Network Rule

I was getting into quite a muddle with my CFP ver 2 so I uninstalled it and have installed ver 3.
It is on my XP desktop PC which is wired to a router. I also have a laptop PC with a wireless card online via the router. Comodo recognised the network and popped up a dialog box in which I checked “I would like to be fully accessible to the other PCs in this network”. So far so good – I can see the laptop from the desktop and can open and transfer files. I can also access the desktop’s printer from the laptop. However when I try to use the laptop to look at a shared folder on the desktop, which was no problem without Comodo running, a message on the laptop said it wasn’t accessible – so I assume Comodo is blocking access.
Can someone please tell me how to change an existing or create a new rule to let the laptop see the desktop. I know the desktop’s MAC and IP addresses so I’m sure it’s easy when you know how, but I’ve read right through the help two or three times and I must admit I don’t know where to start.
Many thanks.

Clear the log, try to get access to your shared folder, then check the log. There should be new entries. This will help you to create appropriate rule. If you don’t sure, place these entries from your log here. In this case use “IP names” instead of IP addresses: desktopPC, laptop, unknown etc.

I’ve tried your suggestion but there are only “allow” entries in the log. I went into Network Security Policy, Global Rules. There are three rules and I checked “Log as a firewall event if this rule is fired”. Then I cleared the log and tried to get access to my shared folder, which was blocked as before. However there were only two “Allow” events – I wouldn’t expect them to relate to the blocking. I have attached the log.

[attachment deleted by admin]

This is probably caused by the Defense+ protection. The Desktop is a Protected Folder, although it does not appear on the list of Protected items. I had trouble making FDM save downloads to the Desktop until I gave it access to Protected Files. Look at the Defense+>Common Tasks>View Defense+ Events and look for blocked access there. I would have thought that you would be asked about the permission to use the Desktop. Perhaps you accidentally clicked Block on a pop-up asking about that? Anyway, post us a shot of your Defense+ Events so we know what application is being used.

Me too. I think that adjusting firewall rules won’t help in this case (as nothing is getting blocked).

Before you check D+ settings and logs, i suggest you to set D+ to “disabled” (right click on icon in tray) and try to open shared folder. If you would be unable to do this, i think there is no need to adjust any settings in D+ (as it won’t give any result). But maybe i’m wrong :THNK

You may have to reboot to test the Disable approach. I don’t know how the protection is established, but others have had to do that to disable Defense+.

There is nothing at all showing in Defense+ Events. Does anything need to be checked for it to record events? I don’t think I activated it when I installed CFP 3.0 – although I’m not certain.
I am not using the Desktop as a folder – I was referring to my two PCs – a desktop and a laptop. CFP is on the desktop only and I can’t access a shared folder C:\temp which I have made shared and can access from the laptop when Comodo is not running. I am certain I did not click to block anything on a pop-up – having had so much trouble with Comodo 2 I’ve been very slow and careful since installing Comodo 3.

I have now disabled Defense+ in the SysTray and rebooted but access to my shared folder is still blocked.

I don’t think it has anything to do with Defence+

Have you tried this:

On your PC, open Comodo and click on Firewall
Click on My Network Zones
You should see your network zone by the name you gave it, and the rule(s) for access. It should say 'IP IN [ -] or something like it if you allow a range of IPs, or just one address if your laptop’s IP is the only one you’ve set up.
If none of this appears you’ll have to click the Add button to add the zone.
If the address or range is wrong or the rule is wrong (if it doesn’t say ‘IN’) you’ll have to click on the Edit button.
Click the Apply button.

Now click on My Blocked Zones to make sure you have not got your network zone blocked.
Go into the Stealth Ports Wizard and make sure Define a New Trusted Network is checked. Click on Next to make sure that Comodo is trusting your existing network zone, clicking in the Zone space to select it from drop down list.
Click Finish.

Under Firewall Tasks… Advanced, click on Network Security Policy, then select the Global Rules tab.
You should see two rules with green checked circles for ‘Allow all incoming…etc.’ and ‘Allow all outgoing…etc.’ with each one specifying your network. Click on Edit for each of them and check the rules to make sure the IP addresses or ranges are correct for both Source and Destination addresses.
Check to log the event if the rule is fired.

