I have looked up the forum but no answer I have found.

Situation:
I have first computer connected to the internet and second connected to the first. In the first computer I enable the option to use internet from other computers in the network.

It works well with Windows Firewall.
But then comes Comodo Firewall and this configuration doesn’t work
There is a check in the checkbox for ICS Server.

What can be a problem ?
Thanx !

evening

may i have your os?

Also, Can you explain a little more of the situation ?

CG

If you have a machine facing the Internet, and is also serving as a firewall for other machines, the set up is not quite so straightforward. There is a Comodo wiki topic that covers a lot of the details.

Thanx, I followed the wiki but it did not help

I have Windows XP on both computers.
The first computer is connected to internet and to the LAN, it acts as Firewall and as Router.

Have you checked if your setting:

Firewall - Advanced - Firewall Behavior Settings - Alert Settings - check if the box “This computer is an internet connection …” is ticked ?

Two things to check:

First, is to make sure that the Windows Firewall is turned off, and so is not causing some conflict with Comodo Firewall. Click Start → Control Panel → Security Center. If Windows Firewall is running, the Security Center should show that, in which case, turn it off.

Second, is to confirm the Comodo Firewall settings, in detail. To do that, you’ll need to run the Config Reporting Script. Download the script to your desktop, and just click the desktop icon to run the script. This will produce a text file report that you can post here. Run this script on the machine that is the ICS host.

Windows Firewall is turned off.

Here comes the report:

[CIS/CFP Reporting Script Version 0.723.1]

=========================================================================================
System Information

General Information

User K Member of {Administrators, }
Logged on machine C1 at 15.12.2008 19:23:23
Microsoft(R) Windows(R) XP Professional x64 Edition 5.2.3790 SP 2.0
Codepage: windows-1251
Free Physical Memory: 2898MB

Data Execution Prevention Settings

MS Windows DEP Policy: OptOut
Hardware DEP available
DEP enabled for 32Bit Appplications
DEP enabled for Drivers

=========================================================================================
CIS/CFP Installation Information

Installation Mode: Firewall
Installation Path: C:\Program Files\Comodo\COMODO Internet Security

Version Information

INFORMATION: Installed CIS/CFP version [From Registry]: 3.5.57173.439
INFORMATION: Installed CIS/CFP version [From CFPVER.DAT]: 3.5.57173.439
INFORMATION: CMDAGENT.EXE File Version: 3.5.57173.439
INFORMATION: CFP.EXE File Version: 3.5.56968.437
INFORMATION: CFP.DLL File Version:
INFORMATION: CFPCONFG.EXE File Version: 3.5.57170.438
INFORMATION: CFPCONFG.DLL File Version: 3.5.55470.430
INFORMATION: CFPLOGVW.EXE File Version: 3.5.55470.430
INFORMATION: CFPLOGVW.DLL File Version: 3.5.55470.430
INFORMATION: CFPSBMIT.EXE File Version: 3.5.55470.430
INFORMATION: CFPSBMIT.DLL File Version: 3.5.55470.430
INFORMATION: CFPUPDAT.EXE File Version: 3.5.55810.432
INFORMATION: CFPUPDAT.DLL File Version: 3.5.55470.430
INFORMATION: CRASHREP.EXE File Version: 3.5.55470.430
INFORMATION: FRAMEWORK.DLL File Version:
INFORMATION: CMDGUARD.SYS File Version: 3.5.57170.438
INFORMATION: CMDHLP.SYS File Version: 3.5.55470.430

Configuration Information

INFORMATION: There are 4 Configurations reported In CFP Configuration Tree
INFORMATION: Active Configuration ID 0 reported In CFP Configuration Tree
DIAGNOSTIC: 4 Configuration/s Confirmed

=========================================================================================
Configuration ID: 0 Name: COMODO - Firewall Security Ver. 0x3016295

“File Groups” Groups Or Entries

INFORMATION: There are 11 File Groups reported In CFP Configuration Tree
DIAGNOSTIC: 11 File Groups Confirmed

