Individual rules for each Windows Service, in the Firewall

  1. What actually happened or you saw:
    Currently, the Comodo firewall allows the creation of rules for the “Svchost.exe” executable, only for the executable itself and not for the individual Windows Services hosted by it.

  2. What you wanted to happen or see:
    I would like to be able to set rules on the single Service hosted by “Svchost.exe” and not only on the executable “Svchost.exe”.

  3. Why you think it is desirable:
    This feature, present in other firewalls, would allow you to create rules to manage traffic on individual Windows Services.

  4. Any other information:
    As for “Svchost.exe”, it is a system file that hosts one or more Windows Services.
    Normally, multiple instances of this executable are active in the system and every istance host various Services.
    Comodo does not allow you to set rules for each Service but only for the “Svchost.exe” executable.

The “Windows firewall” allows you to treat the services hosted in “Svchost.exe” individually.
They informed me that also the “Net Peeker” firewall, present here, also has this feature.


Excellent suggestion imo, i wish more people would chime in so your suggestion would come to fruition.

Fully agree that the fine filtering of the individual windows services running under the various svchost.exe instances would be a very welcome and important feature, which would give CF/CIS an edge over most other firewalls.

This would be an excellent addition, I’ve been hoping for such a feature forever

@C.O.M.O.D.O_RT could you please (re)confirm if this request is (still) considered by the development team? Noticed you announced to post feedback here: Specify FW/HIPS rule for particular service name, not just file/process - #28 by C.O.M.O.D.O_RT

The functionality seems to be a standard part of Windows Firewall Technologies, “the INetFwServiceRestriction interface (netfw.h) provides access to the Windows Service Hardening networking rules”: INetFwServiceRestriction (netfw.h) - Win32 apps | Microsoft Learn

Thanks in advance!

Hi infosec,

We have taken this feature request to the related team.
We will keep you posted.