You didn’t say if Comodo is installed on the laptop.
If it is perhaps you should do the same steps on the laptop.
If it isn’t set up on your laptop, are you using any other firewall on the laptop, including Windows’ own firewall, which might be blocking access?

Is it possible that you haven’t configured Sharing properly for that folder? Is it possible that Windows firewall is running without your knowledge and is blocking access?

One last thing to try if you haven’t already could be to remove the network zone and then add it again and create the rules as above.

Hope something here helps.

Many thanks – I’ll try your suggestions and post back later Monday a.m. as it’s now 2.17 a.m.

I’ve worked through all your suggestions macondo, and although I still can’t access the first PC’s shared folder from the second PC, I do have a slightly better idea of what is happening.

First of all I wanted to be certain that it is Comodo on PC-one (my XP desktop machine) that is causing the problem, so I disabled it in the SysTray but that made no difference – access still blocked. I then exited Comodo in SysTray, but still access was blocked. So I uninstalled Comodo and sure enough access was restored. I turned on the Windows firewall and access was still OK. Then I switched off the Windows firewall and re-installed Comodo 3 – once again access to the shared folder was blocked. I noticed that although I couldn’t access PC-one’s shared folder from PC-two (the Vista laptop), I could see PC-one’s shared folder in PC-two’s Network window. I just couldn’t open it – clicking on it brought up the Windows message saying access was denied, until I uninstalled Comodo from PC-one.

When I re-installed Comodo it popped up a Window saying it had detected a “New private network” and I checked “I would like to be fully accessible to the other PCs in the Network” (OK). This is the IP address of PC-one (using ipconfig).
As it wasn’t “fully accessible” to my other PC I followed your first suggestion by going into My Network Zones and changing the zone rule from the single IP to the same range as my router’s DHCP server can assign: – but this made no difference.

I checked that there was nothing in My Blocked Zones (your second suggestion) – nothing, and I used the Stealth Ports Wizard to make sure that Comodo was trusting my network zone.

Your third suggestion was to look at the global rules in Network Security Policy. There were four rules, but 3 & 4 were just repeats of 1 & 2.

Rule 1: Allow All Outgoing Requests If The Target Is In [network]
Action: Allow, Protocol: IP, Direction: Out, Source Address: Any, Destination Address: Zone,
IP details – IP Protocol: Any
Rule 2: Allow All Incoming Requests If The Sender Is In [network]
Action: Allow, Protocol: IP, Direction: In, Source Address: Zone, Destination Address: Any,
IP details – IP Protocol: Any

Rules 3 & 4: as for 1 & 2

Rule 5: Block ICMP In From IP Any To IP Any Where ICMP Message is ECHO REQUEST

Comodo is not installed on PC-two (laptop) – it has bundled Norton 360. I intend to replace Norton with Comodo if and when I can configure Comodo successfully on PC-one. In the meantime I’ve assumed that because uninstalling Comodo restores access to the shared folder that my problem is not with Norton. Just to be sure I’ve tried turning off Norton and it made no difference. Windows firewall is OFF on both PCs.

Regarding shared folder permissions – when I go into PC-one’s shared folder properties, Sharing tab, I can see checked both “Share this folder on the network” and “Allow network users to change my files”. But once again if the permissions were not correct then I wouldn’t expect to be able to get into the folder after uninstalling Comodo.

I have also tried your last suggestion of going into My Network Zones and removing/re-instating my network rule. With the rule removed I cannot see PC-one at all from PC-two. When I put the rule back in I can see PC-one in PC-twos Network window but I can’t open the shared folder. That should tell me something but I’m not savvy enough to figure out what.

Sorry this was so wordy but I couldn’t see how else I could deal with all your suggestions. Does the above give you any idea of what could be the problem? With thanks.


As long as you don’t have any rules blocking access in either Global Rules or Application Rules, please try this on PC-1:
create a rule:
Source Address =
Destination Address = Any
Source Port = Any
Destination Port = 139 and 445

If that doesn’t work, try setting this:
My Network Places/Properties/Local Area Connection/Properties/Internet Protocol/Properties/Advanced button/WINS tab:
select Enable NetBIOS over TCP/IP


Thanks for the suggestions SW. I’ve tried them both but no change. For the “Allow/TCP/In” rule I had to make two separate rules, one for each port, because I couldn’t see a way of combining separate ports in one rule – only a range. I made them the first two rules but sadly there was no change.

I then went into My Network Places and enabled NetBios over TCP/IP – it wasn’t already checked – but again no change. However I’m grateful for the suggestions.

Eccles - do you have a rule for Windows Operating System? That may be the problem, if it does not allow your LAN. If you have no rule, then there should be no block from that - back to square one.

No, not so far as I can tell. I’ve attached two screen shots as Word docs that show all the Application rules and I can’t see anything there, but maybe you could take a look for me.

[attachment deleted by admin]

The first thing that I notice is that the network is defined differently for different rules. The for the System rule differs from the rule for svchost.exe. Try editing the rules so that the IP address range is the same as the rule for svchost.exe. I can’t see your Realtek… IP address range (it would be in the My Network Zones page) but that should match the range for svchost.exe also. If you have to edit this in the My Network Zones page, you will have to run the Stealth Ports Wizard again after changing that Zone and also edit any rules in the Network Security Policy page that use the Zone. I’m guessing that the IP address assigned to the laptop was outside the range in the System rule, but works somewhat due to the other rules.

Hi Eccles.

I wonder if you have tried something very simple - try sharing a different folder or folders or create a new folder and share that.

Another idea: when you uninstall comodo, do you REALLY uninstall it, removing every trace of it? It could be that each time you re-install it there is an inheritance of some setting in the registry that you don’t know about. Try a program like Revo Uninstaller which will search for all remaining traces of a program once the program’s own uninstaller has done its job. It’s freeware.

This is a challenge; there MUST be a solution!

In Firewall Tasks… Netork Security policy… Global Rules tab, where you should have the green checks beside Allow all outgoing etc… and Allow all incoming…, click on Edit for each of them and make sure you have checked Log as a firewall event if this rule is fired.

Now try to connect with your laptop.

At the same time, on the PC click on Common Tasks… View Firewall Events and see if there is a record of the connection attempt by the IP address of your laptop.
Also have a look in View Active Connections and see if you can find your laptop IP under System… TCP IN, in the Source column. There should be a port number there as well eg. 1067

Not sure where this is leading us, but it’s more information! The strange thing is that you say you can see the folder but simply not open it. I presume you find the PC from your laptop by typing its IP address into Start… Run.

Another possible line of approach has occurred to me: PORTS.

Try going into My Port Sets and add a new set which you could call LAN or whatever.
Then Add a port and choose Any.
Make sure there are no ports specifically blocked.
This should allow any port at all to be a conduit for traffic in and out, I think.
Click Apply and try to connect again.
If it doesn’t work, go back and delete this new port set, as you don’t want it. It’s just there to see if it is ports which are the problem.

I re-read your ealier posts and see you have already tried looking at the log, which I suggested in earlier reply. When I look at my Firewall Events I see only Blocked, no Allowed; you said you saw only Allowed in your log. Strange.

I think you also had checked Log this Event if Rule if Fired etc. which I suggested in my previous post. Oh well.

I thought about the possible blocking of File and Printer Sharing, but your first post says you can use the printer from the laptop, so that can’t be the problem.

Please try this:
- click on the “System” group of rules and move it up so that System is listed first
- add two specific rules to the System group (and make them the first two rules):
Source Address = <specific IP address of PC-2, not a network mask>
Destination Address = Any
Source Port = Any
Destination Port = 139 and 445
- click Apply twice to activate the changes
I know you tried something similar earlier, but please do it. You can create one rule instead of two by defining a “port set”:
Firewall/Common Tasks/My Port Sets
give the set a name (e.g., “139, 445”)
add a single port to the set (139)
add a single port to the set (445)
The port set should look like this:
- 139, 445

Finally, how are you connecting to PC-1- by My Network Places or by mapping a network drive? I don’t know the name of your share, so using an example share name of PC1_DriveC, please try this on PC-2:
- right click on My Computer
- select Map Network Drive
- select a drive letter from the dropdown
- for folder, type in:
(obviously, use the actual IP address and share name of PC-1 :slight_smile: )
- if the username and password you are using on PC-2 is not the same username and password as on PC-1, set the info in “Connect using a different user name”

Let me know how you make out and we’ll take it from there.