I have been using Comodo Firewall und now CIS for many years, but still have no good solution for this (yes, I searched for a long time):
I would like to have full access to and be fully accessible from my LAN, while getting popup alerts whenever an application tries to connect to the Internet.
So I created a global rule: Allow IP In/out From MyZone to MyZone IP Protocol: any.
MyZone is set to the IP-Range 192.168.3.1 to .255, which is my LAN.
However, I still get popup alerts for LAN connections, for example svchost.exe trying to TCP connect to 192.168.3.2 (my gateway) Port 5431, or svchost connecting via ICMP to 192.168.3.2. If I try to open a network share on one of my other computers, I get an alert that svchost is connecting to 192.168.3.49 on, for example, port 80.
How come that these still appear? The destination is within MyZone, so it should be allowed by the global rule. Or is this the wrong way to grant LAN access?
While in this forum there is a guide describing how to set up a system with full access to LAN and no access to the Internet, there is non for the (slightly) more important scenario that you want to have full LAN access and application-based Internet access.
I would be very grateful for any help. This has been bothering me for years and until now I always ended up by declaring the applications as trusted, which I don’t want to do anymore.