How to allow file and printer sharing ?

Help for v2
#1

Hi every one

I’ve spent over an hour to allow f&p sharing bypass the cpf 3 but it’s just not working .

192.168.0.100 is my ADSL modem and I’m connected to lan by ADSL too . ( modem has to ports, USB to my PC and lan port to my local area network )

I defined a network zone from 192.168.0.1 to 192.168.0.200 named LAN.

in global rules I defined the rule that allows all in and out ip protocols from any kind when the source and destination ips are in LAN zone.

it didn’t work.

again in application rules I defined the same rule for SYSTEM and I didn’t work too (:AGY)

when I disable the firewall everything is fine but it’s impossible the connect to a network drive when it’s active.

So can you tell me how to allow file and printer sharing pass the CPF ??

#2

I have just the same problem.

Dit you already solved the problem?

Thanks

#3

I have the same problem. Is the a bug in the program??

I also had this problem with Norton thus that why I changed to COMODO.

What I don’t understand is if I uninstall Comodo or when I uninstalled Norton my file sharing worked just fine.

I added the computer IP into Home Network as instructed in the instructions.

This sound as if we all are having the same problem.

#4

This was a diffecult thing to solve. But I got working it.
First I opened Comodo firewall and searched for the log files. These where heard to find.
Choose firewall and press for Firewall events:

Now you see all the incommin traffic which is blocked. Just clean this log and do an open attemp from the remote computer. Now you see the port and IP adresses which must be configured to allow remote printing.

I did it a locng time ago so I have to dig deep again.

If you need more I will dig deep

Kind regards,

Richard Meijn

#5

As far as i am concerned (CPF 2.4, windows 2000 sp4 Netbios/TCPIP LAN), you need to allow TCP/UDP, ICMP (for ping) and IP both directions for the trusted zone in the network control rules, and to set explorer, rsvp and svchost TCP/UDP both directions in application control rules.

Note that it would be enough to limit the ports to 135-139, but that has no importance as long as these opened ports stay in the trusted network zone.

#6

Brucine,

Thanks for your answer but when I read it it’s not so cleare for me where and how to make these settings? Could you explain how to make the settings you descibed?

many thanks,

#7

I remember i am speaking of Comodo 2.4 (win 2000 won’t allow version 3)

Be sure, first, of a trusted zone.
Go to security, task, add/remove zone:
your driver must be recognized in the lan zone,ie: 192.168.0.0-192.168.0.255.
Some applications also require you to allow localhost (127.0.0.1), but i am not sure comodo supports 2 trusted zones (kerio does), and you would in such circumstance have to make a rule for the 127.0.0.1 port.

Go to security, network monitor.
I have 3 rules: TCP/UDP/In/Out, ICMP/In/Out, IP/In/Out.
Each is allowed for everything you can (TCP, UDP, ICMP, IP, In, Out, Any) excepting the destination ip, ONLY the lan zone.

Now, go to security, application monitor.
you must have or create (under win2000 and probably xp) rules for explorer.exe, rsvp.exe, svchost.exe, and maybe system.exe.
Each of these executable can be browsed under \system32 and is, on the same behalf, allowed for TCP/UDP/IN/OUT ONLY for the destination ip-destination zone being the lan zone.

It would be sufficient, if one doesn’t want to use the lan zone, to specify as destination port not “any” but the range 135-139 for a netbios share.

Of course, the same parameters must be applied to every shared pc where comodo is installed.

I have a brand new installation of comodo, i have shared printers, but i did not yet test if the firewall allowed them; let me know of any problem about this last question.

#8

Thanks your answer is very helpfull. :BNC
I’m working with version 3.0.13. The settings for the trusted zone is almost the same.

Kind regards,

Richard

#9

I am, i also wrote it, a newbie at Comodo.

The parameters works for my configuration (ethernet lan under a DSL modem-router and switches, windows 2000 sp4, Netbios TCPIP), but it was quite a hassle to set up, most of it relies on ICMP and rsvp, because one does not think about it.

I also tested this evening for print sharing…which in first instance did not work because i recently formatted the target pc and forgot to share the printer: when done, it works with no specific comodo parameter, and if assumed you have administrator rights for the shared printer.

But, when you have the time for it, give me the feedback: does it work for you?