Hello!
I don’t really understand how to defining a firewall rule using the direction parameter (, , <IN/OUT>) in connection with source and destination.
For instance: I don’t want to allow a communication between my PC and the world.
First rule:
So I define as source my PC_Address and as destination Any_Address. This means for me, the traffic goes from source to destination. Additional I use the direction parameter in this case, because my firewall can only be on my PC and this is the source.
Second rule:
The second rule is to define Any_Address as source and my PC_Address as destination. This AGAIN means for me, the traffic goes from source to destination and in this case the direction parameter must be because my firewall can only be on my PC which is the destination.
BUT what if I use <IN/OUT>??
Source is my PC_Address and destination is Any_Address. The direction is from source to destination (independent from the direction parameter – or not??) and so only makes sense because I can only configure my firewall on my PC ! What does means in this case? The source is still my PC and the direction is still from source to destination and means I will configure the destination, but this is Any_Address in the world and any firewall in the world….??? :-
I hope it is clear what is my problem of understanding? For me the parameter direction in conjunction with source and destination is a double definition. And I don’t really understand how I have to use them. 88)
I hope anybody can give me a light!
Thanks
melgoth
better firewall = rules better done
For instance: I don’t want to allow a communication between my PC and the world ; click block all
I hope it is clear what is my problem of understanding ? no, solved.
another example is with bitorrent ; another example is allow all ; so there not rules so the firewall becomes useless ;. another can be with a printer or someone else who are using your router …
Hi merke!
Your replay doesn’t help!
I will and need to understand the direction parameter (, , <IN/OUT>) in context or correlation with source and destination. My Problem is NOT to prohibit the communication with the world; it’s just an example to show my understanding problem!!
I beg your pardon if my English is really so bad?
melgoth
you do not understand (same mistake from every forum and every user(s):
If you do want the right answer ; please ask to the right person at the right section ; a short question , clear without ambiguous terms, and not an example with your personality, your problem , with the right technical words :
how do i choose the rules between in out and in/out ? or can someone explain to me how to understand the difference between thee rules ? is clearer and better (according my own point of view) than How to define firewall rules using direction parameter , , <IN/OUT> _ that it means in this context something about a soft or a particular & private will.
and do your own search first ; with your browser on internet , and second ; on this forum _ most of time the answer is solved from an old topic or at least you will find suggestion near of the solution that you are looking for.
and you should have to be open at the precedent answers ( e.g. another can be with a printer) !!!
it’s just an example _ another example is with bitorrent _ to show my understanding problem!! your example is a bad example and “block all” solve it.
I beg your pardon if my English is really so bad? i do not know ! as long as the post can be understood for every one (for instance russia, asia , europe …) … like english language is accepted every where …
at the bottom of the first page on this site, you can be connected also with another comodo forum
you have also geekbuddy and another users ; learning on line is a good idea and i am certain that someone else will give you that you expect …
rules are rules so every firewall forum will give you the answer _
Hi merke!
First I have tried to find the answer inside help and searching the internet! All examples I have found are using any address as source and destination, in which case I understand in/out.
I except that you don’t like my wording. You wrote a lot of sentence without the help what I’m asking for. If you want I can ask again with your wording.
How do I choose the rules between in out and in/out?
So, can you help me now?
Thanks
melgoth
here , button search : How to define firewall rules using direction parameter , , <IN/OUT>
answer number 9
:o
sorry link search has not copy !
https://forums.comodo.com/frequently-asked-questions-faq-for-comodo-firewall/how-to-understanding-creating-network-control-rules-properly-t1125.0.html;msg35468#msg35468
https://forums.comodo.com/frequently-asked-questions-faq-for-comodo-firewall/how-to-understanding-creating-network-control-rules-properly-t1125.0.html;msg35408#msg35408
In and out is not direction of traffic, but direction of connections. If you type google.com into a web browser, it will make an outgoing connection to google.com and although traffic will travel in both directions between the Google server and your computer, it is still only an outgoing connection, that you initiated. Much like making an outgoing phone call to someone.
