If U allow i/b firewall alert, rule is created for IP mask, not IP [V6][M108]

A. The bug/issue

1. What you did:
I run a Webserver on my host ( Global rule allows incoming traffic on TCP/80. No application rule for webserver.exe exists and Firewall alert frequency level is set to “Very high” - all checkboxes checked except “This is an…ICS Server”. Now I connect from client Alert pops up saying “ - TCP, Port 80 wants to connect to webserver.exe” and I click “Allow this request” and tick “remember my answer”. CIS now auto-creates an IP MASK rule for instead of a rule for just the one SINGLE HOST When I don’t check “remember my answer” CIS acts the same way (all subsequent inbound connections to TCP/80 are automatically allowed!) - it just does not create a rule (of course).

2. What actually happened or you actually saw:
CIS creates a IP Mask based rule instead of a Single IP rule in “Very high” alert level for inbound connections.

3. What you expected to happen or see:
“Very high” FW alert level should create a rule/notify me for every different Endpoint (IP:Port)!

4. How you tried to fix it & what happened:
There’s no way to fix this from the user side since years.

5. If its a software compatibility problem have you tried the compatibility fixes (link in format)?:

6. Details & exact version of any software (execpt CIS) involved (with download link unless malware):

7. Whether you can make the problem happen again, and if so exact steps to make it happen:
see description “What you did”

8. Any other information (eg your guess regarding the cause, with reasons):
This bug does exist and is known since v3+ already and everything has been described here long time ago:

B. Files appended. (Please zip unless screenshots).

C. Your set-up

  1. CIS version, AV database version & configuration used:
    CIS 6.0.260739.2674, AV 14605

  2. a) Have you updated (without uninstall) from from a previous version of CIS: no
    b) if so, have you tried a clean reinstall (without losing settings - if not please do)?:

  3. a) Have you imported a config from a previous version of CIS: no
    b) if so, have U tried a standard config (without losing settings - if not please do)?:

  4. Have you made any other major changes to the default config? (eg ticked ‘block all unknown requests’, other egs here.):no

  5. Defense+, Sandbox, Firewall & AV security levels: D+= CleanPC, Sandbox=Disabled , Firewall = Enabled, AV = Enabled

  6. OS version, service pack, number of bits, UAC setting, & account type:
    Windows 7 Enterprise English Service Pack 1, UAC=off, Administrator account

  7. Other security and utility software currently installed: no

  8. Other security software previously installed at any time since Windows was last installed: no

  9. Virtual machine used (Please do NOT use Virtual box): no

Same here for other applications that need ingress rules.

Thank you very much for your report in standard format, with all information supplied. The care you have taken is much appreciated by Comodo, and will increase the likelihood that this bug can be fixed.

Developers may or may or may not communicate with you in the forum or by PM/IM, depending on time availability and need. Because you have supplied complete information they may be able to replicate and fix the bug without doing so.

Many thanks again


Is the behavior different if you show more options on the alert before allowing?

Where’s “more options” in the CIS6 alert dialog?


But when you ask for CIS 5 - it made no differece.

Fair comment :slight_smile:

So the Alert change has removed a work-around that helped in some of the cases of over general rules. (Obviously not the one under consideration).

I wonder if they fixed those other cases?

At a personal can I offer my sincere apologies. You have a tracking number now albeit a mods one.

Best wishes


Thanks a lot for your efforts :slight_smile:

Just to enquire if this is fixed for you in 2813.

I just tried for an outgoing alert, with alert frequency set to very high, and CIS created a rule for a single destination IP and protocol.

Best wishes


It’s for inbound connections mouse and it’s not fixed.

OK, thanks, so it works right outbound, but not inbound?

Title edited accordingly

Tracker updated to not fixed in 2813

Can you please check and see if this is fixed with the newest version (6.2.282872.2847)? Please let us know whether it is fixed or you are still experiencing the problem.

Thank you.

PM sent.

Can you please check and see if this is fixed with the newest version (6.3.294583.2937)? Please let us know whether it is fixed or you are still experiencing the problem.

Thank you.

PM sent.

Hello! Sorry, I didn’t check here for a long time. I can confirm this problem is completely solved (I use version 6.3.300670.2970 currently).
CIS creates the correct rule and keeps asking when you do not check [x] Remember my answer.
Thank you! :-TU

Thank you for checking this. I will now move this report to Resolved.

If the problem re-occurs please respond to this topic and we can move it back.

Thank you.