For Comodo Firewall, is it possible to specify multiple IP Ranges under the “Destination IP” which is under “Application Control Rules”? The reason that I ask is that I want to restrict the outgoing Internet access of my e-mail application (Lotus Notes 6.5.3) to a list of about 2 dozen specific IP ranges so that spam e-mail I open can’t access the Internet. Any help on alternative ways to do that would be greatly appreciated.
Thanks,
Stu
Welcome to the forums, sb06794 (:WAV)
Obviously, you’ve already been poking around with the application rules, trying to figure it out.
Under that Destination IP tab (when you Add or Edit a rule), there is an option for IP Range. As you may already be aware, this only gives a start and end IP address.
At present, that is the only option for entering IP ranges. Thus, it may be necessary for you to create multiple rules for Lotus Notes, for each IP range you want, if they’re not all from the same IP. I realize that may be a lot more rules than you want…
If you don’t mind me asking, are you accessing a dozen different email accounts, each with different IP addresses?
If you can provide more details about what you’re trying to do (you don’t have to reveal specific IP addresses, but it would help if you can delineate what kind of range you’re looking at), it may help to narrow down some options.
LM
LM,
Thanks for your quick response. Actually, I haven’t downloaded or installed Comodo Firewall yet. I’m big on researching software, including reading the manual, BEFORE I install it. My question in this forum comes from reading the Comodo Firewall manual. Currently I’m using Sygate which, as you probably know, was bought and killed by Symantec. Sygate does what I need to do, albeit in a clunky way, but for the long run I’m looking for a firewall that will be supported as I eventually move from Windows XP to Vista.
What I am looking for from Comodo Firewall is the ability to limit which IP address ranges my e-mail client (Lotus Notes 6.5.3) can access. For example, when I receive an e-mail from Morningstar, it has embedded images that are resolved via the Internet. When I open that e-mail message in my e-mail client it goes out to the Internet to try and resolve the image. When my firewall tells me this access has been blocked, I run Whois against the blocked IP address to get the IP range to insert in my Sygate firewall access rights for my e-mail client software. I do the same for many other EXPECTED e-mails like from Target stores. However, if I should happen to open a spam e-mail message, I do not want to allow it to access the Internet. Over time I have found about 2 dozen IP ranges that I need to allow in my firewall for my e-mail client application.
I already know that neither the free ZoneAlarm nor the paid version have the ability to do what I want to do. I am hoping that Comodo has this ability.
I hope that makes my situation clearer.
Thanks,
Stu
Oh absolutely.
The attached screenshot shows the creation of a rule (I’ve used Outlook as the example). The Destination IP tab has several options; I’ve chosen Single IP, which sounds like it would fit your purpose. You could also choose IP Range, and enter a Start IP and End IP for that range.
Let’s say to start with you create a rule to allow LN only access to your email server, at 123.45.67.89. That is now the only address it’s allowed to connect to. You’ll want the Alert Frequency set to Medium or High for good results.
Now, an image from within an email wants to use LN to access 987.65.43.21; this is not the authorized IP address for LN, so CPF will generate a popup alert, which you can choose to deny (and even “Remember” if you want, which will create a rule in the Application Monitor to that effect - this might be good for your purpose).
If you choose “Remember” when you deny access, it’s easy to go back and edit that rule to change from Block to Allow, if you decide you want to allow the image retrieval. That way, you don’t have to create a rule from scratch; otherwise, just Add a rule and build it as you need.
Hope that helps answer your question.
LM
[attachment deleted by admin]
Yes you can limit the IP ranges your app can access.
You do have to create more than one rule, but that goes for most apps.
You can set the Alert frequency level to high or very high, so it creates an alert for every IP and port, so it makes it easier to create “tight” rules.
You can create a block rule and set it to exclude the ranges you want to allow, or just block the one’s you want to block. Allow the IP’s you want to allow, or…
You can also use Thunderbird that auto block all images, until you hit the “show images” button… 
;D
Edit: you was faster than me LM… again… ;D
LM & AOwl,
Thank you for your quick responses. I particularly like LM’s suggestion of choosing “Remember” and then switching the rule created from “Block” to Allow". If it’s as easy to do as it sounds, it is exactly what I want.
As I install and try the Comodo Firewall, you may be hearing from me in the future on these forums.
Thanks again,
Stu
Tomorrow Comodo release the 2.4 stable…
No problem, Stu. Here’s a good place to start: https://forums.comodo.com/index.php/topic,894.0.html this page is a compilation of links to different FAQs, broken down by topic/subject. There’s a great video tutorial on installing and setting up Comodo’s firewall (by AOwl), an excellent explanation of Network Control Rules (by m0ng0d), a list of all commonly-used network rules (the default rules, common applications, etc) (by pandlouk), and an explanation/overview of how CPF’s layered rules approach works (by me); among many many more.
Post any questions you need in the relevant threads, or create a new one if it doesn’t seem to fit. You can also use the Advanced Search feature to limit results to just firewall topics, such as Help or FAQ. Someone will be glad to help.
LM
LM,
Your information is much appreciated. It reinforces why I need to switch from the now dead Sygate firewall. Forums like these are immensely helpful in resolving issues and even getting new features included in great software.
Thanks,
Stu
;D We’ll be glad to have you, and I think you’ll be glad to have Comodo (which is currently the #1 firewall against leak tests, and in the top echelon against termination tests). Gotta give 'em a plug, after all…
I’ll mark this topic as resolved, so other users will know there is a potential answer here.
As I said before, please feel free to ask questions as you need.
LM