Okay, this REALLY needs to be changed. It’s super annoying.
I’m getting applications blocked and I don’t know why!
There is no rule blocking the application. I’ve set it to be as permissive as possible.
It’s an application that can send/receive a lot of packets - so I’m guessing it may have hit the flood settings?
Impossible to tell, but if you’re doing something like streaming video or downloading a file, you can easily hit the “20 packets/second” default that the intrusion detection has.
What we really need is something - ANYTHING telling us WHY something has been blocked.
Because sometimes digging through the rules (especially when there are about a thousand per-application rules) is tedious and frankly often simply doesn’t work at all.
I don’t want to play Mr. Detective every time something hits a setting and/or rule that blocks it. It’s getting old and tiring. Half the time I just give up because there’s no way I can figure it out. Event logs should indicate the source of the event.
Rather then simply adding the rule name, I have long wished for the ability to be able to go directly from a log entry to the rule that triggered it.
ie, right click on the log entry and select “Go to Associated Rule” which will open up the Rules Window with the correct rule highlighted, rather then seeing the rule name and then having to manually go and find it.
it’s often impossible to understand why something doesn’t work with firewall on and works with firewall off. Especially when the source is svchost.exe, Windows Operating System or something like that. In such cases I’m forced to disable the firewall temporary, which is quite annoying (especially when the firewall status is not indicated by the tray icon, and I can forget it disabled for a long time).
A nice option would be ‘Show log’ in the tray icon context menu.
A workaround is to have a shortcut to “C:\Program Files\COMODO\COMODO Internet Security\cfplogvw.exe” (N.B. This location is XP specific) in the Quick Launch area of your taskbar.
cfplogvw.exe is the log viewer that is started by clicking on the MORE button in the standard logs.
I don’t think it’s necessary to see which rule was fired when the application is already mentioned. However, since logging needs to be activated for every rule, I’m in favour of adding a general setting for logging:
