Network Monitor modes

I think there should be 4 pre-made rules (presets if you want) for Network Monitor

OFF (Network Monitor disabled)
Stealth (Blocked all inbound ICMP Echo Requests)
Super Stealth (Block all inbound IP requests & allow only outbound IP requests, basically default settings which are enabled out of the box when you install CPF at the moment v2.1.1.1)
Custom (leaves user a full control over rules).

Example of normal Stealth mode.

Settings for Custom should be saved separately so they remain even if you switch to Stealth in between and then back to Custom.

These 4 options should be placed in dropdown menu under Network Monitor, so users can change it easily.

I’ve checked the machine and got a green status for stealthing (based on
So i think it’s ok. Plus it appears to work just fine with eMule (which doesn’t get HighID if i leave default Network Monitor settings aka Super Stealth).

Just a hint and i hope you’ll impliment this soon. If you need more info or what i meant about something specifically, feel free to ask :slight_smile: Also feel free to comment this :slight_smile:

Welcome to the forum RejZoR

Thanks for the help you have given Comodo earlier.

What you are suggesting is good idea. Can you pls put that in the wish list ver 2 in this forum as developers are now working from that document.

thanks and welcome to our forum:-)


Hi RejZoR, is this network rule really necessary? Its been some time ago that I tried sygate sos testing site ,but cpf passed icmp test and all the others with the 2 default rules.

Yes, Comodo Firewall indeed passes tests with default Network Monitor rules, but problem is that it’s way “too secure”. eMule for example simply fails to obtain HighID status (which is required for painless data transfers and clients communications). LowID is ■■■■ because it’s slow and produces loads of overhead. Using just ICMP Echo blocking keeps your PC hidden, though it allows other programs like eMule to function correctly.

Could you please give an example of the rules you use for emule?I never had a problem like that.

Are you behind a router or switch? If yes, have you added the routers IP at the trusted zone?

No, i’m using direct connection based on PPPoE ADSL. Rules are fully open for eMule (all ports and all IP addresses are allowed, inbound also allows invisible connections).

Now if i left Network Monitor rules as they are, eMule failed to obtain HighID, but if i disabled Network Monitor it failed stealth tests on GRC.

Also please note that i have WinXP SP2 firewall disabled. Comodo firewall doesn’t disable it, so most of users are still running it, thus resulting in stealthed status even if you disable Network Monitor module.

So the default in CPF is “Super Stealth (Block all inbound IP requests)” this makes you stealth, even if you have “act as server” permissions.

But I think with Stealth (Block all inbound ICMP Echo Requests) then any “act as server” permissions would allow inbound IP requests as they no longer have a rule to block them and so you wouldn’t be stealth.

No really. I’m not gonna go into details but GRC was always a good indicator of stealthing, so i still rely on it.

The sygate scan site used to show many ports as Closed when GRC said they were all Stealth. I could only stealth Sygate and Kerio when there were no “act as server”. Its up to you but maybe try some other scan sites too.

Please take a look at this post,411.msg3561.html#msg3561

ps. After you move the rules up you are still having the same problem?