rule ignored?

Help for v2
#1

Hi,

Unless I’m mistaken, I think some rules aren’t being followed. Example:

Rule 7 (for me):

ALLOW ICMP OUT from IP 192.168.1.3 to IP 198.168.1.1 where ICMP message is PORT UNREACHABLE

However, the Log reports

Description: Outbound Policy Voilation (Access Denied, ICMP = Port Unreachable)
Protocol: ICMP Outgoing
Source:192.168.1.3
Destination:198.168.1.1
Message PORT UNREACHABLE
Reason: Network Control Rule ID = 8

Rule 8 is the standard IP IN/OUT - any/any - IPPROT = any. It seems that rule 7, see above, is being ignored, as it tells Comodo to let pass ICMP for a certain message for certain IPs.

What am I missing ?

Thanks for help.

#2

Have you tried to reboot?
Your rule looks ok.
Are you using the latest stable or beta firewall?

#3

Hi,

Thanks for responding.

Yes, I have rebooted this morning just to check, and there are no changes, the rule is still being ignored.

I have version 2.3.6.81, no updates available, and Comodo Database 1.2

XP2 SP2, plenty of everything. I have cable that goes into a router, but I don’t know if this has anything to do with it.

What’s the next course of action?

Thanks,

C.

#4

Try changing the block rule(#8) from IN/OUT to IN only. Just curious that maybe IP is taking control here. That would be interesting if it was.

jasper

#5

LOL!
I got the same thing!? :o
I have CFP 2.4.7.114 and A.D. Vers. 1.6

As rule ID 2 I have IGMP allowed.
In the log I have a entry that have blocked IGMP…?
The even stranger thing is, that the rule that has stopped IGMP is rule ID 5…
The problem is, that ID 5 is an allow rule for my Torrent app… UDP/TCP IN + Torrent port…
My block rule is ID 16…
Strange…???

#6

as expected (I think) the log is empty.

Which means the IP is taking over?

C.

#7

Don’t know what the reasons are but something is not getting saved correctly when a rule is added/changed it seems like to me. Either that or it is the way the protocol order (IP,TCP/UDP) gets read. Somehow it is getting dazed and confused. ???

jasper

#8

Should you/me/we report it as a bug? or have you already? if not, how should I do it?

Thanks,

C.

#9

Here is the URL for support tickets:

http://support.comodo.com

jasper