Global rules active when firewall set to disabled?

I just made the experience that the global rules seem to be active even when CFP is set as “Disabled” via tray menu. I had an eMule issue and it did work only after I created the missing rule in the global rules. To find the culprit I usually switch off the firewall for an instant and if it works then I know that I misconfigured the firewall.
However in that case disabling CFP did not help which led me to searching the error elsewhere.

Is that true that the global rules are always active? If so, what’s the rationale for that behaviour?

Best regards

I agree with the OP weaker on this thread. Any firewall needs some sort of a TOTALLY OFF SWITCH for diagnostic purposes.

And that at user risk diagnostic is defeated if any part of the firewall remains on. After all, comodo should not expect a user to totally remove comodo and all its directories from their computer to attain the same end. But I know for a fact that putting the firewall on disabled does not totally shut it down. And I saw a lot of evidence that that selecting exit and then agreeing to shut down also leaves parts of the firewall still active. I also saw some evidence that CPF3 can even be taken off the start up list at boot time and parts of it are still active.

Can anyone from comodo clarify if there is (a) An easy way to shut the firewall totally down for a quick test and then turn it back on rapidly. (b) And if not, why not?

You can easily check that. Create a global rule that would block all in/out IP traffic, place it on top of the list. Apply. Internet stops working. Set the Firewall Security Level to Disabled. Internet works again.

So, no, Global Rules aren’t active when the Firewall is disabled.

While MaratR may have a point about global rules, but it still ducks the total firewall off question.

Because I can set the firewall to disabled but I still get CPF3 alerts. Therefore, some part of the firewall is still on. And could be blocking some traffic regardless of what name you give that blocking.

Hmm, that’s interesting. Osage, can you give an example? What kind of alerts do you get? Are they Firewall alerts, like some application trying to establish a connection?

You’re probably getting alerts from D+ and not the firewall.

Toggle may be right and I suppose its a testable hypothesis because anyone could turn off both D+ and set the firewall to disabled to see if the alerts go away. And come back when D+ is turned back on.

But sadly, probably means little in terms of definitive. Hopefully someone really expert on exactly how CPF3 is programmed can get the question answered with certainty.

In terms of the MaratR question, I do not exactly recall what alerts I was getting, but I suppose I can re test at some later date. But all in all, I think its better to get some definitive answer from someone at comodo who understands how CPF3 is programmed.

AFAIK cmndagent (not sure of actual name as I’ve had to remove CFP) is still running as a service. Stopping it isn’t allowed.
If I want to stop a FW completely I usually shut it down on the R-click then stop its service, but CFP’s keep running.

It’s a good security measure, as aFW that can just be turned off…!