Global Rules not being applied?

I’m very new to Comodo and having some trouble with Global Rules. I added a Global Rule for DNS lookup, essentially allowing out UDP port 53 to my DNS server. But I still get application popup from Comodo for every application wanting to do a DNS lookup!

I have Firewall set to Custom Policy, D+ to Clean PC

I’m also using Firewall Alert Settings to High so I can control ports apps use.

For some reason the Global Rule for DNS lookup is being ignored. How can I fix it so it is not ignored but I can still control the other ports an app uses? Thanks!

You still need to add the “allow DNS out” rule for each of your applications-you should be able to do it in the predefined firewall policies for web browser, email client, ftp client if you are using them, but will need to add it separately for other applications. The Firewall looks at the application policy before the global policy for outbound connections.

Ah that’s an interesting design. I’d have thought Global would come first to avoid just such a thing. Not really much point in having the global DNS rule like I have then if apps still get the popup about it…

Global is looked at first for incoming connections, last for outgoing connections. For another view of global rules see https://forums.comodo.com/help_for_v3/an_alternative_to_global_rules-t17138.0.html;msg117356#msg117356 . I don’t use them, for similar reasons. :slight_smile:

Global rules don’t make much sense when you allow something, since you have to do it twice, allowing it again on the application level. But they do make sense when you block something, since it applies to all applications at once.