Hi I just installed CPF today and am trying to configure some rules, but I can’t seem to find a way to specify what local ports are allowed per application. Am I blind or does this option not exist? And if it doesn’t exist, why?
I noticed this too. You only seem to be able to specify the remote address and port. That said, you are able to change the direction (to in) but this will only apply to all local ports.
The remote address(s), remote port(s), and the protocol(s) that an application is permitted to use are specified in the “Application Monitor” page. When you give permission for a connection in a pop-up box, it typically sets the Application Monitor page permissions to [Any] remote address, [Any] remote port, and [TCP/UDP Out], but you can edit these and make them tighter if you know what addresses, ports, and protocol will suffice. For example, for my “Atom Time” utility, in accordance with the principle of least-privilege, I specified a single remote address and single port needed to get the current time. You can use more than one line for the same application to give it multiple permission and/or block rules. For example, for my streaming stock quotes application I have two lines, a TCP/UDP IN line and a TCP/UDP OUT line, (both added by Comodo). You can specify the allowed “parent” (launching) application here as well (prevents legitimate applications from accessing the internet under the control of malware)
Thanks Graham for letting me know that I am not blind (yet)
And thanks Herschel, but you didn’t answer any of my questions. I figured out how to specify the remote address(es) and port(s), however, that doesn’t do any good in my situation.
The reason why I’m asking is because I have an application that listens on more than 1 port. I need for the firewall to be able to limit the incoming connections to only certain ports.
If it is not possible to do this with Comodo, then I would like to request that this be added to a future revision as I think CPF has a lot of potential.
Added
Also, when an unrecognized connection is initiated, would it be possible to modify the rule when it is first created, instead of adding a generic “allow all” and then having to go back and modify it after the fact?
Perhaps I am mistaken, but it was my understanding that “remote” = destination in Comodo jargon, so when you change the direction to in, then the local ports are the “remote” ports.
Yes. We will be changing “Remote” word to “Destination” in the upcoming release to clear confusions.