File Group 0: [Executables] is defined as

[0] *.exe
[1] *.dll
[2] *.sys
[3] *.ocx
[4] *.bat
[5] *.pif
[6] *.scr
[7] *.cpl

File Group 1: [All Applications] is defined as

[0] *

File Group 2: [Important Files/Folders] is defined as

[0] C:\WINDOWS\system32*
[1] C:\WINDOWS\system*
[2] C:\WINDOWS\servicing*
[3] C:\WINDOWS\SoftwareDistribution*
[4] C:\WINDOWS\system.ini
[5] C:\WINDOWS\win.ini
[6] C:\WINDOWS\wininit.ini
[7] C:\WINDOWS\winstart.bat
[8] C:\WINDOWS\Tasks*
[9] \Device\HarddiskVolume?\boot.ini
[10] \Device\HarddiskVolume?\ntdetect.com
[11] \Device\HarddiskVolume?\ntldr

File Group 3: [Windows Updater Applications] is defined as

[0] C:\WINDOWS\system32\svchost.exe
[1] C:\WINDOWS\system32\msiexec.exe
[2] C:\WINDOWS\system32\wuauclt.exe
[3] C:\WINDOWS\SoftwareDistribution*
[4] C:\WINDOWS\system32\wupdmgr.exe
[5] C:\Program Files\Comodo\COMODO Internet Security\cfpconfg.exe

File Group 4: [Windows System Applications] is defined as

[0] System
[1] C:\WINDOWS\system32\smss.exe
[2] C:\WINDOWS\system32\csrss.exe
[3] C:\WINDOWS\system32\winlogon.exe
[4] C:\WINDOWS\system32\services.exe
[5] C:\WINDOWS\system32\spoolsv.exe
[6] C:\WINDOWS\system32\lsass.exe
[7] C:\WINDOWS\system32\wbem\WMIAdap.exe
[8] C:\WINDOWS\system32\wbem\WMIPrvSE.exe
[9] C:\Program Files\Comodo\COMODO Internet Security\cavscan.exe

File Group 5: [Temporary Files] is defined as

[0] C:\DOCUME~1\K\LOCALS~1\Temp*
[1] ?:\RECYCLER*
[2] C:\Documents and Settings\K\Local Settings\Temporary Internet Files*

File Group 6: [COMODO Files/Folders] is defined as

[0] C:\Program Files\Comodo\COMODO Internet Security*
[1] C:\Documents and Settings\All Users\Application Data\Comodo*
[2] C:\WINDOWS\system32\drivers\cmdguard.sys
[3] C:\WINDOWS\system32\drivers\cmdhlp.sys
[4] C:\WINDOWS\system32\drivers\inspect.sys
[5] C:\WINDOWS\system32\guard64.dll
[6] C:\WINDOWS\SysWOW64\guard32.dll

File Group 7: [COMODO Internet Security] is defined as

[0] C:\Program Files\Comodo\COMODO Internet Security\cfp.exe
[1] C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
[2] C:\Program Files\Comodo\COMODO Internet Security\cfpupdat.exe
[3] C:\Program Files\Comodo\COMODO Internet Security\cfpsbmit.exe
[4] C:\Program Files\Comodo\COMODO Internet Security\cfplogvw.exe
[5] C:\Program Files\Comodo\COMODO Internet Security\crashrep.exe

File Group 8: [Startup Folders] is defined as

[0] C:\Documents and Settings\All Users\Start Menu\Programs\Startup*
[1] C:\Documents and Settings\K\Start Menu\Programs\Startup*
[2] C:\WINDOWS\system32\GroupPolicy\Machine\Scripts\Startup*
[3] C:\WINDOWS\system32\GroupPolicy\User\Scripts\Logon*

File Group 9: [Windows Management] is defined as

[0] \Device\NamedPipe\atsvc

File Group 10: [3rd Party Protocol Drivers] is defined as

[0] \Device\NPF_*
[1] \Device\Ndisuio
[2] \Device\NdisTapi

My Network Zones

INFORMATION: There are 3 Zones reported In CFP Configuration Tree

Zone 0: [Loopback Zone] is defined as

[0] IP In [127.0.0.1/255.0.0.0]

Zone 1: [Local Area Network #1] is defined as

[0] IP In [10.100.101.100/255.255.255.0]

Zone 2: [Local Area Network #2] is defined as

[0] IP In [192.168.0.1/255.255.255.0]

