I can't set global rules?

I just installed CFP, but I can’t set global rules. Here’s what I do:

I click on Add:


I fill in a name and click Destination port:


I fill in something, and click Apply:


But here’s what I get:


I tried all kinds of different things, setting source address as well, specifying ports, etc.
But it just keeps saying this.

What am I doing wrong??

Not sure what your doing wrong wrong but what are you trying to accomplish. If you want to block all incoming connections then simply run the stealth port wizard.

Suppose I have a server somewhere and I want to allow ANY traffic to/from that server. It should be possible with a rule like this, right? (but of course using one specific IP)

But still, this is just an example. The problem is, no matter what I fill in there, it ALWAYS says “invalid argument” :frowning:

One more try - is what I’m doing here really not possible? And if this error is not a bug, then WHAT arguments are invalid?

Forget the particular rule or example I posted above, I just want to know how to create global rules in general. Can anyone give me an example of a global rule that involves a remote IP (or IP ranges) and/or ports, that is not rejected because of “invalid arguments”??

Did you read the help file system?

I came for the same problem and running the wizard like Vettetech suggered worked . I believe the bug happens if you empty the global rules totally …

I vaguely recall there being something odd about having descriptive names in rules. Try leaving out the rule description, and create an any-any-any rule. If that works, then edit the new rule to what you want it to be.

Otherwise, I’m kind of guessing. So that I can try to re-create the problem, what rule, exactly and in verbatim, are you trying to enter?

Thanks, I will give that a try.

I was trying to add a rule to allow any traffic (TCP or UDP, outgoing or incoming) to/from (a local server which I connect to with all kinds of programs and tools), and similarly for (a remote server).

I was trying to add a rule to allow any traffic (TCP or UDP, outgoing or incoming) to/from (a local server which I connect to with all kinds of programs and tools), and similarly for (a remote server).

I’m reading your description as involving three machines, and at least two firewall rules.

You have ThisPC (the machine you’re using, with CFP installed), machine LANsrv at, and machine RMTsrv at

To communicate with machine LANsrv, from ThisPC, you’ll need these two CFP rules in your Global Rules:

allow TCPorUDP In from singleIP[LANsrv] to singleIP[ThisPC] where srcport is any and destport is any
allow TCPorUDP Out from singleIP[ThisPC] to singleIP[LANsrv] where srcport is any and destport is any

The reason for the two rules, is because the address positions swap based on direction. It’s inbound from the servers, and outbound from ThisPC. The natural form for humans, is just one rule: if it’s to or from the server, then okay. Computers don’t make the distinction, so there have to be two rules.

And you’ll probably need to add ICMP In and Out rules also. If the TCP or UDP packets hit a problem, they send back complaints by ICMP. If ThisPC doesn’t get the message, it’ll just sit there until something times out, and you’ll wonder why it’s taking so long, and it still didn’t work. But, that’s for later.

And then a similar ruleset for the RMTsrv. That’s also for later.

The original question, back at the beginning of this topic, was getting that first rule entered. So, try this for yor Global Rules:

Action: Allow
Protocol: TCP or UDP
Direction: In
Description: your words here
Source Address: single IP:
Destination Address: any # “any” will work for the address of “ThisPC” for this rule
SourcePort: any
DestinationPort: any

and the second rule:

Action: Allow
Protocol: TCP or UDP
Direction: Out
Description: your words here, part 2
Source Address: any # “any” will work here also, for this rule
Destination Address: singleIP:
SourcePort: any
DestinationPort: any

You should be able to enter those rules, as given. If not, then something really unexpected is going on.

I have the exact same problem. I can’t set any Global Rules. It pops me an alert box, complaining about a invalid argument.

I use COMODO Firewall Pro version

If you read this thread in Bug reports Ronny shows a workround for this problem.

EDIT Here is Ronny’s post
Confirmed Windows XP SP2, 3.0.25 x32.
You will get a nice Red X, An invalid argument was encountered.

Go to Firewall, Common Tasks, Stealth Port Wizard and select:
Alert me to incoming connections - stealth my ports on a per-case basis.
And your global rules are restored. After that you can add your “Allow IP In/Out From IP Any To IP Any Where Protocol Is Any” again.

So this look’s like a minor BUG to me.

Thanks Dennis.

Works great now! Thank you.