I have Comodo Firewall (not Anti virus) v4.1.150349.920
The Help File discusses changing the order (and hence the priority) of the Application Rules. But the Help File states:
“Therefore, outgoing traffic has to ‘pass’ both the application rule then any global rules before it is allowed out of your system. Similarly, incoming traffic has to ‘pass’ any global rules first then application specific rules that may apply to the packet.”
If traffic has to pass all the Application Rules I cannot see what difference is made by changing the order?? If there is any rule that blocks then the traffic will not pass??
For example if:
Rule 1 allows out all traffic out for Application A
Rule 2 blocks Application A sending out UDP traffic
Then if Application A is trying to send out UDP traffic, Rule 1 allows but rule 2 blocks - net result is that traffic is blocked.
If the rules are reversed, viz:
Rule 1 blocks Application A sending out UDP traffic
Rule 2 allows out all traffic out for Application A
Then if Application A is trying to send out UDP traffic, Rule 1 blocks and rule 2 is irrelevant - again net result is that traffic is blocked.
For any access through the firewall does there have to be a rule that permits the specific access??
ie the default position (either in or out) is to deny unless a permission is explicitly granted under both Application Rules and Global Rules??
Logically this ought to be the situation but I cannot find this stated explicitly in the Help File.
Many thanks.
Further Thoughts:
Or is it that if there isn’t a specific permission under the Application Rules then an Alert is generated (Alert Settings = Low)??
But still not sure what is required under Global Rules?? If there is nothing in the Global Rules to block then is traffic is allowed or is a specific Global Rule that allows required for the traffic to pass through the firewall??
