How to create an ASK rule for an IP address in a browser

Mvzfka232 · February 4, 2013, 11:36pm

How to create an ASK rule for an “IP address” OR “IP range” in a browser

example:
Firefox, rules:
1st: copy from predefined rules> Browser
2nd: an IP or IP RANGE to be asked when requested by browser.

Q: HOW TO DO THE 2nd Part with keeping the 1st part working?. (rule up or down) + (how to).

The goal is to get asked (Comodo firewall notification) when the browser’s addon try to connect to its database server.
I’m using comodo firewall on custom policy.

Radaghast · February 5, 2013, 12:38am

You should be able to create the following - either modify the pre-defined browser rule or create new:

Application Name - YourBrowser.exe
Action - Allow
Protocol - UDP
Direction - Out
Source Address - ANY
Destination Address - Your DNS server(s) Address
Source Port - ANY
Destination Port - 53

Application Name - YourBrowser.exe
Action - Ask and Log
Protocol - TCP
Direction - Out
Source Address - ANY
Destination Address - The IP address you want to ask for (you could use a range too)
Source Port - ANY
Destination Port - Port set HTTP ports

Application Name - YourBrowser.exe
Action - Ask
Protocol - TCP
Direction - Out
Source Address - ANY
Destination Address - ANY
Source Port - ANY
Destination Port - Port set HTTP ports

Depending on your browser and firewall settings, you may need loopback

Application Name - YourBrowser.exe
Action - Ask
Protocol - TCP
Direction - Out
Source Address - ANY
Destination Address - 127.0.0.1
Source Port - ANY
Destination Port - ANY

When using the port range, if the site you’re trying to ask for as IP addresses that overlap with sites you generally allow, for example cross domain requests, you’ll get alerts.

Mvzfka232 · February 5, 2013, 1:55am

thanks for the fast reply…

A.Should I add them below “the pre-defined browser rule”?
B.create new??? you mean:
create new rule then add"the pre-defined browser rule" then add your rules.

“the pre-defined browser rule” are in order:
-Allow Access to Loopback Zone
-Allow Outgoing HTTP Requests
-Allow Outgoing FTP Requests
-Allow Outgoing FTP-PASV Requests
-Allow Outgoing DNS Requests
-Block and Log All Unmatching Requests
-((THEN your rules here or where and/or should i delete some of the above))??

C.my dns server ??? i am a noob in this, and btw I have work and home and friends house > so many different IPs addresses and so many DNS.

D.This is way too complected to me, some people say it is easy by host file, but i think comodo can do that.

Thanks again but I am not expert in this… and sorry for the long reply…

Radaghast · February 5, 2013, 2:34am

Which version of CIS are you using?

Mvzfka232 · February 5, 2013, 3:51am

COMODO
Firewall

Product Version: 6.0.264710.2708

Radaghast · February 5, 2013, 5:09am

There are a couple of ways you can do this, the easiest is to just edit the exiting pre-defined web browser policy and add the rule to ask. To do this:

Open CIS
Navigate to - Tasks\Firewall Tasks\Open Advanced Settings\Rulesets
Right click on Web Browser and select Edit
In the Edit window right click and select Add
Create a new rule:

Action - Ask and Log
Protocol - TCP
Direction - Out
Source Address - ANY
Destination Address - The IP address you want to ask for (you could use a range too)
Source Port - ANY
Destination Port - Port set HTTP ports

Select Ok
Right click on your new rule and select Move up
Move the rule above the existing rule for HTTPPorts (see image)
Select Ok

Your existing Web Browser firewall application rule should be updated with the new settings automatically. When you no longer need the rule, simply edit the Web Browser policy and remove it.

[attachment deleted by admin]

Mvzfka232 · February 5, 2013, 6:39am

Thanks a lot, why didn’t you say that from the start.

Simple, easy, and direct, exactly what I was searching for.

Thank you so much for your help, really appreciated.

 :D :D :D :D :D :D

GO Comodo