my log


what does ask for icmp mean?

It doesn’t match to my global rules…???
was it a time exceed?

[attachment deleted by admin]

Takin from the help file.

ICMP Details

ICMP (Internet Control Message Protocol) packets contain error and control information which is used to announce network errors, network congestion, timeouts, and to assist in troubleshooting. It is used mainly for performing traces and pings. Pinging is frequently used to perform a quick test before attempting to initiate communications. If you are using or have used a peer-to-peer file-sharing program, you might find yourself being pinged a lot. So you can create rules to allow / block specific types of ping requests. With Comodo Firewall Pro you can create rules to allow/ deny inbound ICMP packets that provide you with information and minimize security risk

but my global rules doesn’t block this request!

is something misconfigured?

If your wondering about the Windows thing see this post. I actually don’t use global rules.

but this was an incoming request which was not detected from my global rules.
it is configured to block all, except ICMP Fragmentation is needed or Time exceeded.

Your log is showing an ICMP 3.0 message. ICMP is the error message reporting that other protocols use when there is some kind of problem encountered. A 3.x message is an error report, and the 3.0 is saying “net unreachable”, meaning it got an address from your PC to send on to the Internet, but there is no way to get there from your router.

A “Fragmentation needed” is an ICMP 3.4, and a “Time exceeded” is an ICMP 11.x (most likely an 11.0, but there are some other 11.x conditions that sometimes happen).

If you want to allow all the ICMP 3.x error codes, you’re probably going to be stuck adding in global rules to allow each one individually. There are 14 subcodes (0 thru 13) that handle the vast majority of problems.