I just downloaded the latest version of Comodo Firewall Pro, and there are a couple of things that I’ve immediately noticed…
Upon creating a rule based on new access (when Comodo encounters an unknown application or a known application for which there is not a rule for the requested access and you click “Remember” the selected action), the rule is created on a “all access” or “no access” basis. Eg.:
Comodo encounters Firefox attempting access 123.123.123.123 over port 80. By selecting “Allow this request” and “Remember my answer”, I would expect it to create the following rule for the application:
Allow
TCP
Out
Source Address (address of the local machine or blank)
Destination Address (123.123.123.123)
Source Port (port used by the local machine or blank)
Destination Port (80)
But, instead, it just creates a rule who’s effect is “allow absolutely everything for this program”, which is certainly not what I wanted or expected.
Ideally, there should be an option to bring up the Network Control Rule UI when being prompted to decide on an applications network access to create a completely custom rule with the example above populated as the default.
Also, it would be nice to have separate “Apply” and “OK” buttons throughout the firewall’s UI (where “Apply” simply saves the changes but doesn’t close the current window and “OK” saves the changes and does close the window).
Other than this, my initial impressions of Comodo Firewall Pro are very good. I actually switched from Outpost Firewall Pro (version 4 is starting to become outdated and it doesn’t play nice with some of my software and version 2008 is just unusably buggy right now).
I usually get a rule directed toward port 80 from the http rules like that. Destination address for the same URL can change frequently-that is among the things DNS is for. Source port also changes regularly depending on the previous use of the ports. And DHCP can changes the source IP address. So Comodo makes rules that usually won’t need to be redone often, that you can edit if you know more about the access. Surprised you don’t get the port 80 like I do, though, in the attachment.
I usually get a rule directed toward port 80 from the http rules like that. Destination address for the same URL can change frequently-that is among the things DNS is for. Source port also changes regularly depending on the previous use of the ports. And DHCP can changes the source IP address. So Comodo makes rules that usually won't need to be redone often, that you can edit if you know more about the access. Surprised you don't get the port 80 like I do, though, in the attachment.
I just double-checked and it doesn't specify the port when creating a new rule using this method.
And, yes, I realize that you’re just trying to make it easy to create rules that will serve as general all-around purposes, but there are still some cases in which I literally want to specify access of an application to (and from) a specific address over specific ports only. I know this can be done by navigating through the application UI, it would just be a nice convenience to be able to do this upon a new access attempt (just an additional link or button in the access notification popup to “Create a Custom Rule”, for example). This way, you can still create the simple, all-around rules OR you can customize it on-the-fly.
As for DHCP, I can handle that myself. My router actually has a reserved addressing system so that, even though I’m using DHCP for my network, I still always have the same LAN IP address for my machine (all the benefits of static IPs, none of the tedious configuration).
Again, adding this functionality to the program needn’t affect users who just want to say “yes, let this program access everything”.
Ah, I think I’ve got it. Setting the Firewall Alert Frequency Level to “Very High” will cause rules created by alerts to limit themselves to the parameters of the alert.
I still maintain that an option within the alert popups to customize a rule before applying it would be very useful.
If you are happy with the results, no problem. But such rule sets cause problems with other users because of changes in IPs and ports that occur regularly for accesses by the same computer to the same site. It might help to put a “block and log all” at the end of each set of application rules so you can see what is happening if something stops working. I do that, and also go through and edit the Comodo generated rules anyway.
But such rule sets cause problems with other users because of changes in IPs and ports that occur regularly for accesses by the same computer to the same site. It might help to put a "block and log all" at the end of each set of application rules so you can see what is happening if something stops working. I do that, and also go through and edit the Comodo generated rules anyway.
Yes, I [b]know[/b] that. We're past this already.
What I’m asking is for a feature to optionally create custom rules upon new access. The functionality that makes it easy for novices to use would remain.
The “Create Custom Rule” link to open up the “Application Network Access Control” dialogue with the “Network Control Rule” dialogue opened in “front” of it (think z-index), prepopulated with the parameters of the requested access (remote/local IP, remote/local port, etc). Presumably, clicking apply to both aforementioned dialogues would close the alert dialogue as it would be no longer necessary at that point.
Probably should submit a comment to Comodo in the https://forums.comodo.com/feedbackcommentsannouncementsnews/how_would_you_rate_comodo_personal_firewall_and_what_to_improve-t24.0.html thread. One of the other firewalls (Kerio?) I used in the past did this with a popup of the rule being created and allowed you to edit the fields to suit your degree of certaintly about it. I usually do it by editing the rules afterward. Don’t have any idea where Comodo is going with this type of feature, but Melih does read and try to respond to the suggestions in that thread. I found it unnecessarily time consuming to do it on the fly, but certainly is a reasonable option. See what Comodo has to say.
But such rule sets cause problems with other users because of changes in IPs and ports that occur regularly for accesses by the same computer to the same site. It might help to put a “block and log all” at the end of each set of application rules so you can see what is happening if something stops working. I do that, and also go through and edit the Comodo generated rules anyway.