Problems with rules

I have removed the “accept all outgoing connections” from the rules.
Then i have put rules on my webbrowser, to use the rule webbrowser. But it doesn’t work.

I have tested to put “trusted program” on all programs, but they can’t connect to the internet.
How do i fix this issue?

Now i have disabled the firewall too use the programs, because of this.
I don’t want to use “accept all outgoing connections”.

Here is the rules.

Using, Windows XP SP3 32bit.
With no others Firewalls or Antiviruses.

Do you get Blocks now reported in the Firewall Events log? What do your Global Rules look like?

No, i don’t get anything inside the log.

Here is the settings in global rules.

This is very odd. Your entire ruleset looks alright to me. Try this: Re-instate the All Application rule that you killed (“Allow all IP out from IP Any to IP Any”) and CHECK the “log event when fired” box. After you have done so, does Firefox breathe? And as it does, do you get tons of “Allowed” events from the All Application rule in your log?

I have a big issue in 4.0 where it basically totally ignores my Custom rules for a certain set of applications but your pictures don’t match my pattern. We may still find that your rules, too, are simply being ignored.

I have added the “allow all outgoing” again, and it works.
And i found it inside the logs too.

The rules

The logs

Well, there’s a problem somewhere. See, you have custom rules for “Spotify” so you should not receive a log entry “Allowed” from the All Application rule. Unless, that is (and I cannot verify this coz you haven’t attached an updated picture), you have re-inserted the All Application rule ON TOP of the NSP. The All Application rule should be the last rule, I believe, in the NSP.

Had I not been so troubled by other problems with my installation, I would have investigated why COMODO put the All Application rule in front of Windows Updater and COMODO itself. For myself, I moved that rule all the way down.

Bottom line: we need to get rid of the “Allowed” in your log by instating working Custom rules.

EDIT: Sorry, being blind here. You HAVE put the All Application rule too high. Move it ALL THE WAY down to the last slot.

EDIT: Be more careful still. It seems you have told the rule to ALLOW ALL INBOUND traffic. You definitely DO NOT want this !!!

Your original post stated an issue with your browser, which based on your application rule list appears to be Firefox.

The log picture you posted however shows no Firefox communication. Also your Firefox rule entry shows “custom” as opposed to “web browser”.

If ollie2893 is correct about “custom” rules being ignored, I would:

  • close Firefox
  • remove the current Firefox rule
  • remove the allow all rule
  • relaunch firefox and train the popup by selecting “web browser”
  • report your results

I have tested now, and the only way that works, is with training mode activated.
It’s same with Spotify, Skype and Amsn.

Before you switched it to training, what mode was it in?

In disabled mode, but i have tested from custom mode to training mode and all this things now.
And it works only in training mode.

Pardon me.

I just did a reinstall of XP and I am now using free 4.0.135239.742. It was by default in safe mode. I get no treat this app’ as popups.

browsers utorrent miro veoh. I never get asked about. Switched to training mode still nothing…


The default Global Rules changed from being alerted for incoming traffic on a per case basis to a general block of all incoming traffic (default Stealth).

There are two ways to go here.

  • Use the Stealth Ports Wizard to go back to the old situation. Go to Firewall → Common Tasks → Stealth Ports Wizard → select “Alert me to incoming connections - stealth my ports on a per-case basis” → Finish
  • Open the needed ports in Global Rules following:
    To open the port TCP 1723 for example

First step is to determine the MAC or Physical address of you network connector. Go to Start → Run → cmd → enter → a black box will show up and enter the following → ipconfig /all (notice the space before /all) → enter → now look up the Physical address and write it down.

Notice that Physical address = MAC address

Firewall → Advanced → Network Security policy → Global Rules → Add → fill in the following:
Action: Allow
Protocol: TCP
Direction: In
Description: Incoming Port

Source address: Any
Destination Address: Choose MAC address and fill in the found MAC/Physical address
Source Port: Any
Destination Port: 1723

Then push Apply → Now make sure that the new rule is somewhere above the basic block rule(s) as the bottom (the block rules have red icons); you can drag and drop the rules → Ok.