Hello,
I do not want to start off on the wrong foot to sound as if I am trash talking a fine product. I am sure these issues can be worked out I just have not been successful yet.
I have DSL with SBC and it uses a Speedstreem 5100 Modem.
I have tried to add every possible IP I can see to the Zone option. I have tried to add permissions to everything I can see connected with my ISP to allow through the other options I can find.
I have thought my problems were with the DSl Service and have been on the phone with different tech levels and had a Phone company repair person here to check the problems.
I now see that The only way I can connect to get online is to disable the firewall as it is is now. I have also learned that if I do turn this firewall on while I am connected that I will be disconnected immediately.
I have tons of log reports just from today about blocked connections. Problem is that everything it is blocking is my cokmputer, my DSL service and my Modem. That is all that has blocked and I have been fighting this for ovewr a week with most of the day spent trying to solve the problems. Unsucessfully.
Thi8s is just a short example of what it is refusi8ng to accept and I have made zones using these IP #.
I guess I can not insert a screen shot of what I am talking about. I tried and failed.
Is there anyway for this to just simply recognise the operating IP’s of my computer and ISP connections as friendly? The modem is the typical 192.168.0.1 and the other Ip of connection are also typical.
I am begging for help if any is available.
I imagine just this brief o0nline action with no firewall has already attracted many vermins. I will be checking as soon as I get off line.
To help us get to the bottom of the problem, can youplease post your firewall logs here, so we can see what CFP is doing/blocking.
To do this, open CFP and click ACTIVITY - LOGS.
Do a right click inside the logs window and select “Clear all logs”.
Now, with the firewall active, try reconnecting.
When it fails, change the firewalls settings to “Allow all” and try reconnecting.
If this connects successfully, wait a few minutes and then set the firewall to “Custom”.
If this disconnects you, open CFP and got to ACTIVITY - LOGS.
Do a right click in the logs window and select “Export HTML”.
Give the HTML file a meaningful name, ZIP it and attach it to another post.
You can attach files to a post by clicking the “Additional Options” link under the text entry window.
This log file should now show us (i)normal activity, (ii) failed connection with firewall active, (iii) successful connection with firewall deactivated and (iv) disconnection caused by firewall activiation.
The answer’s going to lie somewhere in all of this.
Here is my attempt at posting the log files from just this early morning.
If it posts you can see by the times which was first.
Currently I am with no active firewall becuase it will not allow any of my or my ISP or modem Ip’s to get through it. There isa only one IP I am not sure about in these log files. It begins with 255.
The first thing I noticed in your logs is that you are changing things mid-diagnostic. The section below in green is from your first logs at 8:31 AM. The section below in blue is from 3:03PM. As you can see, they are referring to the same blocked outbound access, but the first is stopped by rule 8 and the second is blocked by rule 12.
??? ??? ???
What have you changed and why?
Date/Time :2007-05-14 08:31:39
Severity :Medium
Reporter :Network Monitor
Description: Outbound Policy Violation (Access Denied, IP = 169.254.255.255, Port = nbdgram(138))
Protocol: UDP Outgoing
Source: 169.254.175.36:nbdgram(138)
Destination: 169.254.255.255:nbdgram(138)
Reason: Network Control Rule ID = 8
Date/Time :2007-05-14 15:03:50
Severity :Medium
Reporter :Network Monitor
Description: Outbound Policy Violation (Access Denied, IP = 169.254.255.255, Port = nbdgram(138))
Protocol: UDP Outgoing
Source: 169.254.175.36:nbdgram(138)
Destination: 169.254.255.255:nbdgram(138)
Reason: Network Control Rule ID = 12
Can you please revert back to the ONE configuration, leave this config alone for the duration of hte diagnostics, repeat the steps outlined for exporting the logs and repost here. If possible, can you post in a single file, rather than 5 separate ones, as it makes it easier to “read” the flow.
We do our best, but it’s hard to hit a moving target.
How can I post into a single file if I am clearing the logs between each test?
It looks like the times are very bogus. It is only now 8: 28 am here. I t`hink that I found the clock error while I was doing this and changed my clock.
Ok I understand the sequence you want logged. I do not understand how I can save them without saving them in separate files though? There is something I must not be understanding yet.
The IP numbers of those beginning with
70.248
&
192.168
&
169.254
&
66.140
&
207.155
Are all from my computer or dsl service or modem. I have already set up Trusted Zones for those Ip ranges but it must not be working right or I did it all wrong. I havew also granted permissions to everything affliated with either SBC or Yahoo or the Work Program which is the DSL setup software.
I only wanted the logs cleared ONCE, at the start of the process and then export once at the end of the process… That way, we capture what is happening in one stream, rather than having to try and do a Vulcan mind meld on five files.
I can’t see how you can tell anything by this, but you for sure know more than I. When the firewall is set to custom configuration it will not connect so the attempts will all look the same.
