New event in Firewall events every few seconds.

Hello all, I’m using the freeware version of Comodo Firewall, I have a port forwarded on my router and I use a torrent client.

utorrent isn’t running at all, the Firewall Events window shows connections trying to connect through my opened port.

Windows Operating System > Blocked > TCP some UDP > Some random IP > Some Random Port > My systems IP > My Opened Port > Time is every 2 to 4 seconds.

I’m new to this firewall and have no idea why this is happening
Can anyone please shed some light on this for me?

Thank you in advance.


1st: create a general rule for uT:

  • allow TCP out from IP to In [Loopback Zone] where Source port is ANY and destination port is ANY
  • allow UDP out from IP ANY to IP ANY where source port is ANY and destination port is 53 (for DNS lookup)
  • allow TCP and UDP in/out from IP ANY to IP ANY where source port is ANY and destination port is ANY

then, after running with this, you can turn these rule more restrictive, if you bind your outgoing’s to one port, and so on…

after you make your definitive/final rules, you will be able to add an “Block and Log IP In/Out from IP ANY to IP ANY where protocol is ANY”. Notice that if you add this last rule you will NOT receive any pop-up about a new connection b/c they will be denyed by the rule…

If this doesn’t work for any reason, let CIS work in “Clean PC Mode” and then work on the rules created (but there will be a lot)…

I’m not sure I understand…

I did some more searching and found a HUGE thread full of information, regarding this issue. It’s so large I find it hard to find the bits of info I need. I’ve gathered something about creating rules to stop the constant logging… but I’m still rather lost…

After closing a p2p client like uTorrent it takes a couple of hours for the network to realise you are off line.

Somebody here at the forum moves the uTorrent rule under Global Rules under the block rule (with the red icon) when not using uTorrent; this closes the uTorrent ports on the firewall. Before starting uTorrent he moves the rule back above the block rule to open the ports for uTorrent.

Can you show us your global rules?

Here’s my global rules window, not much in there, still getting the hang of this firewall hehe.
Thanks for the reply as well.

[attachment deleted by admin]

You need to add a rule for uTorrent in the Global Rules to open a port

Here is the drill: Add → fill in the followingL
Action: Allow
Protocol: TCPor UDP
Direction: in
Description: Port rule uTorrent
Apply → Apply

Source address: Any
Destination address: you have choices here to tell CIS your system is the destination
Source port: Any
Destination Port: the port set in uTorrent.

Make sure the uTorrent rule is above the basic block ruls (red icon). When changing remember to Apply when leaving the dialogue box. Now you are good to go.