If for Mozilla (same for other browsers) I add a Network Control Rule to block TCP or UDP In/Out
for the single IP address 220.127.116.11 (this is just a randomly chosen IP) for both source and destination addresses,
choosing any for source port and destination port, mozilla still can connect. Even if I make
this rule a global rule, it can still connect through.
Windows XP SP3, Comodo 3.5.57173.439
Can you tell me what other rules you have applied for Firefox ?
A block rule should become before an allow rule so if you’d like to block all traffic to 18.104.22.168 and allow all others it would have to look like this:
- Block From Any Src port Any to Single IP 22.214.171.124 dst port Any
- Allow From Any Src port Any to Any dst port Any
Hope this helps.
I can confirm the effect (Windows XP SP3, Comodo 3.5.57173.439)
I created a global rule, rule is the first in the list:
Action=block, Protocol=IP, Direction=IN/OUT, SourceAdress=Any, DestinationAddr=192.168.100.100, IPprotocol=ANY
When accessing a share on the machine 192…100 I see in ActiveConnections:
–TCP out, source=…, destination= 192.168.100.100:139
So, at least for outgoing connections the global rule is ignored in the described case.
Can you set the direction to OUT only and see if that helps ?
If not try to add the dst port 139 and try again, maybe you have to reboot because it was allowed previously.
I have a rule that blocks my laptop to access the webinterface of my default gateway (because of exploiting local gateways) and that works fine.
changing to OUT didn’t help, restricting to one port or several ports didn’t help either
I changed the DestinationAdress to Any and blocked all MS-ports 135-139,445: that worked blocked access to any share on any machine
Than I switched back to DestinationAdress=192.168.100.100: and it worked, it blocked access to only that server
I rebooted. The rule still works, blocks only access to the one server.
Strange, but maybe that description helps to find the cause.
I’m glad it’s fixed now, I’ll try to fiddle a round with enabling/disabling rules like this if i find some time…