When it is set to allow all like it is now, I can not see any log entries made.
When I change it back to custom it then is logging the connections it is refusing. I had to make it to allow all before I could get back online again to come here.
The times are really bogus. I have not yet tried to find out why, I have not chnaged them though, like I did before.
In these logs it looks like every attempt was done with the IP of the Modem of 192.168.0.1
If you can see in the other post it is not always using this ip to connect with. At times it is connecting with the 70. IP and the other Ip’s I have shown. It is not always sending the Modem IP in, At times it is using the other IP’s I posted.
The other odd thing, apart form the time issue, is the fact that the green section shows an action being blocked by rule 8, yet, in the blue section, the same actoin is blocked by rule 12.
Have any rules been added? Has the order of the rules been changed (i.e. been moved up or down the list)?
No Sir,
I have not done anything to the firewall except to move the security level since we have begun talking and you trying to help me. Right now there are tons of logs.
Before I began talking with you I did set up what is called Zones using all of the known IP’s I have seen my comouter use to connect with. I also granted permissions to DSL company and all their software, and all my known programs that are good to connnect. I did that through the application, componenet and network monitor sections. I tried to set up trusted zones also.
Obviously I am missing the boat somewhere.
I am not about to give up on this Firewall system yet. Just becuase I can’t yet figure the nuances of it, to me only means it is really high tech with tons of capabilities.
If you are in the USA and if it would be Ok, I could phone to you and maybe you could help me better. I do understand everyone’s needs for privacy though. I will be very happy to PM you with my phone number and any personal info if that could help any at all.
Would it be any easier if I were to send screen shots to you? I know how to save them into a RTF format but do not know how to save them in any other format. I am willing to do or try anything you tell me. I really appreciate your time and compassion of my needs.
Maybe what it is that could be showing as something different is that after I lose connection it is really tough for me to re-establish connections again.
In each test I have tried to do the same thing. I first try to acess my Modem Connection page. Next I try to access the internet using IE 7 and last I try to access the internet using IE 5.
When I am disconnected, I have to at times go through different proceedures to get it to re-connect.
Thx again for your patience and compassion,
ReQ
PS;
I just noticed that my clock is again wrong big time. I have reset that clock several times today. Now it is supposed to be 2:04pm tommorrow. I will have to figure that prob out later. So I guess it is tough to go by my times in the logs.
I really do apprecite the time and efforts that Panic has taken to try to help me with my problem. I also know that he has other things important to do or maybe not able to return here, or a million other things which do happen to us about the internet and our real lives.
Has anyone else any idea of what I can do about this? I guess in a worse case I can un-install this and go back to Zone Alarm or something. I was really hoping to get this one to work for me.
Having to disable all of my firewall in oder to get connected like it is now, just does not appeal to me. Having to find and to chase down all the pesky bugs that come in while my door is wide open is not a fun chore either, but for now that is what I have been having to do. Last time it was several hundred of bugs in the wild that I had to chase away.
I am still hoping we or someone can help me make this work.
Sorry I haven’t been able to get back to you (and to the others that may be left temporarily hanging), works a bit nutty at the moment.
Unfortunately I’m in Australia so a phone call woudl be a bit prohibitive, but I haven’t given up yet. :-\
It’s really odd that the one action was trapped by two entirely different rules.
To follow Little Mac’s lead in another post, it may be time for you to disconnect from the internet, uninstall CFP and reinstall, just so we are back at square one. If you do decide to go this route, during the install, just take the “Automatic” option, so it builds the basic ruleset. Once it’s reinsrtalled and you have rebooted, try connecting and see if it holds the connection.
I willo uninstall this firewall completely and re-set all register entires so it is fully gone, re-boot and come back here to re-load it agin and will set up to default settings first.
I will run the previous tests without me installing one rule or zone and will come back shortly with new test shots.
Thx.
By the way, There is a member named Panic on a racing forum I am moderator on with a different nick. Are you he?
There I am Ed-vancedEngines.
Ed
Un-install completely and re-install at automatic settings helped tremendously. Right now I am here under the umbrella of protection of the Comodo Firewall.
Many things are still going on that I can not yet understand. Even though it is staying connected there are still many advisories in the logs that are still showing the connection was refused to my known safe Ip’s my DSL and to ports I need.
With no programs running it does still show my safe programs as alerts and problems. BUT it is also refusing connections with Ip’s and programs that I know nothing about.
Next problem is that when I connect to P2P programs the firewall is detected and will not pass through.
The two main ones I try to use is Shareeza and eMule. I have tried to set up permissions and I have not yet been sucessful. I have been doong this since 1994 and was sure that I knew at least a little bit about most computer problems connected with internet. Nope!. I am hard headed though and am determined to figure this thing out.
Once I get it all figured out I will be posting this to a ton of websites if you are wanting exposure you will get lots.
Thnk you Panic for all you have done and have tried to help me.
