Every Created Applicaion Rule is to Allow IP out any MAC to any MAC any Protocol

A. THE BUG/ISSUE (Varies from issue to issue)

  • Summary -Every Applicaion Rule is to Allow IP out any MAC to any MAC any Protocol.
  • Can U reproduce the problem & if so how reliably? :
    Yes
  • If U can, exact steps to reproduce. If not, exactly what U did & what happened:
    1:Set the Firewall component to Custom Ruleset.
    2:When the firewall asks to allow or block a connection request, chose allow and click “remember my answer”
    3:Open the application rules and check the new rule added by the firewall for the concerned application. It became “Allow IP out any MAC to any MAC Where Protocol is Any”
  • If not obvious, what U expected to happen:
    This should create a rule for the specific destination IP and a specific port instead of any MAC to any MAC Where protocol is any.
  • If a software compatibility problem have U tried the conflict FAQ?:
    NA
  • Any software except CIS/OS involved? If so - name, & exact version:
    No
  • Any other information, eg your guess at the cause, how U tried to fix it etc:
    This worked correctly for V6.

B. YOUR SETUP

  • Exact CIS version & configuration:
    Vesrion:7.0.317799.4142, configurartion: Comodo-Internet Security
  • Modules enabled & level. D+/HIPS, Autosandbox/BBlocker, Firewall, & AV:
    D+/HIPS: Safe Mode, Autosandobox/BBlocker:Partially Limited, Firewall:Custom Rulesets, AV: Enable Realtime Scan
  • Have U made any other changes to the default config? (egs here.):
    No
  • Have U updated (without uninstall) from CIS 5 or CIS6?:
    Yes
    [list type=lower-alpha][li]if so, have U tried a a clean reinstall - if not please do?:
    Yes, but it was not able to solve this issue.
    [/li]- Have U imported a config from a previous version of CIS:
    No
    [li]if so, have U tried a standard config - if not please do:
    Yes
    [/li]- OS version, SP, 32/64 bit, UAC setting, account type, V.Machine used:
    Windows 7 Ultimate SP1 64 bit , Administrator,
  • Other security/s’box software a) currently installed b) installed since OS, including initial trial security software included with system:
    a=None b=None
    [/list]

[attachment deleted by admin]

I am not quite understanding this report. What is the result you would expect and why do you believe that this behavior constitutes a bug?

Thanks.

In the previous version the application rule added by CIS would be a specific denstination IP and a specific port instead of any Mat to any MAC Where protocol is any.

Thanks. I edited the first post. Please look it over and let me know if everything written is correct.

Thank you.

Sorry for my typo. Please change “MAT” into “MAC”.

Fixed. Does everything now look correct?

What is Alert Frequency set to on your system? That dictates what kind of rules are created.

Thanks to the light thrown by Sanya IV Litvyak. After I switched the setting of the alert frequency level to “Very High”, it works as I expected now.

According to my test, one who prefer to defining the application rules by oneself whenever the firewall inttercept a new conncection request should also deselect the default “Do Not show popup alerts” in order to get the alerts sent by the firewall.

I’m happy to hear that this is Resolved. I’m sorry I didn’t think to ask about the Alert Frequency level. Sanya, thank you very much for that suggestion.

I will now move this report to Resolved.

Thanks.