how do I Grant Access to an "Inbound Policy Violation (Access... [RESOLVED]

LucyRicardo · April 28, 2008, 10:00am

I am running CFP Version 2.4.18.184

The following entries show up in the COMODO Firewall Pro Logs:

Date/Time :2008-04-28 02:10:39 Severity :Medium Reporter :Network Monitor Description: Inbound Policy Violation (Access Denied, IP = 192.168.2.1, Port = syslog(514)) Protocol: UDP Incoming Source: 192.168.2.1:syslog(514) Destination: 192.168.2.101:syslog(514) Reason: Network Control Rule ID = 6

But I do NOT want this Inbound Traffic to be "Access Denied". I want Access to be Granted to this traffic. Specifically, I want an application called WallWatcher to receive this particular Inbound Traffic.

How can I do that?

EricCryptid · April 28, 2008, 11:41am

have you set 192.168.1.1 (your router) as trusted? This can be done on Security>>>Tasks.

Alternatively, you can just create your own rule for it. Just got to the Security Tab and click on Network Policy and then simply add a new rule. Make sure, you move the rule above the last rule.

Eric

LucyRicardo · April 28, 2008, 11:51am

No, I have not set my router 192.168.2.1 as trusted.

I am looking at Security → Tasks
I see:
“Define a new Trusted Application” under Common Tasks
“Define a new Trusted Network” under Wizards

Which one should I use?

EricCryptid · April 29, 2008, 6:10am

Your trusted 192.168.2.1 should be at the very top of the list and be: Allow all IP In From 192.168.2.1 to Any and Allow all IP Out to 192.168.2.1 from Any.

Usually the rule is done automatically by selecting “Define New Trusted Network” making sure that yours is listed there and then at the bottom of that Tasks page there’ll be (I think) Add Trusted Network (It’s been awhile since I’ve used version 2).

Can you screenshot your network rules?

LucyRicardo · April 29, 2008, 6:35am

Thanks Eric. I figured it out.
Under Network Monitor → Network Control Rules,
I did an “+ Add” to add a new rule and then I moved it up in precedence.
Immediately, my syslog entries came right thru CPF to WallWatcher!
Now I can see in real-time what is happening on the Hardware Router.

EricCryptid · April 29, 2008, 7:49am

Great news that your issue has been resolved!

Do let us know if we can help with anything else.

BTW - Have you tried out CPF 3?

Eric

LucyRicardo · April 29, 2008, 7:58am

Not tried CPF 3 yet.
I will soon.

EricCryptid · April 29, 2008, 8:06am

There’s some exciting improvements coming out later this year but it’s quite impressive.

If you’re going to give it a go do read this first:

https://forums.comodo.com/help_for_v3/tip_installing_cfp3_for_the_first_time-t22296.0.html;msg155620#msg155620

It’s some tips for when you first install it so you get the least amount of Defense+ alerts but still remain safe. I’ve been using it for a number of months now.

Anyway, I’ll lock this topic now and mark it as resolved.

If you need it opening again, just PM and online Moderator.

Eric