No Internet shortly after Windows starts & command line support

Two issues, please…

  1. I use Comodo Firewall to block all Internet traffic, except for certain IP’s. The rules are saved under the “Advanced Settings → Firewall → Global Rules” section. These rules are all activated manually using the “Custom Ruleset” selection. But most of the times, the Firewall is set to “Disabled”, allowing all traffic to pass.

The problem is that when the computer starts, even though the Firewall was previously set to “Disabled”, the Internet access is still blocked (for about 15 - 20 seconds, on average). I can tell this is related to Comodo Firewall because the traffic is blocked for all websites, except for those set to “Allow traffic” in the Global Rules section.

So, it happens like this…

  • i enable the Firewall (all traffic is denied, except for certain IP’s);

  • some time later I disable it (all traffic passes through);

  • i shut down the computer;

  • later in the day, I turn it on once again, and in the first seconds after Windows 8.1 starts I cannot access the Internet, except for the IP’s set in the Global Rules.

This happens frequently (but not always!) when I turn on the computer, even if I do not enable the Firewall during these computer sessions.

Any idea what could be the problem?

  1. Does Comodo Firewall offer command line support? I could not find anything like this when searching the net. I would like to be able to use the command line (via a script) to start and shut it down, and activate or disable the Custom Ruleset.

Thank you!


Out of the fact that the problem does not occur always I conclude the boot order plays a role. That learns me that cmdagent.exe, the background service that does the actual protective work, needs to get its instructions from the client program cis.exe upon boot. Sometimes it gets the instructions earlier and sometimes later. That’s what you’re noticing.

Windows does not have the option to influence the boot order of programs starting with Windows. A third party tool might bright solace but I cannot guarantee it will.

I am wondering how this a problem in your set up. I am just curious.

Comodo Firewall does not have command line support.

Thank you for your message, Eric!

In regards to your question, there are times when I am in a real hurry and I need to access the Internet right away. It is a problem for me for the simple fact that I am unable to do that, even though my FireFox has fully loaded.

I will try to find an application that can influence boot order of programs. Although, from a quick search I just made, it might not be an easy task. So, my understanding is that cis.exe file must be loaded first, then cmdagent.exe.

I already tried using the “Automatic (delayed start)” for the cmdagent.exe service (in the “Services” section of Control Panel). From what I read on the net, this Windows option (delayed start) will load the service in question after all other services have been fully loaded. But this may not apply to the situation here since I believe that cis.exe is not a service, but an application program that is not subject to the same prioritization as the Windows services. Anyhow, there was no improvement after using the ‘delayed start’ option.

If you allow me a short suggestion to the developers… command line support would be really helpful for those that need a bit of automation. Still, I managed to solve this problem by using a small utility called TinyTask. Basically I created two macros that change the state of the firewall from the traybar icon (by replaying the mouse movements I recorded earlier). Not that elegant and speedy, but it works flawlessly and it gets the job done.


Cmdagent.exe gets loaded first. That cannot be changed. It starts early in the boot process before Windows releases the network connection. You want it to start early so it is up and running to protect your system. So I strongly recommend to start the service without delay. The only thing you could try to influence is to get cis.exe started earlier.

Cmdagent.exe (Comodo Internet Security Helper Service) does the protective work. Cis.exe, among other things, instructs cmdagent.exe with the settings.

I like the solution you found; nifty.

You seem a pretty advanced user but I do have a question. I am wondering if you are trying to start early in the process once Windows starts showing the desktop. People sometimes complain their computer is slow when booting. I usually advice them to wait until all icons in the systray have loaded or a bit longer depending on the age of their hardware.

Yes, once the desktop has loaded, I start FireFox right away. I do not wait for anything. I guess patience is not a virtue of mine, at least not in this case… :wink: