Hey everybody,
After searching and reading allot around the forum, I still could not answer my question, so I decided to make a topic myself.
I have a problem with comodo firewall v3.5. I’m using XP SP3 professional without any other security programs. I have a build in network card and a Intel 5100AGN wireless card with the latest proper installed drivers.
These are my global rules (the nr’s are the ID’s)
0 block + log ip in source adres: any, destination adres: any ip details: any
1 allow tpc/udp out source adres: any, destination adres: any sourceport: any, destinationport: any
2 allow tpc/udp in source adres: any, destination adres: any sourceport: any, destinationport: 4000-4010 portset
3 allow ip in source adres: lan, destination adres: any ip details: any
4 allow tpc/udp in source adres: any, destination adres: lan sourceport: any, destinationport: msn port set
‘lan’ is a network zone with a range from 192.168.1.10 till 192.168.1.255. Programs I trust are given the ‘trusted application’ rights, others are blocked or are given outgoing only. My pc’s at home get a ip in the 192.168.1.x range. This all works well, no problems at all. But when I use my laptop’s wireless outdoor I get a problem. For example, when I use the wireless at my school I get a ip in the 145.x.x.x range. My laptop gets the ip without a problem, but after that all communication is blocked by comodo. When I disable comodo all my internet traffic gets going again. I have this problem on any wireless network. I uploaded a part of my firewall log to:
I’ve got two questions:
Are my global rules causing this problem, and if so what can I do to correct it?
Is the way I use my global rules and programs rights as I described save?
I have quite some knowlegde of computers, so don’t have to explain basis things to me (just to save you guys time :P). I hope some one can help me with this, thanks in forward!
I cann’t understand why you are able to work anywhere! “Block+Log IP IN ANY ANY ANY” - first Rule and should BLOCK EVERYTHING!!! - sorry, to fast overview from my side =)
anyway, Rule #3 is overtaken by Rule #0. So Rule #3 is never applied to any traffic! Also #2 and #4!
So I suggest you to check you vision of creating and ordering Rules.
But also Rule #1 should work (no matter home, school, or any WiFi spot =) ), so I cann’t understand this strange behaviour.
I think you see the rules in the wrong order, rule 0 is the one that’s in the bottem in comodo, rule 1 is above rule 0, rule 2 above rule 1 and so fort.
Ok, my mistake =)
So the right order of Rules (As they appeare in Global Rules List)
4
3
2
1
0
Is it right?
Anyway, when you are in school (145.x.x.x)
Only 3 Rules applied:
2
1
0
By them you:
allow Incoming to ports set 4000-4010
allow any outgoing
Block all other activity
So, any Internet Browser should be able to go to any site…(if it is outgoing or trusted)
I can only suggest you for now add Loging to Rules 2 and 1 and take a look to Event log. If there will be any rows with allowed activity, then your rules works fine. Just try it on Web Browser for example and for logging.
Also describe Firewall Mode you are using now. And do you receive any alert in school during any started by you network activity.
That ip wasn’t mine, it’s a ip I acuired at my school. Not my home ip and dhcp so not dangerous. Also I put a ‘x’ in the second digit of the log I will try your allow log method
I will try your allow log method