Hello guys, first post.
I was using Agnitum Outpost (2 years license and all) now i’m moving to finally a good product. (:CLP) :BNC
I work with network security so comodo firewall to me is a dream come true, finally i can create my own rules the way i want and how i want. Now moving to problems.
I’ve noticed that when comodo is on the network around here is very slow, is not name resolution because if i ping a domain the resolution of the ip works fast, if is not DNS is comunications and something is messing with the packages.
At home i use a router that connects to internet, after that there is a linux firewall (iptables) that goes to a 3COM switch and last is my computer, if i shutdown comodo my internet work fine. Messing with the comodo configuration i’ve discovered a few things that make the internet work normal again.
If I disable “Do protocol analysis” the internet works fine, turn on again to have problems, but there is no logic in this because soon as i used comodo for the first time everyting was OK, so to make sure i formated the computer to have a fresh install and make a few more tests, everything was fine for a few minutes and than problems again, internet was very slow and some times i got connection time out error, and again disabling “Do protocol analysis” fixes the problem. (?)
Sniffing my network console i’ve discovered that was not a incoming from port 80, looking at “Network Control Rules” there is now TCP INPUT rules either, so i add a new control to allow from any INPUT from ANY at port 80 to make a test and BANG, internet was fast again, and when i say fast was fast like a flash with “Do protocol analysis” enabled.
The standard created controls have no INPUT rule, only output, doing this i could fix the problem and i think this will solve many problems that other users might have in the future.
To make the solution complete i’ve added INPUT ALLOW to por 80 and 443