My Blocked Network Zones

INFORMATION: There are 0 Blocked Zones reported In CFP Configuration Tree

My Ports Sets

INFORMATION: There are 3 Port Sets reported In CFP Configuration Tree

Portset 0: [HTTP Ports] is defined as

[0] 80
[1] 443
[2] 8080

Portset 1: [POP3/SMTP Ports] is defined as

[0] 110
[1] 25
[2] 143
[3] 993
[4] 995
[5] 465
[6] 587

Portset 2: [Privileged Ports] is defined as

[0] 0-1023

Global Rules

INFORMATION: There are 7 Global Rules reported In CFP Configuration Tree

[0] Allow UDP In/Out From IP Any To IP [255.255.255.255] Where Source Port Is In [67-68] And Destination Port Is In [67-68]
[1] Allow IP In/Out From Zone [Local Area Network #2] To Zone [Local Area Network #2] Where Protocol Is Any
[2] Block TCP Or UDP Out From Zone [Local Area Network #2] To IP Any Where Source Port Is Any And Destination Port Is In [136-139]
[3] Allow TCP Or UDP Out From Zone [Local Area Network #2] To IP Any Where Source Port Is Any And Destination Port Is Any
[4] Allow ICMP Out From Zone [Local Area Network #2] To IP Any Where ICMP Message Is Any
[5] Block IP In/Out From Zone [Local Area Network #2] To IP Any Where Protocol Is Any
[6] Block ICMP In From IP Any To IP Any Where ICMP Message Is ECHO REQUEST {8.0}

Network Security Policy

INFORMATION: There are 24 Application Rules reported In CFP Configuration Tree

Application 0: C:\Program Files (x86)\Nemerle\NemerleStudio\NemerleStudio.exe Treat as: [Web Browser]

The predefined rules are as follows:
[0] Allow IP Out From IP Any To Zone [Loopback Zone] Where Protocol Is Any
[1] Allow TCP Out From IP Any To IP Any Where Source Port Is Any And Destination Port Is In. [HTTP Ports]
[2] Allow TCP Out From IP Any To IP Any Where Source Port Is Any And Destination Port Is 21
[3] Allow TCP Out From IP Any To IP Any Where Source Port Is Any And Destination Port Is Not In. [Privileged Ports]
[4] Allow UDP Out From IP Any To IP Any Where Source Port Is Any And Destination Port Is 53
[5] Block & Log IP In/Out From IP Any To IP Any Where Protocol Is Any

Application 1: C:\Program Files (x86)\USD\USDownloader.exe Treat as: [Custom Policy]

[0] Allow IP Out From IP Any To IP Any Where Protocol Is Any

Application 2: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe Treat as: [trusted Application]

The predefined rules are as follows:
[0] Allow IP In/Out From IP Any To IP Any Where Protocol Is Any

Application 3: C:\Program Files (x86)\Maxthon2\Maxthon.exe Treat as: [Web Browser]

The predefined rules are as follows:
[0] Allow IP Out From IP Any To Zone [Loopback Zone] Where Protocol Is Any
[1] Allow TCP Out From IP Any To IP Any Where Source Port Is Any And Destination Port Is In. [HTTP Ports]
[2] Allow TCP Out From IP Any To IP Any Where Source Port Is Any And Destination Port Is 21
[3] Allow TCP Out From IP Any To IP Any Where Source Port Is Any And Destination Port Is Not In. [Privileged Ports]
[4] Allow UDP Out From IP Any To IP Any Where Source Port Is Any And Destination Port Is 53
[5] Block & Log IP In/Out From IP Any To IP Any Where Protocol Is Any

Application 4: System Treat as: [Custom Policy]

[0] Allow IP Out From IP Any To Zone [Local Area Network #2] Where Protocol Is Any
[1] Allow IP In From Zone [Local Area Network #2] To IP Any Where Protocol Is Any
[2] Allow IP Out From IP Any To IP Any Where Protocol Is Any
[3] Allow IP In From IP Any To IP Any Where Protocol Is Any

Application 5: C:\Program Files (x86)\Gizmo5\mDNSResponder.exe Treat as: [Custom Policy]

[0] Allow IP Out From IP Any To IP Any Where Protocol Is Any

Application 6: C:\Program Files\Alwil Software\Avast4\ashServ.exe Treat as: [trusted Application]

The predefined rules are as follows:
[0] Allow IP In/Out From IP Any To IP Any Where Protocol Is Any

Application 7: Group [COMODO Internet Security] Treat as: [Outgoing Only]

The predefined rules are as follows:
[0] Allow TCP Or UDP Out From IP Any To IP Any Where Source Port Is Any And Destination Port Is Any
[1] Block & Log IP In/Out From IP Any To IP Any Where Protocol Is Any

Application 8: Group [Windows Updater Applications] Treat as: [Custom Policy]

[0] Allow TCP Or UDP Out From IP Any To IP Any Where Source Port Is Any And Destination Port Is Any

