Firewall ignoring Application Rule

Comodo Internet Security - CIS Firewall Help - CIS
#1

Hi,

I am having troubles with a Comodo Firewall installation on a Win 8.1. Aim is to block an application from accessing the internet when its not on a VPN connection, I’ve done that for various PCs with V5 worked flawlessly every single time, now i need to use 8.0.0.4344.

  1. create ruleset (IN/Allow/IP DestIP, OUT/Allow IP SourceIP, Block IP), Log activated for all of those
  2. assign the ruleset to program XYZ

When I started the program XYZ, it didnt even ask ‘what to do with this’, so the ‘allow/block/…’ windows at the bottom right did not appear (the program is NOT in the trusted application list)

After I assigned it, its like hot air. Not a single entry in the Log and the program has an internet connection no matter from what IP it is sending.

Firewall is set to ‘safe mode’, what am I missing?

Thanks

#2

can you post a screenshot of your global rules

#3

HIPS is disabled

#4

any help on this one?

#5

You screen cap isn’t clear as to what zone or interface your allowing traffic to egress from.

#6

tell me what screenshot you need and i’ll add it

the ruleset is setup correctly, i’ve done that tens of times.

the problem isnt the ruleset, every condition in the ruleset has activated ‘log’ yet the logfile doesnt show a single entry, no matter if blocked or allowed. it is as if the ruleset is ignored, not wrong.

#7

In Firewall Settings uncheck “Do NOT show popup alerts” and in your custom rule right click on your “Block Rest” rule and move it to the very top above IP In Allow and IP Out Allow. Test it.

If that doesn’t work, then don’t undo the previous adjustments but just set your firewall from Safe Mode to Custom Rules.

#8

done all of that, nothing.

tried unchecking ‘do not show popup alerts’, it did not show the application even after i removed it from the application rules
moved block to the top, nothing
set firewall to custom ruleset, nothing

by nothing i mean that it neither blocks, nor shows any kind of log entry (logging is activated for every single rule)
this is just bizarre, it is like cfw is completely ignoring this program. log file shows some other programs like skype, interestingly tough it is also not showing teamviewer, nor can i find an entry for teamviewer in the application list, yet it is still working - shouldnt be the case either.

earlier i found out that windows firewall was still turned on, i turned it of and tried everything again, still same result

its a absolutely clean win 8.1 pro x64 installation with all updates installed, thats it.