HTTP/Internet

Why is it that Comodo is blocking normal internet access? To load ANY website I have to disable the firewall. What seems to be the problem? I added Firefox to trusted applications and it appears port 80 is open. Why is it that everything’s blocked?

What version of CFP do you have, and what OS? Do you get any messages in your firewall log-what do they say? In Network Security Policy: What are your global rules? What are your rules for Firefox-default trusted? Do you get popups or just log entries?

3.015.277 ver

Windows XP Pro SP3 RC1

No messages.
Allow All VMware junk

Allow all Outgoing Request if Target is in [Realtek Gigabit Ethernet]
Allow All Incoming Requests if the Sender is In [Realtek Gigabit Ethernet]
Block ICMP In from IP any to IP any where ICMP Message is ECHO REQUEST
--------------------------------------

Firefox:
Allow all Requests
Allow IPout from IP any to IP any where protocal is any

--------------------------

No log entries

I run the following:
BitDefender 2008
PeerGuardian2
Spy Sweeper
Ad-Watch

and connect via wired ethernet to a NETGEAR router, that in turn connects through a cable modem(road runner)

What indication do you get that Comodo is blocking FF? Search on SpySweeper-I have heard of contentions in the past with CFP3, but don’t use it myself. Add a block and log all rule at the end of your FF rules so we can see what FF is not acting on. It may also be a contention with one of the proxies of your other security software, but unfortunately you will need to wait for some user of them to chime in. Do you know what the proxies are and the associated rules? Usually they get the same rules as a Web Browser. Normal internet access is not a problem with Comodo; contention with other security software and related rules seems to affect some of the users.

When I open Firefox and attempt to load a webpage, within seconds I get one of these errors:

The connection has timed out

The server at tigerdirect.com is taking too long to respond.

*   The site could be temporarily unavailable or too busy. Try again in a few
      moments.

*   If you are unable to load any pages, check your computer's network
      connection.

*   If your computer or network is protected by a firewall or proxy, make sure
      that Firefox is permitted to access the Web.

I disable the firewall and it loads perfectly fine. I can then re-enable the Firewall after successfully loading a page and it seems to work ok, but I don’t want to have to disable it every time I open a web browser. Everything worked fine until I installed the firewall and I took care to disable Windows firewall.

I have Ad-Watch to set the following:
RegShield
Process
Connect
TrackSweep

Spy Sweeper:
All 13 of 13 shields are on including common ads and keylogger shield.

BitDefender 2008:
Is set to default security

PeerGuardian2:
Block all bad IPs(every list enabled)

According to the active connections, Firefox is recieving around 10-20 inbound connections of ports 3000-3700, outbound port is 80(HTTP). Would that explain th problem, the event log is empty.

In Network Security Policy you should change firefox to “web browser” policy to be safer.

First, I don’t think this is a time to doubt the njven has a genuine problem and cpf3 is part of that problem.

Second, I think its time to realize that njven has almost a unique problem because many people use
firefox and a set of similar programs and experience nothing similar to that the set of problems.

Third, therefore its time to think troubleshooting which should be a process of narrowing the problem down to a likely one root cause.

One of things that could be done is to disable D+ while leaving CPF3 on.

Another thing to do would be to close firefox in the offline position and then simply use another web browser. And then firefox could be ruled as in or out as a culprit.

Another thing in order might be some malware scanning to see if CPF3 is legitimately trying to prevent malware from accessing the internet. And its possible to check to see what ports are open
other than the common one. And certain port ranges can be blocked. If blocking certain port ranges make the problem go away, then the problem is narrowed down. you can test what ports are open with Shields up or other websites.

Rather than using add remove programs, its possible to use various utilities that prevent certain programs from starting up at boot time. It may take a number of boots, but you may be able to see
exactly which program is the problem.

Is there another firewall, HIPS, or similar conflict?

You can use windows task manager to see what the computer is doing. Is the CPU always active when the computer should be doing nothing? You can use the modem icon on the task bar to see the internet traffic going in or out.

Did you add a block and log all rule at the end of your Firefox rules? And check the log box on your other firefox rules.

I dont think anyone doubts njven has a problem regarding Firefox,it was only a suggestion as it says in the comodo help files(For example,you may choose to apply the policy “Web Browser” to the applications “Internet Explorer”,“Firefox” and “opera”.Each of these has been designed by Comodo to optimize the security level of a certain type of application.)
This would also place a block and log rule at the bottom so it might give some ideas?

Are there any Firefox add-ons which could cause a problem?

Nice 1 Matty

Hi njven i`ve just read in another post that Windows Updater Applications needs to be set to( Allow IP in/out from IP any to IP any where protocol is any) for Firefox to work.Dont know if this helps?

Nice 1 Matty

“Outgoing only” (or even tighter) should work, that’s what I have. Specially since a lot of people get inbound attempts for svchost.exe which don’t seem legit.

However Firefox has always worked in a different way than other browsers for some reason I don’t yet fathom. It’s not enough for it to establish outbound connections, it also listens in a couple of ports. ??? Njven, if allowing svchost.exe access to DNS doesn’t solve your problem, try to use IE instead of FF and see if it works. Just to start narrowing things down, because this sound confusing unless we’re missing something obvious.

Thanks for this info Japo,i didn`t know svc.host was bundled in with Windows Updater Applications(now i know why my logs are clean in .277 as opposed to. 268)
Sorry this is off topic.
Matty