This is very odd. Your entire ruleset looks alright to me. Try this: Re-instate the All Application rule that you killed (“Allow all IP out from IP Any to IP Any”) and CHECK the “log event when fired” box. After you have done so, does Firefox breathe? And as it does, do you get tons of “Allowed” events from the All Application rule in your log?
I have a big issue in 4.0 where it basically totally ignores my Custom rules for a certain set of applications but your pictures don’t match my pattern. We may still find that your rules, too, are simply being ignored.
Well, there’s a problem somewhere. See, you have custom rules for “Spotify” so you should not receive a log entry “Allowed” from the All Application rule. Unless, that is (and I cannot verify this coz you haven’t attached an updated picture), you have re-inserted the All Application rule ON TOP of the NSP. The All Application rule should be the last rule, I believe, in the NSP.
Had I not been so troubled by other problems with my installation, I would have investigated why COMODO put the All Application rule in front of Windows Updater and COMODO itself. For myself, I moved that rule all the way down.
Bottom line: we need to get rid of the “Allowed” in your log by instating working Custom rules.
EDIT: Sorry, being blind here. You HAVE put the All Application rule too high. Move it ALL THE WAY down to the last slot.
EDIT: Be more careful still. It seems you have told the rule to ALLOW ALL INBOUND traffic. You definitely DO NOT want this !!!
The default Global Rules changed from being alerted for incoming traffic on a per case basis to a general block of all incoming traffic (default Stealth).
There are two ways to go here.
Use the Stealth Ports Wizard to go back to the old situation. Go to Firewall → Common Tasks → Stealth Ports Wizard → select “Alert me to incoming connections - stealth my ports on a per-case basis” → Finish
Open the needed ports in Global Rules following:
To open the port TCP 1723 for example
First step is to determine the MAC or Physical address of you network connector. Go to Start → Run → cmd → enter → a black box will show up and enter the following → ipconfig /all (notice the space before /all) → enter → now look up the Physical address and write it down.
Notice that Physical address = MAC address
Firewall → Advanced → Network Security policy → Global Rules → Add → fill in the following:
Description: Incoming Port
Source address: Any
Destination Address: Choose MAC address and fill in the found MAC/Physical address
Source Port: Any
Destination Port: 1723
Then push Apply → Now make sure that the new rule is somewhere above the basic block rule(s) as the bottom (the block rules have red icons); you can drag and drop the rules → Ok.