule which allows incoming TCP and UDP traffic to one specific port I have designated in the client. I just came in from a walk and found the client blocked by the firewall. Also there were 10 network intrusions listed. This is after setting up the global rule. And BTW, I have the firewall in proactive mode based on cruelsisters config (HIPS off). I do not know if this makes any difference when it comes to this client.
Most likely fragmented packets that is common with torrent traffic. Look at the firewall log to see what is being blocked, if both the source and destination ports show zero, then it is fragmented packets being blocked. Also make sure the global allow rule is above any block rules, and just remove the firewall application rule if you still have specific rules configured for the client.

I just opened the certificate and… it’s valid until ‎Friday, ‎July ‎26, ‎2013. So it appears to be expired. So I either didn’t know or just forgot that signatures have an expiration date. But wait- Just looking at the certificate under details tab>properties, I see this: Revocation Status : OK. Effective Date <‎Friday, ‎August ‎23, ‎2019 10:36:13 PM> Next Update <‎Friday, ‎August ‎30, ‎2019 10:36:13 PM>. What is all this? And is a work around still needed such as adding a TRUSTED user rating or…?
EDIT: I looked more into the certificate and found multiple dates scattered about and I do not know how to interpret all those dates.

I cleared the intrusion log, so I will keep an eye out for that if/when it reoccurs. And the global rule was at the bottom, so I moved it above the upper-most block rule. You imply there is a hierarchy or pecking order to the rules based on location in the list.

Yes rules are processed from top to bottom and therefore rules that are above other rules will have higher priority.