When I installed Comodo last week, it set up two zones:
192.168.1.97/255.255.255.0 Local Connection #1 (This is my XP SP3 assigned network address)
My question is do I have to add my router address 192.168.1.254/255.255.255.255 to Comodo’s Local Connection #1 rule or any of the above IP addresses for that matter? I am asking this because Comdo is blocking everything inbound from my router i.e. anything with a source address of 192.168.1.254.
What sort of stuff is being blocked and are you still able to surf the net?
The stuff you see getting blocked is probably broadcasts/upnp requests from the router to basically find out on a regular basis what computers are running.
You can use the “Stealth Ports Wizard” to add you router IP so that info sent is received by windows(the good thing about doing it this way is it sets up Application Rules for System and Global Rules Automatically).
Alternatively you can set up Block rules for the stuff getting loged.
For “Stealth Ports Wizard”: Firewall–>Common–>Stealth Ports Wizard–>The top entry “Define a new trusted network” will allready be checked, just click Next–>Check “I would like to define and trust a new network”–>Enter the router`s IP address in the Starting IP and Ending IP box–>click Finish.
You should receive the message “Your Firewall has been configured accordingly”.
Now have a look in Firewall/Advanced/Network Security Policy–>There should be 2 Application rules under “System” for your Router IP and also 2 Global Rules.
I already ran the sleath wizard and it generated the four std. rules: IP all in, the two ICMP rules, and the final block rule.
My main issues are the blocked ICMP events but maybe they should be? They are for the OS and are type 3,0 versus type 3,3?
I have attached today’s log file for your review. The blocked ICMP entires are in that.
Web browsing and file downloads are OK presently.
I have a problem with DHCP delays with APiPA assignment at boot time. I added a svchost.exe port 68, 67 rule for dest. 255.255.255.255 as suggested in a forum posting. I logged it and it also is shown in the attached log file. It eliminated the APIPA fallback but I am still getting a delay on dynamic DHCP at boot as evidenced by a XP system log time out warning message.
Thanks, Eric. I added those three allow rules for unreachable ICMP and they eliminated those blocked ICMP entries in the firewall log.
I also noticed when I booted my PC today that there wasn’t a startup ping (8,0) from my nic to the router log entry so I assume these rules somehow blocked that. Does not appear to be a problem since everything is running fine.