Application 9: C:\WINDOWS\system32\svchost.exe Treat as: [Custom Policy]

[0] Allow IP In From IP Any To IP Any Where Protocol Is Any
[1] Allow IP Out From IP Any To IP Any Where Protocol Is Any

Application 10: C:\Program Files (x86)\Orbitdownloader\orbitdm.exe Treat as: [Custom Policy]

[0] Allow IP Out From IP Any To IP Any Where Protocol Is Any

Application 11: C:\Program Files\Alwil Software\Avast4\Setup\avast.setup Treat as: [Custom Policy]

[0] Allow IP Out From IP Any To IP Any Where Protocol Is Any

Application 12: D:\Miranda IM\miranda32.exe Treat as: [Custom Policy]

[0] Allow IP Out From IP Any To IP Any Where Protocol Is Any

Application 13: I:\emule\emule.exe Treat as: [Custom Policy]

[0] Allow IP In From IP Any To IP Any Where Protocol Is Any
[1] Allow IP Out From IP Any To IP Any Where Protocol Is Any

Application 14: C:\Program Files (x86)\foobar2000\foobar2000.exe Treat as: [Custom Policy]

[0] Allow IP Out From IP Any To IP Any Where Protocol Is Any

Application 15: C:\Program Files\Sun\xVM VirtualBox\VirtualBox.exe Treat as: [Custom Policy]

[0] Allow IP Out From IP Any To IP Any Where Protocol Is Any

Application 16: C:\Program Files (x86)\uTorrent\uTorrent.exe Treat as: [Custom Policy]

[0] Allow IP Out From IP Any To IP Any Where Protocol Is Any

Application 17: C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe Treat as: [Custom Policy]

[0] Allow IP Out From IP Any To IP Any Where Protocol Is Any

Application 18: C:\Program Files (x86)\ICQ6.5\ICQ.exe Treat as: [Custom Policy]

[0] Allow IP Out From IP Any To IP Any Where Protocol Is Any

Application 19: C:\WINDOWS\explorer.exe Treat as: [Custom Policy]

[0] Allow IP Out From IP Any To IP Any Where Protocol Is Any

Application 20: C:\WINDOWS\system32\mstsc.exe Treat as: [Custom Policy]

[0] Allow UDP In From IP In [192.168.0.2/255.255.255.0] To IP Any Where Source Port Is Any And Destination Port Is Any
[1] Allow IP Out From IP Any To IP Any Where Protocol Is Any

Application 21: C:\Program Files (x86)\Skype\Phone\Skype.exe Treat as: [Custom Policy]

[0] Allow IP In From IP Any To IP Any Where Protocol Is Any
[1] Allow IP Out From IP Any To IP Any Where Protocol Is Any

Application 22: C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe Treat as: [Custom Policy]

[0] Allow IP Out From IP Any To IP Any Where Protocol Is Any

Application 23: C:\Program Files (x86)\RapidSVN-0.9.7\bin\rapidsvn.exe Treat as: [Custom Policy]

[0] Allow IP Out From IP Any To IP Any Where Protocol Is Any

Firewall Settings

Firewall Behavior Settings

Firewall Mode [train with Safe Mode] Alert level [Low]
Keep an alert on Screen For a Maximum of 120 seconds
Enable Alerts For TCP requests
Enable Alerts For UDP requests
Enable Alerts For ICMP requests
This Computer is an Internet gateway
Enable Alerts For Loopback requests

Attack Detection Settings

Block Host attempting portscans For 5 minutes
Emergency Mode Duration during DOS attacks: 120 seconds
TCP Flood Traffic Rate 20 packets/second
TCP Flood Duration 20 seconds
UDP Flood Traffic Rate 20 packets/second
UDP Flood Duration 20 seconds
ICMP Flood Traffic Rate 20 packets/second
ICMP Flood Duration 20 seconds

