ICMP rules help

Help for v2
#1

Hello,
I like CPF very much and I think it may be the best firewall out there, but it is slowing down my internet connection quite a bit. After uninstalling it, and going back to Kerio v2.1.5, I realised that for my system I need specific ICMP protocols to have a good speedy internet connection. They would be as follows:
Echo Request #8, Out, any address, any port
Echo Reply #0, In, any address, any port
Domain Name Request #37, Out, any address, any port
Domain Name Reply #38, In, any address, any port
Then all other ICMP is blocked.
I did notice that a couple of these rules are already in place, but I forgot which ones.
How do I configure Comodo to allow these protocols in the networking rules?

I’m not a stranger to firewalls, but setting up ICMP rules in Comodo seems impossible for me to do on my own. Everything I tried didn’t work.

If it matters, I am using an ethernet cable connection, Nvidia nForce 6100 networking controller, and Windows XP SP2 MCE. also, I don’t use home networking, hardware firewall, or a router.

Thanks in advance.
James.

Hi Again,
Here is an update to the above post.
I reinstalled CPF v2.3.5.62 and

Allow ICMP Out, from IP [any], to IP [any], where the ICMP message is ECHO Request.
is already enabled.
Allow ICMP In, from IP [any], to IP [any], where the ICMP message is ECHO Reply.
is now manually enabled.

Now I only need the ‘Domain Name Request’, and ‘Domain Name Reply’ ICMP Rules,
which are not in the predefined ICMP rules, so I need to create rules manually.
All I really need is the ‘Type’ and ‘code’ for each of the above.

I searched the forum here, and didn’t find anything that would help me, and searching
on the internet gave me a list of some ICMP types, but not the codes.

Thanks again.
James.

#2

G’day,

If you look at Spirit Airlines, they list all ICMP codes and available types. I’m pretty certain types 37 and 38 have no codes, so just enter a code of ZERO. This is done in the Network Monitor by adding a new rule, select ICMP as the protocol, and on the ICMP Details tab, select Custom as the message. This will then display type and codes fields.

Hope this helps,
Ewen :slight_smile:

#3

Hi panic,
I think your advice is doing the trick. Most domains are resolving faster, and search results from google are appearing much faster now. Also, I have a few programs that want to auto update at startup, making my startup that much slower, but now I think these new rules are helping my system start up a little faster too. I didn’t think to just leave the codes as zeros when making the rules. I had them set at 38,38 and 37,37 and so on.
So thank you very much for the advice :slight_smile:

Now, since we’re on the topic of Domain Names, does anybody know if CPF automatically allows svchost.exe to use DNS? If it doesn’t, that could have been partially the problem I had.

#4

I tried several times to delete rules for svchost.exe just to see if commodo would prompt me to allow svchost.exe to use port 53. Even with all logging enabled, I don’t see anything in the logs mentioning port 53 for any application. To have the fastest internet browsing and surfing, applications can’t depend on Domain Name Requests and Replys alone, they would also need the DNS service. I am unistalling CPF until the next release, because I feel there is something wrong regarding the support for svchost and/or DNS. On my system, Kerio picks up on DNS for any application right away, so I don’t see why Comodo couldn’t. Don’t get me wrong, I think CPF is an outstanding firewall, but I don’t think that I would want this much security if it is going to take away
my internet speed, unless perhaps this will be fixed in a later version.
Thanks.

P.S, I forgot to say that I made a rule for DNS and I was logging it too. The logs were always empty.