I am satisfied with CPF despite some minor matters which I am sure will be worked out in due course.
The only real problem I see is that my installation consistently fails the pcflank leaktest with default settings. I don’t know if I inadvertently allowed something that I shouldn’t have, but the result persists and I can’t figure out how to undue whatever I did that allows the leak.
I posted this problem in a different thread but so far have not gotten any response.
G’day,
CPF can, and does, pass the pcflanktest. Have you reported this failure to support@comodo.com? I’m sure they’d love to discover an instance of the firewall failing!
Ewen 
Very little , IF anything , needs to be done to pass the quick test . Other than the cookie and referrer part . That will be bad as CPF does not cover those things at this point .
My CPF also fails the browser referer part of the quick test at pcflank.
I will be sure to pass these findings on to sthe support team.
Blocking referrers would be nice, but it does not really bother me.
I would like, if Comodo would get some systray icon, since it has none.
Creating rules could be made a little clever, I have no control about anything.
Lets say, that I want to create rules, none of them does not make sense at all.
G’day
Have a look at www.embsolutions.com.au/cpf_rule/index.htm.
This is a basic flash tutorial on how to manually set up rules in CPF. For some reason, it works if you view it in IE, but not in FireFox (Go figure ?!?).
It’s worth getting your head around how the rules work. Once you get the hang of it, it’s not that hard and will benefit you in the long run. If you can get your head around this, you’ll have all the control you need.
Hope all this helps,
Ewen
I wished, I would not have flash disabled. 
My point is, that lets say I want to create a DNS rule, to allow UDP IN/OUT, port 53 and 2 DNS webpages, well it is not possible. Then DNS queries would not need to be monitored. Or when I want to create incoming port for bittorent client. Yes, I know, I did it in Network Control, but I would like to create this rule just for one aplication, not for all, otherwise I could use router.
The Launch Pad (CLP) has a sys tray icon and all functions can be accessed through it. If you don’t see it check whether the task bar properties aren’t set to hide inactive icons.
CPF does use a form of adaptive stealthing. When a network monitor rule is created, any referenced ports in the network rule are only opened on demand. As DNS is not an application per se., I don’t see how you could create an application rule for something that isn’t an application. Re. bit torrent, there are several FAQs and tutorials on how to set up P2P client-type apps.
Hope this helps,
Ewen
OK, I understand. Thanks for explanantion. I am just too acustomed to a rule based firewall I used for 3 years, well that is my problem. To get to firewall settings via Launch Pad, I have to right click - Personal Firewall - Open, it takes about 2-3 seconds, so I created shortcut to it (1 click, 1 sec). I also disabled Launch Pad, because it takes about 5 MB and actually does nothing, but then I do not have any icon in systray. It does not really bother me, I just miss it.
I gave CPF a 5. I haven’t had one issue with the firewall itself. I love the look and feel of it, the smooth running unlike others. I have had no port, program or any other blocking issues with this firewall and continue and will ALWAYS continue to use it. After using ZA for years, it’s like going from a Pinto to a mustang. It’s one of those programs that just become a part of your PC, like it was made there. Gotta love it.
Paul (B)
Like many others before, I went through several (free of charge) firewall products, before settling on CPF. ZA couldn’t handle my proxy connection (I use the so called High Speed Dial-up set-up via PropelAC by 3web), and Kerio seemed to co-operate perfectly with every program, but turned out to be sensitive to certain leak-tests. PC Magazine’s great review brought CPF to my attention and after reading the comments in this forum posted by many of the happy (and unhappy) users, as well as the excellent support provided by Comodo and its CEO, I decided to give it a try - I’m glad to say without any regrets whatsoever.
I’m still using the last stable version of CPF (2.2.0.11) and although I’m experiencing a really little glitch when using Sandboxie, I give CPF a 5 because I know whatever the issue is, it is going to be acknowledged, addressed (by Comodo or a member of this forum), and sooner rather than later resolved. BTW, part of the problem with Sandboxie was resolved by its creator in the last version of it (2.5) - the “Start” error message, and the only thing that I experience is the recurrence of the 2 Allow/Deny windows (without the checkmarks on it) when Sandboxie is trying to open Firefox. I tried to play with the Application Monitor settings to allow all activities and skip security checks whenever this event happens, but without success. I think I read in some thread that this issue is being considered and that even a Comodo-made Sandboxie is in the works!
Is this little problem maybe resolved in the some of the CPF beta releases? I could, of course try to do it myself, only I read somewhere that there’s a problem uninstalling this version of CPF because of the installer used - must I uninstall this version first or can I install the latest Beta on top of it? Please advise - it could save me from having to go to an earlier restore point when the time comes…
Choosing a free firewall, was between ZoneAlarm and Comodo. I chose Comodo because is looks nicer and aesthetics are important. Also ZoneAlarm Free has advertising about the paid version.
The thing I’d improve, Comodo seems to have more application Allow/Deny internet access than other firewalls, including duplicate alerts.
