I am stupid - How to create a 'trusted' zone?

Okay. Call me stupid. I probably am.

Here’s the thing. I’m a former ZoneAlarm user, and I am somewhat confused by the Comodo firewall. I want to allow all apps access to the local zone, but only upon request to the Internet. Is that possible?

Here’s what I tried:

  1. I created a network zone with 192.168.0.1…192.168.0.99 and 127.0.0.1 and called it ‘local’

  2. I deleted all old rules in firewall / advanced / network security policy

  3. I ran firewall / common / stealth port wizard and stealthed everything except for my ‘local’ zone

Now I can understand the security component of Comodo asks for access to a local zone, but the popup says that an application, trying to reach 192.168.0.xx (whatever) is trying to access the Internet.

Is it just the wording of the message, or am I doing something totally wrong here?

Maybe it was not such a stupid question after all… I did another search thru the forums, but I just cannot figure it out. Help!

What is the gateway address of your modem/router? Is it within the network zone you created?

One thing I find odd is that your home network is in the 192.168.0 range. Usually it is in the 192.168.1 range.

Can you show us your Global Rules. They can be found under Firewall → Advanced → Network Security Policy.

Global Rules:

  • allow all outgoing requests if the target is in [devnet]
  • allow all incoming requests if the sender is in [devnet]

My Network Zones

devnet

  • ip range 192.168.0.0 - 192.168.0.99
  • ip 127.0.0.1

What application is trying to access the local network? System?

On an important side note. Your Global Rules fail the basic block rule; it won’t block incoming traffic. Run the Stealth Ports Wizard again and choose "Block all incoming connections Stealth ports to everyone. When done run the Wizard again and add the Devnet zone again.

Well, the problem is in the pop up, or my lack of understanding 8)

Now I can understand the security component of Comodo asks for access
to a local zone, but the popup says that an application, trying to reach
192.168.0.xx (whatever) is trying to access the Internet

If something tries to reach anything on the local network, Comodo pops up an alert that informs me an application wants to access the (tadaa) *** Internet ***. Now that confuses the hell out of me. What is the internet? Anything but this machine, or anything not in my local zone?

The easiest way to think of it is when it says “the internet”, interpret it as meaning “another IP address”.

I can see where your confusion lies, but it just means your PC wants to contact another one. It may be in the next room, it may be in Newfoundland. It’s just another PC, and the security implications CAN be the same.

Hope this helps,
Ewen :slight_smile:

Ahhhh. Now that indeed is confusing terminology then. I was hoping that it would allow discrimianation between ‘trusted’ areas (‘my’ zones) and ‘untrusted’ areas (aka the internet). It would make life easier, as you could tell applications to contact other LOCAL machines (the one on the trusted section) and forbid them to access INTERNET machines (all other machines not on the trusted section). That’s still possible, but now it requires a ruleset, and I wasn’t expecting that.

I have to think this over, a little…

Head over to the GUIDES area of this forum, follow along step by step (it’s visual, so very clear) & you will be set up in a few minutes:

First:
https://forums.comodo.com/firewall_guides/setting_up_firewall_for_maximum_security-t30535.0.html

then:
https://forums.comodo.com/firewall_guides/blocking_internet_access_whilst_allowing_intranet_access-t30440.0.html

& for defense plus:
https://forums.comodo.com/defense_guides/setting_up_defense_for_maximum_security-t30473.0.html