Security issue and long initialization

I’ve set a rule for Radmin server: Allow TCP IN from ANY to ANY Source Port ANY Destination Port X (specific port set in Radmin).

It is the only rule for Radmin. Firewall security policy is set to Custom.

Why doesn’t Comodo ask for outgoing permissions for this application? I am able to connect to my PC via Radmin even if I add a rule to block ALL below the first one. When I look at currently active connections, I can see that Radmin has several KB in and some MB out for one shown IN connection. How can it have outgoing traffic?

I’ve noticed that there aren’t any TCP/UDP out rules in global setting. This is different than v2.4. Is Comodo Firewall v3 allowing all outgoing data unless specifically set to block??

The second problem is that it takes a couple of minutes for the firewall to “initialize”, as can be seen in the main windows. Why is it taking so long, what is the firewall doing during that time and is it securing the computer while initializing?

EDIT: PS. What do Type( 8 ) and Code(0) stand for in source/destination port in log?

  1. If the first connection attempt is an inbound connection and it is allowed then the return traffic in the opposite direction would automatically be allowed.

Easier Example:
If you allow an outbound connection for a destination port then you don’t have to specify the return(inbound) traffic for it to be allowed automatically as long as it comes from the same port and IP that it connected to originally.

  1. Found this on google --ICMP echo type 8 is “ping” or more technically speaking it is the first part of a “ping” ie the icmp echo request and the pc being pinged sends an icmp echo reply. This could be related to RAdmin using a keepalive packet to see if the connection is still active or not.


  1. I see, something like router NAT.

One other thing…in v2.4 there was a default network rule to allow TCP/UDP out. There isn’t one in v3 global rules. Does that mean that in v3, everything going out is allowed by default, as long as the application initiating the traffic is allowed OUT?

  1. There is no more parent check for an application in v3?