I was thinking of trying to setup my Comodo Firewall whit the help of Network monitor rules only. And thereby having the Comodo Firewall working as a Nat router whit build in firewall. Whit out the hazel of getting popups whit applications that aren’t on the firewall list.
Is possible to block/stealth all incoming traffic and having the firewall work auto were it would open op a port when it is need temporally for the application that needed it on the computer?
My old firewall could this but there was a problem when I played Warcraft 3 and som one on the internet used the program called banlist to check my location/ip in the world my comp would freeze op. That’s why I wanted to try out comodo firewall to see if I could get my old settings back whit out the computer/game freeze in Warcraft 3 and other programs.
The program Banlist can be downloaded from here: wc3banlist.de
But it is only on battle.net when a user uses the program on me in game or before the game starts that my comp would crash whit my old firewall. But I have see people on the forum having the same problems whit comodo firewall to. So I don’t know if this is a gennerral problem whit all firewalls (Settings) or just that the firewalls out there are shutting down the internet connection and thereby making the computer crash. On the old firewall I couldn’t even do ctl+alt+del it was totally non responsive.
I was thinking about this two rules below if they would do the trick for me whit out the crash. But iam not sure of how Comodo firewall works and if blocks all communication in? even if I started my game op and comodo firewall would block all ingoing traffic from my game ect? Or if it temporally opens op for the request port of the application that was running?
Or should rule 0’s Direction = IN/Out? But from what I could read on the forum was that when using in/out whit any Source IP on TCP or UDP would open the computer 100% and would be the same as running a computer whitout a firewall. But this is one of my manny qustions about who comodo rules work.
Rule 0:
Action = Allow
Alert = Off
Protocol = TCP or UDP
Direction = Out
Source IP = Any
Remote IP = Any
IP Protocol = Any
Rule 1:
Action = Block
Alert = On
Protocol = IP
Direction = IN
Source IP = Any
Remote IP = Any
IP Protocol = Any
Still waiting for an answer for my question above!
BTW Can a Comodo Firewall installation/Configured which has bin validated whit an key be Ghosted to another computer whit out having to enter another license key? Or is it only one key per installation?
Firstly, CPF stealths all ports all the time, unless an application needs a specific port. When that application ends and no longer needs the port, the firewall stealths it.
The two rules youve outlined below might work, but the out rule is incredibly open. You really should take the time to learn how to create the rules you need for specific appliations. Once you get the hang of it, it’s quite easy.
You should reinstall the firewall cleanly on each PC, rather than ghosting it. You CAN re-use the validation key but Comodo prefer that you donwload a new key for each install. This helps them get a better idea of how many installed copies there are out there.
Okay… Thx. But i have one question left about some in rule. I have an open out rule as you say. But if I play an computer game like Warcraft 3 as I have mentioned. Do I then need to have an in rule for that or dos comodo work like my old firewall that would say that the firewall would open an in connection on the port that the game is communication out on. Or would i have random shutdown of the port in game?
And what dos comodo do if i only make rules for IP and not the rest? Dos it then just block them or what dos it do? If i only block IP that leavs TCP/UDP/ICMP not to be blocked. So what would Comodo do in this case? Block them or have them open out but blocked in.
There is no documentation on this in the manual or other parts of the program. So I would like to know about what it would do.
Sorry nothing that i can use there. I have understood how to make rules ect. But iam asking for a way to make a rule were, when i host a server that the firewall whiteout thinking opens op for an in connection to the my server whit is running whit the out rule. Of what i have bin able to see in log. Is that when i host a server on my comp and the firewall stil i blocking the trafic in on the port which my server is running on. The rule should only be temporarily open-end so long the server is running. Whit me having to reconfigure the comodo firewall. I don’t know if comodo support such a feature or if such a feature could be implemented in the next version. As a new form of rule sets.
If I understand your question correctly, you are wondering about your “In” rule for your server while playing Warcraft online. You want to know if you need a specific “In” rule for playing the game, or if CPF will automatically create an “In” rule to match your “Out” rule? (going by your first response to Ewen; your question to me seems to be a little bit different)
The short answer at this point is that no, CPF will not automatically create an “In” rule to match your “Out” rule (for port, etc) for playing Warcraft. You have to create separate rules; but that was discussed in the two links I posted earlier.
By your question to me, it looks like you are asking if the “In” rule will automatically close down when your gaming server is closed. If I understand that question correctly, no it would not; you would need to remove the rule in order to block that connection.
However, please let me note that I am not a gamer; I am trying to answer your question simply from a rules-creation standpoint. Have you tried doing a search (use the Advanced Search feature to limit results to the Firewall forum) on Warcraft to see what other users are doing?
To host a WC3 server, you have to make a specific rule. The details are shown below;
Action : ALLOW
Direction : IN/OUT
Protocol : TCP/UDP
Source IP : ANY (This is them)
Destination IP : Enter your IP address here or enter ANY, but a specific address is better
Source port :ANY
Destination port : RANGE - 6112 - 6119
This sets the firewall to accept incoming connections on ports 6112 to 6119.
These ports MAY need to be forwarded on your router as weel. Try just setting up CPF with this rule and see if it works. If it doesn’t, try forwarding the ports on your router as well. I’ve used these settings for ages and haven’t had a problem.
CPF will normally stealth ports that are not actively in use, but in the case of an inbound rule, it cant be stealthed or it couldn’t be found. The ports above 1056 are user assignable ports that are not linked to a specific protocol and shouldn’t cause an issue if ports 6112-6119 are available.
Little Mac:
Now we are talking. That is what I was wondering if comodo had that feature. But as I can see a feature like that isn’t there in Comodo.
But how can i request such a feature in the next beta?
It should work like this. When a person selects the Direction an selects out there should be an checkbox present were a person could check to make an temporally IN connection to mach the OUT connection if needed. That way it should be more an gaming friendly firewall. And when the program isn’t using the out connection any more it just shutdown the temp IN connection to the server.
panic:
I have don that temp right now. But I was asking for a general rule were I didn’t need to have special port for special games open. But just having a rule that could do it on the fly whiteout my help ect. But such a feature isn’t there. So now I can only request it in the next beta if they would consider it.
What if i dont make a block or Allow rule for TCP/UDP/ICMP what would the comodo firewall default do then? Just block or do nothing? There is no documentation about this in the manaul. So i have to ask about the default action the firewall would do.
You may request this feature in future versions by adding it to the CPF Wishlist. Comodo does monitor that list and takes ideas from it. Sounds like it could be a useful addition to CPF…
Glad I could answer your question, even if it wasn’t the answer you wanted to hear…
CPF by default creates a “catch-all” block rule that is the last rule in the list. If any data doesn’t satisfy one of the rules higher up the list, it is blocked by the last rule.
Regarding automatically creating a rule to match an outbound rule, how is the firewall supposed to know what port are supposed to be opened? WCIII is easy because the in and out ports are the same - 6112-6119, but a large number of games that allow local hosting use a wide range of ports.
Easy… If you look at the Connection window (Same place as were the log is) the programs has catched which ports the programs use to communicate OUT on. So it should just open op an IN connection temporally on dows ports to match the programs out ports. If a user has activated the option to open an IN connection to match the port that are used.
An option like this is not for all users but the reason why I and properly other users use comodo is do to it flexibility. But I was disappointed to find out that it didn’t have such an option. The possibility to have such an option is a reason more to make the rule system even more flexible.
Little Mac:
I cant write or ad Wishes to the CPF Wishlist. So could you do it for me? My idear is a great one for gamers. Cause of the fact that it opens and shutsdown in connection when neede ect. Whit out having to config the firewall after installing new games and programs ect.
