I’m talking about the network monitoring default rule:
BLOCK and LOG IP IN or OUT FROM IP [ANY] TO IP [Any] WHERE IPPROTO IS ANY
What does it do, and how neccesery is it?
I’d really like to cancel it, because it is the only thing disrupting my uTorrent (and yes, I have allowed TCP and UDP on the uTorrent port, and I don’t have a router) and making me unconnectable: a problem which showed up the day I installed COMODO firewall.
Help is most welcome
Hi TheHim, welcome to the forums.
CFPs final Block & Log rule prevents all inbound unsolicited connections attempts where there is not an existing Application/Network rule to allow it. It must be the last rule, as any rules after it will be ignored. It is a very important rule, without it you might as well not run CFP at all (as far as inbound filtering is concerned).
I hope that helps.
Not just inbound but outbound as well.
Not quite… only for non-TCP/UDP outbound traffic, as rule 0 deals with these… in addition to that all outbound traffic gets filtered through the Application Monitor first as well.