I have only 2 Windows PC on a LAN for testing purposes.
I only use 3 simple rules.
0 / Allow / ICMP Out / Any / Any / Echo REQUEST
1 / Block / ICMP In / any / any / echo REQUEST
2 / Block / IP IN-Out / any / any / any
I am fully able to ping anyone.
Nobody is able to ping me.
All will be OK but during an outgoing ping, the opposite PC is able to ping me all along the established ICMP In/Out connection is maintained.
My question was :
Does the established connection allow all incoming and outgoing icmp messages ?
I inserted a new rule :
2 / Block / ICMP In-Out / any / any / any
and the incoming ping works always all along the outgoing connection is maintained by COMODO.
So I understand that COMODO first checks the existing connection and if something matches, it uses it without checking the rules.
Does the established connection allow a full ICMP traffic and what is the utility of the ICMP message control ?
And now, if I allow the rule 1 (incoming ICMP Request) and somebody establishes an allowed icmp connection, how can I control the ICMP responses to this machine ?
Is my understanding wrong ?
Thank you for your help.