Firewall can't block Firefox

This all started because I was looking for a way to block s.ytimg from youtube.com. I read here …

https://support.comodo.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=216

that you could block websites using Comodo.

So I try it with no luck so I go bigger and just try to block google.com…no luck…so now I go even bigger and try to block Firefox from connecting to ANY webpage and remove all rules and use a BLOCK All…Firefox still connects to the internet and goes on as usual.

Now I’m getting scared, if I create a Block all rule for Firefox and it still connects how secure is Comodo. Defense is set to Safe and Network is set to Custom.

I’ve been using Comodo for years and loving it but this little thing has me concerned.

I also tried using the Predefined Policy “Blocked Application” for Firefox with NO luck.

One more thing I’ve noticed now is that it blocks HTTPS sites but not HTTP.

I used the default browser rules for Firefox and then changed the “Allow Outgoing HTTP Requests” to “Block”.

Same thing happened, I could hit all websites except HTTPS, I change that rule back to allow and I can then hit HTTPS and still hit HTTP sites.

I also noticed in the address bar of Firefox that for HTTP sites it would not show that, it would show www.dallascowboys.com but for any HTTPS site I visited it would show “HTTPS:/bleeping.com”

Not sure if that has something to do with this. I really don’t want to reinstall Comodo.

Are you by chance also using Avast 7 on Windows 7?

yes I am

Then you will want to disable the web filter in Avast 7.

The web filter creates a proxy that the firewall in CIS is unable to filter properly on Windows 7 due to limitations in the OS. Even the Windows 7 firewall has this problem with the Avast 7 web filter.

After you said that last night I did a search and found that exact info in the Avast forums.

What I don’t like is it seems both parties are pointing the finger at the other for a fix and NOT working together to fix the issue.

I work in IT and this is all to familiar with everyone pointing fingers at each other and nothing getting fixed, but in the end us end users get the shaft. Both are awesome products so work frigging together and fix the problem.

If this keeps up I’ll end up stopping support for both and go with Avira and Online Armor.

I do have Sandboxie and hopefully some common sense to fall back on.

On a side note that does seem like a big hole in Comodo?? So if a program installs on the PC and uses a proxy Comodo FW can’t block it? I noticed you said a limitation with Windows 7 so that is a big arse security hole if I understand that right.

So if any program uses something similiar to the Avast Web proxy or filter it can bypass the firewall…scary…

Thank you for your help :slight_smile:

Here is the post I found on the Avast end if any one wants to take a look

The issue has been extensively discussed in Comodo Firewall and Avast 7.

That topic shows that it is not just CIS being influenced by the new Avast design but also Windows Firewall and at least one other. You will also find suggestions how to workaround with CIS and Avast 7 as well an a more in depth explanation where things collide.

Here is a quote from Egemen, who is the lead developer of CIS.

Hello Guys,

The issue is avast intercepts WEB connections at the driver level and redirects connections to its own local proxy.

Because CIS operates at NDIS layer i.e. the lowest layer of the protection, it sees the actual connection i.e. avast proxy. Normally CIS should have blocked the loppback area connection to the proxy however because of the limitations in Windows 7, it fails.

CIS uses TDI, WFP and NDIS to provide its firewall functionality. WFP maybe enough ti implement an average firewall but it is not enough for a firewall like CFW so that it could not be used alone wihtout the support of the other 2 technologies. Windows 8 allowed us to use WFP more than previous windows editions and it should not be a problem with the next CIS editions which support Windows 8.

Thank you :slight_smile: