I’m running Filezilla client with Filezilla.exe set as a Trusted Application. All incoming connections from the server are logged as blocked. I cannot even get a remote directory listing (List -a results in Error: Timeout). If I switch Comodo to Disabled, all is fine.
I cannot find a way to allow the incoming passive FTP connection, even though it appears the trusted application setting is permitting all incoming. Could it be because the passive connection means the incoming connection is via a different port?
I’m running Filezilla with it set as a trusted application, which allows all, rather than as an FTP client, so the TCP incoming should be allowed, no?
OS is XP SP2, Chatzilla is 22.214.171.1248
In Global settings, if I delete the “Block and Log” rule from the bottom, below my “safe” LAN rules, it works fine. I’m concerned that turning off this will simply leave the firewall open for applications not otherwise having rules. Is this correct?
LuckyS, what is your OS and Comodo Version. I verified that the latest ruleset I have for FTP Client doesn’t allow passive ftp (connects only to port 21), but please check what yours says. The update may have fixed it in the definition of safe programs?
Now what the heck?
I have checked the rules for Filezilla… The last thing I did was to set it to “Treat as FTP Client” with remember. No rules before specified.
And what do I see? 2 pages of rules for random ports (because of passive I think), an “allow all” rule, a rule for TCP and Port 21 and a rule for UDP and Port 53 (DNS?)
Now where is that coming from?
Is that because I am set to “Train with safe mode”?
There seem to be some anomalies in how Comodo adds in rules for safe applications, differently in .13 vs .14. And I am beginning to think there is a difference between XP and Vista. When I use a new program that requires network access, Comodo generates an “allow all out” rule for it and puts it in the Network Security Policies. That’s it-no block rule, no repeated rules. I then edit it to be a web browser, email client, ftp client, etc as necessary, and add the appropriate block all as necessary. This is not the behavior I got with 3.0.13, where Comodo added a more focused ruleset including a block and log for each application. In my review of 3.0.14 under the main thread, I pointed this out as an issue, in that from a security and maintenance point of view it seems like an undesirable answer. See https://forums.comodo.com/help_for_v3/3014_first_impressions-t16546.0.html;msg113604#msg113604 for comments and picture of the initial 3.0.14 generated ruleset. I imported my custom settings from 3.0.13 and use them instead, including a “block all and log” as the last rule for each application.
For Filezilla, I would get rid of all the extra rules and use the basic rules for ftp:
Allow all TCP out to port 21
Allow port 20 in (active)
Allow all TCP out (passive)
Allow DNS out
Block and log all else
And I suggest you submit the multiple rules as a bug-I don’t have quite the same ruleset issues under Vista. I don’t know whether the “allow all TCP out” I get is a bug or not-as my writeup states, the installation reboot wiped out the global rules and I have nothing but secondhand information on them. The global “block all and log” might be the current approach by Comodo? But I will submit it as a bug anyway.