There is a good practice to put in each firewall log row also a pointer to rule which passed the criteria and allowed or dropped this communication. Usualy the ID is a rule number. there was the same feature in comodo personal firewall a long time ago, but with some upgrade it disappeared. Is it just some inactive setting which i can change, or comodo developers means that it is not important and removed this very usefull feature from the code?
May be that was in Comodo Firewall 2.x? (I started using Comodo with v3 alpha but never used 2.x)
Agree with the OP 100%, would be very useful. Should go in the Wish list section though i think. It would make the logs actually useful.
Moving to Wishlist - CIS .