Strange Issue

I started using Comodo 3 from december last year starting with the version 3.0.13.x and up to now this firewall i used Outpost Firewall Pro 4 & 2008(the 2008 is extremely bad although first in matousec test).Other firewalls used were Sunbelt ,Jetico1/2, and the list keeps going.All i want to say is that im not a total beginner and i m able to set up manual rules.
Coming to the topic now, the problem is the folowing.Because i just love SWAT4 i often make internet server for it and i always let opened the trafic on UDP in and out and TCP out for SWAT 4 aplication .The TCP in is not necesary ,the players joining without any problems almost one year ,when using Outpost.
The issue is that although i let the general rule manage the inbound TCP trafic, this meaning blocking inbound TCP trafic with a manual rule, the inbound TCP traffic for SWAT 4 keeps coming and the firewall doesnt silently block it even with custom policy mode,so my screen fills with inbound conections anouncements on port 80.The issue stopped only when i made for SWAT 4 a rule that alows IP for all protocols all in/out.
So i couldnt make for SWAT 4 custom rules,one to include only Alow UDP in/out and a second with TCP only out because the aplication rule and/or global rule for blocking TCP in did not worked for 80 port.
Why the Inbound TCP traffic is not blocked by the general/global rule, manually made by me in 2 modalities just to be sure, the formulas being:
1.>>Block_ IP_ In/Out Source Adress ANY Destination Adress ANY_Ip protocol TCP and second 2.>>Block_TCP_In_SourceAdressANY_DestinationAdressANY_DestinationPortANY_SourcePortANY
This rules were tested one by one of course and the same inbound TCP port 80 appeared.I remind you that Inbound TCP for this game is not a must so i would have preffered to cut this traffic off.
Aplying the TCP inbond rule at the aplication level did not solved the issue.The Comodo Pro 3 Firewall ignored both the global and the SWAT4 aplication rule ,the inbound TCP on port 80 warning meseges continuing .Making rules at aplication and global level in same time didnt worked also,the port 80 for TCP inbound was somehow godlike.
I know that for inbound, Global rule is aplied first and then the aplication rule and for outbound the aplication rule and then the global one.
I have to mention that before preparing the server i used the Stealth Port Wizard for making me “invisible”(i used it for a period of time like this)and then i used again the wizard to “Alert me for incoming conections” so my server to be visible. I always when asked, for this inbound on TCP port 80, aplied for the conections to be blocked and remembered by the Firewall but the firewall instead of blocking with a generated rule just TCP inbound ,it generated a aplication rule for swat4 inbound TCP/UDP,this of course blocking the needed UDP.
So what is the problem that i cant in any way even when specified for all ports(ANY) block the Inbound TCP traffic including port 80 for this SWAT4.
To get rid of the problem i had to let all incoming UDP and TCP IN and OUT.
Why i cant set this like in Outpost Pro because obviously Comodo is prepared having in mind the modularity of the rules?
Is this a bug or the wizard made somehow port 80 unblockable.
The rest of the setings in Comodo Firewall Pro 3 are at default.
Policies used for firewall were " Train with safe mode" and “Custom Policy mode” with same results.
The firewall was updated to latest version from the 3.0.14.x tru the update utility so it wasnt a fresh install of 3.0.15.X.
The Operating system is XP SP2 with latest updates.Antivirus software BitDefender 2008.
Hardware: Athlon XP 2000+,nforce 2, 512m ram,Geforce 6600,realtek 10/100.Drivers used:Forceware 93.71, nforce5.10.
Is it a bug or …?

If you make the explicit rules block but not log, the notifications of attempts should go away. Where exactly did you put your rules? 1. blocks all connection traffic in and out, but may not have much effect on responses unless you put it in the application because of SPI. Does the inbound from port 80 show as blocked or allowed in the log? Can you post a copy of your log?

If the Custom Policy Mode was active and the TCP inbound was blocked in the swat 4 aplication section and in the global section why do i need to turn off loging when loging is one of my prefered firewall feature.This is strange, what has to do with accept/ block requests from the firewall ,that it was not able to silently use my rules as the Custom Policy Mode is suposed to work having in mind that my rules were custom.
The fact is that my rules were ignored.Make a server game do what i did(i explained already in the first post)choose for example SWAT4, install the admin mod from mod uses port 80 for comunication ,thing i dont need because in fact shows in my webadmin page sponsors this makeing my server vulnerable to atacks) and after you finished launch the internet server with the TCP inbound blocked.You will observe what i already said.

Please explain slowly what you are actually seeing. Are you getting popups? What are you getting in the log? Are you making inbound allow or block rules in both Global and Application rules? What screen fills with inbound connection announcements from port 80? Sorry, I do not play your game and do not understand what you are trying to tell us about it. What are your application and global UDP and TCP rules? How do you tell that the inbound TCP traffic keeps coming-is it logged by your application rules? Does the log traffic come to SWAT or to Windows Operating System? Can you post your rules and log so we can see what is really happening? There is no problem blocking port 80, but we need a simple explanation of what you are doing and seeing.

Dont know if this is a issue or not but port 80 is in “my port sets” as a http port number.Dont know if this may have a bearing on what rules can be set for it?

Nice 1 Matty

Unbeliveble ,i uninstalled the firewall and installed a fresh CFP along with a Comodo Memory Firewall 2.0 and the issue disappeared,now the rules are working how i wanted them.
Thanks anyway!

The messeges i was seing were for the game, for the swat 4 exe ,there were the panels with block, alow , but it seems they were caused by strange errors with the firewall, the problem is gone after reinstalling.At virus checks the computer is clean anyway.

Glad it is working for you now. :slight_smile: I agree it was a strange issue.