I noticed a problem with the firewall - IPv4 loopback traffic is not filtered (for IPv6 seems to work well).
This is the serious security hole in case of a firewall rules that determine the access of particular processes to specific (by port numbers) local services listening on 127.0.0.1
I need it and for this reason I am still staying with version 12.0.0.6882, where it works as it should.
The fastest way to test this case:
Set the firewall settings: Custom Ruleset, Show popup alerts, Create rules for safe apps, Set alert freq level: Very High, Filter IPv6 traffic, Filter loopback traffic.
Type in terminal: ping 127.0.0.1(no popup alert but should be) ping ::1(with IPv6 ok, popup alert appears)
Create a firewall rule for ping.exe with Ruleset “Blocked Application”
Type in terminal and compare two results: ping 127.0.0.1(the rule does not work) ping ::1(here is ok)
Works for me, I get alerts for both IPv4 and IPv6 ICMP requests and if I set an application rule for ping.exe to block, then ping to both IP addresses fail.
I found an additional dependency. Try to delete Loopback Zone from Network Zones and even if you re-create it identically - loopback filtering for IPv4 will no longer work.
This could be a wider problem in which Network Zones editing induces firewall destruction.
How long tried I today to solve the problem of TimeOut! :-[ That was the problem.
But what I don’t understand is, why didn’t I have never problems of malicious software. Is it luck? Or does comodo (as from futuretech, I think, discussed) pretend before firewall could be destructed (not finding an intruder, but prevent it). I’m very keen of having a protected PC.
Well, I have tested following your instructions. Resume about ping.exe:
1º Rule allowed only loopback zone. 127.0.0.1 Ok. ::1 Blocked, no alert.
2º Rule Ping to ask me: Alert ask me for both address test to allowed it or no.
3º Rule ping Blocked. Both address were blocked, no alert.
So for me CIS is working as expected.
I don’t get at all your test… what is wrong that a process/app connect in your loopback zone? Maybe because you are using local ports dedicated to specific app?
If it is the case, you cannot make a rule by app for to loopback zone to specific port allowed or blocked?
I couldn’t find the error when I also tested ping, it didn’t work as I tried with the supplied settings.
Now that I made the new update, I can confirm it: CIS works, ping works as I want it to, with the included settings (which it didn’t before the new update for 7036) and also according to my own settings. So, the CIS world is okay again, for me.