Block Fragmented IP Datagrams

Netstat Information

Active Connections

Proto Local Address Foreign Address State PID
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 780
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:1025 0.0.0.0:0 LISTENING 508
TCP 0.0.0.0:1087 0.0.0.0:0 LISTENING 3828
TCP 0.0.0.0:2869 0.0.0.0:0 LISTENING 4
TCP 10.100.101.100:139 0.0.0.0:0 LISTENING 4
TCP 10.100.101.100:1091 205.188.9.18:80 ESTABLISHED 3828
TCP 10.100.101.100:1095 205.188.13.20:80 ESTABLISHED 3828
TCP 10.100.101.100:1588 91.199.212.149:80 TIME_WAIT 0
TCP 10.100.101.100:1590 91.199.212.149:80 TIME_WAIT 0
TCP 10.100.101.100:1594 91.199.212.149:80 TIME_WAIT 0
TCP 10.100.101.100:1596 66.210.181.138:80 TIME_WAIT 0
TCP 10.100.101.100:1598 91.199.212.149:80 TIME_WAIT 0
TCP 10.100.101.100:1611 91.199.212.149:80 TIME_WAIT 0
TCP 10.100.101.100:1613 91.199.212.149:80 TIME_WAIT 0
TCP 10.100.101.100:1618 91.199.212.149:80 TIME_WAIT 0
TCP 10.100.101.100:1622 91.199.212.149:80 TIME_WAIT 0
TCP 10.100.101.100:1623 93.186.226.130:80 TIME_WAIT 0
TCP 10.100.101.100:1626 93.186.226.129:80 TIME_WAIT 0
TCP 10.100.101.100:1629 93.186.226.5:80 TIME_WAIT 0
TCP 10.100.101.100:1630 93.186.226.4:80 TIME_WAIT 0
TCP 10.100.101.100:1636 93.186.224.237:80 TIME_WAIT 0
TCP 10.100.101.100:1637 93.186.224.237:80 TIME_WAIT 0
TCP 10.100.101.100:1638 93.186.224.236:80 TIME_WAIT 0
TCP 10.100.101.100:1641 93.186.224.236:80 TIME_WAIT 0
TCP 10.100.101.100:1642 93.186.224.235:80 TIME_WAIT 0
TCP 10.100.101.100:1643 93.186.224.234:80 TIME_WAIT 0
TCP 127.0.0.1:1027 0.0.0.0:0 LISTENING 2744
TCP 127.0.0.1:1639 127.0.0.1:445 TIME_WAIT 0
TCP 127.0.0.1:5152 0.0.0.0:0 LISTENING 200
TCP 127.0.0.1:5354 0.0.0.0:0 LISTENING 1832
TCP 127.0.0.1:12025 0.0.0.0:0 LISTENING 2336
TCP 127.0.0.1:12080 0.0.0.0:0 LISTENING 2404
TCP 127.0.0.1:12080 127.0.0.1:1627 TIME_WAIT 0
TCP 127.0.0.1:12110 0.0.0.0:0 LISTENING 2336
TCP 127.0.0.1:12119 0.0.0.0:0 LISTENING 2336
TCP 127.0.0.1:12143 0.0.0.0:0 LISTENING 2336
TCP 192.168.0.1:139 0.0.0.0:0 LISTENING 4
TCP 192.168.0.1:1640 192.168.0.1:139 TIME_WAIT 0
UDP 0.0.0.0:445 : 4
UDP 0.0.0.0:500 : 508
UDP 0.0.0.0:1026 : 1832
UDP 0.0.0.0:1029 : 828
UDP 0.0.0.0:4500 : 508
UDP 10.100.101.100:123 : 1036
UDP 10.100.101.100:137 : 4
UDP 10.100.101.100:138 : 4
UDP 10.100.101.100:1900 : 1036
UDP 10.100.101.100:5353 : 1832
UDP 127.0.0.1:123 : 1036
UDP 127.0.0.1:1030 : 828
UDP 127.0.0.1:1545 : 2868
UDP 127.0.0.1:1900 : 1036
UDP 192.168.0.1:53 : 828
UDP 192.168.0.1:67 : 828
UDP 192.168.0.1:68 : 828
UDP 192.168.0.1:123 : 1036
UDP 192.168.0.1:137 : 4
UDP 192.168.0.1:138 : 4
UDP 192.168.0.1:1900 : 1036
UDP 192.168.0.1:5353 : 1832

Thank you for the config report.

It looks like there is a problem with the a Global Rule:

[5] Block IP In/Out From Zone [Local Area Network #2] To IP Any Where Protocol Is Any

If you consider how an ICS LAN is laid out:

  Internet ---- modem ----- ICS host ------- other PCs

when one of the other PCs wants to connect to the Internet, it has to send the packet into the ICS host. But rule 5, as written, will block that packet.

To fix that, rule 5 should be

[5] Block            IP      Out From  Zone [Local Area Network #2]  To  IP Any  Where Protocol Is Any

so that packets can come in from the other PCs, but but packets not expected in the usual protocols (TCP, UDP, or ICMP) will be blocked.