Hi,
Don’t worry these problems are being fixed and more applicatins are being added to the Safe applications list. Why not try the latest beta? Find it here https://forums.comodo.com/index.php/topic,1216.0.html
Hi,
Regarding the 2 Allow/Deny windows, I think it is the different components of Sandboxie that is trying to access the Internet. Or perhaps it could be a single component trying to do 2 different tasks that is related to the Internet. I don’t use Sandboxie but I do get a double window for other applications that try to connect to the Internet, such as Outlook Express. Hope this helps.
Yours truly,
DoomScythe
Hi I just installed this app and so far it is great. I love it!
I use Tiny Personal Firewall but I am seriously considering to migrate to Comodo Firewall.
TPF 6 is really good but it is quite complicated to maintain and it is abandoned by its authors. And I have a HIPS that takes care of the most advanced issues anyway.
Comodo was fairly easy to get started with. Some strange popups, but that might be me not yet fully understanding this program.
Comodo uses quite a lot of memory, but I understand that this issue is known and are gonna be adressed by the author (I have plenty of memory so it is not really a problem)
Comodo does not slow down my system at all and I love the fact that I can choose wether I like to have antivirus installed or not.
There is just one little thing that makes me hesitate to migrate fully: I would like to have a realtime logg of what is happening. It helps enormously to have a realtime logg to see what may or may not been blocked by the FW when trying to debug things. And maybe the ability to create rules (allow/deny ) via right click in the log.
That feature is great in Tiny PF and would miss it if I migrate.
Is there plans for such feature?
There is an options in the properties of each network monitor rule to enable logging when the rule is triggered. This can be turned on or off on an individual rule basis.
Hope this helps,
Ewen
I gave CPF a four: in the brief time I’ve used it, it has not crashed, and has allowed me (with some effort) to configure most of what we need.
However, in a number of ways it is unnecessarily difficult to use. Most of the following suggestions probably could be implemented with ease:
-
Allow moving multiple rules up/down at a time. Multi-select is already there, so multi-move shouldn’t be too hard. (While you’re at it, find out why up/down moving is so slow!)
-
Simplify terminology: source/remote to source/destination (the destination is not always ‘remote’ which gives headaches to many people)
-
Simplify the Trusted Zone wizard and results:
- No need to everywhere list the IP assigned to zone names; just adds needless data to the screen
- Use a single in/out rule instead of duplicating the rule for both sides
-
Add user-defined text tags to log entries. A few characters of MY meaning lets me understand the log much faster than reading all the details of each entry.
-
Provide for multiple IP ranges/subnets within a zone (and/or zone grouping). We have a standard set of trusted subnets; why should it be necessary to create separate rules for each one?
-
Fix the confusing popup context bug. I think what’s going on is if two events happen in rapid succession, the top part of the popup is info about one, but the bottom context info is about the other! Very humorous suggestions show up at times
-
Allow sorting the Activity/Connections page on any column
-
Be very clear that zones are defined with start/end IP’s, not IP + mask. Because it defaults the end-IP to 255.255.255.255, it’s easy to assume that’s a mask. Perhaps change the default end-addr.
-
Fix the labeling and order of Security Tasks. Right now the “add a new” list is haphazard, and “Zone” is actually “Manage Zones”. PERHAPS… simply add a Zone tab on the left, and eliminate the ‘tasks’ view. All actions are accomplished on the appropriate page.
-
Remember my checked/unchecked “remember this answer” state
-
Make it easier to open the main firewall window. Like, directly on the right click menu of the systray. “Launch pad” submenus are unnecessary additional complexity when we’re talking four products max, and 1-2 for most folks.
A bit harder…
-
On traffic page, collapse same-app connections (i.e. a 2-level tree). Particularly with the large font used, I can’t see all apps’ traffic on a single screen.
-
Allow the Comodo systray icon to be more informative. I.e. if I have the firewall, then mouseover could show a traffic summary, and the icon could (at my option) show a traffic history graph…
-
Allow trusting an application at popup time.
Whew; that’s more than enough. I hope that’s at least slightly helpful feedback!
THANK YOU so much for all your incredible work on this! What an interesting marketing strategy…
blessings,
MrPete
I like CPF, it seems to me like it’s just as good as ZA, but it is a better interface with simplified navagation and… prettier buttons (:SHY) I also like the feature that shows parent programs, definately a plus. I think it’s just as good, if not better than most firewalls out there.
The present firewall is very good .I have tried using many firewall and this one seems great .I also tested this one with tests found in firewalltester.com and the firewall passed almost all of them. It gives various levels of protection and offers functionalities of a paid firewall.
Most basic features are covered . Some features that can be added are
- OS Kernal level protection and protect from rootkits
- a monitoring features
- feature to show all running process with their components
- more easy to organize UI
- Monitor application interactions
- a better advisor so that novice users can choose which application can be allowed or denied