Unless there’s a particular reason you need to allow another computer or device to make incoming connections to your computer (such as for file sharing or hosting online games), then all connections will be outgoing (I.E. your computer initiating the connections). In which case, you can just use Stealth Ports Wizard to block all incoming connections, and then just concentrate on outgoing connections in Application Rules.
There are two sets of rules in Comodo Firewall, Application Rules and Global Rules. To see how traffic flows through these rules, see the below link:
Global/Application Rule Flow:
Stealth Ports Wizard:
Out is your interest.
IN is someone elses interest.
So, usually you are fine with OUT only.
Thanks to everybody trying to help me, but I’m sorry it is still not clear completely. I think I understand and I understand . But I’m still worry about <IN/OUT> (I’m not sure but I think this can only be useful for an address range).
@merke: sorry about this another example 
If I have a program which I want to use in my private network but I know that this program sends information about my behavior into the internet which I don’t want allow. I would do the following:
(MyPC) has 192.168.1.64 (my pc with comodo)
(OtherPC) has 192.168.1.128 (other PC with comodo)
Programm: Prog
For the Programm I have to define the following rules on ( 192.168.1.64)
Source: 192.168.1.64 Dest: 192.168.1.128 direction: → allow (all other not)
Source: 192.168.1.128 Dest: 192.168.1.64 direction: ->allow (all other not)
For the Programm I have to define the following rules on ( 192.168.1.128)
Source: 192.168.1.128 Dest: 192.168.1.64 direction: → allow (all other not)
Source: 192.168.1.64 Dest: 192.168.1.128 direction: ->allow (all other not)
I hope you confirm with me, that I should be able to use Prog in my private network?
I don’t know how I can use the <IN/OUT> direction parameter in this example, except the case my private network has only this 2 pcs OR it is ok for the whole private network. Then I can define
For the Programm on ( 192.168.1.64) AND on ( 192.168.1.128)
Source: 192.168.1.xxx (address range) Dest: 192.168.1.xxx (address range) direction :<IN/OUT> ->allow (all other not)
So I have defined 4 rules in one rule and this works on both pc – is this ´right? I’m not really sure if this are one of those cases in which <IN/OUT> makes sense or not?
thanks melgoth
please give us a real case for a real solution
your example MYPC / OtherPC / Prog is a very good example.
in/out means they are communicating from a to b and from b to a
@melgoth: sorry about this another example
for example sharing , bit torrent
files are received AND sent _ incoming connection /outcoming connections _ both are allowed.
i do not know if i have understood correctly your example but if you do not want connections from and to internet for a program AND using it on two computer OR only one but the other would be connected to internet and the first not … another solutions exist ; with comodo (block all = deny for this program) or block the port where this program transmit information : so it is not 10 rules ; (i read somewhere that the two computers should have to be configured : i do not agree ; it can be easier and simple) or erase/delete the address on your router of the first computer so it will not permit any more access to internet and using the tools can be interesting which killswitch.
i , i will cheat : i will see where (ip adress & port) try to connect and i will click on blacklist (prohibited site) or i will click on the connection and will choose do not allow.
my problem is that i do not see (visual !) what i have done and if it works ! but i could click on alert and adjust the level to medium and click "do not trust, block, remember my answer …
thanks merke
I think I have a little better understanding now.
If I need to define a source and destination address completely then I cannot use <in/out>
Using my example again:
source: MyPc 192.168.1.64 destination: OtherPc 192.168.1.128 CAN ONLY BE
<IN/OUT> cannot be used because in case of the source is NOT MyPc and has to become destination and for
source: OtherPc 192.168.1.128 destination: MyPc 192.168.1.64 CAN ONLY BE
<IN/OUT> cannot be used because in case of the source is NOT OtherPc and has to become destination
I case of using an address range the source and destination can be ‘switched dynamically’
thanks
melgoth