firewall rule is blocking more traffic than I want

I have a rule set up to block traffic from a lan computer whose address is 192.168.1.102, it’s blocking the traffic fine but its not just blocking traffic from that computer but the other ones as well. The rule i have set is “Block and log UDP In from IP in [192.168.1.102 / 255.255.255.0] To IP Any Where Source Port Is Any and Destination Port is Any” If i clear this rule I have no traffic issues with the other computers. I don’t get why its blocking all UDP traffic to my computer, when I only put the ip address 192.168.1.102. Can somebody help me out, thanks.

Hello DedRat,

The 255.255.255.0 is the “problem” here change that to 255.255.255.255 to match only this host, or change the rule to “single ip” and put the 192.168.1.102 in it, then it should only block that host.

Your rule now blocks the whole 192.168.1.x network because of the .0 on the end of the subnet.

I changed it to 255.255.255.255 and it works correctly now, but what i don’t get is why comodo firewall didn’t add it like that. When I was prompted with an alert to block udp traffic from 192.168.1.102, I denied it and comodo added it with the 255.255.255.0. It just seems like comodo firewall should add the rule so it blocks only the ip address it shows on the alert, instead of the entire network i’m on.

Could you check the following for me, go to firewall, advanced, Firewall behavior settings.

Where’s the slider on security level ?

go to the tab “Alert settings”

Where’s the slider on Alert Frequency level ?

I have the security level on custom policy mode, and alert frequency level on medium.

I’ve tested this, even with settings at Very High, i get this result.
Block rule on host ip with network subnet 255.255.255.0.

I would consider this as a bug, and will file this in bug reports.