Tool blocked by Firewall

Hey, i do have a tool (that acts as server/lobby for games) that does report about connection problems.

In fact it needs one udp port open and i did forward that port on the router (and that’s working as i’ll explain later). In Application Rules the tool is set as trusted. I further did a test with Simple Port Tester (which i also created an app-rule for) and it failed too (on several ports and TCP/UDP). Yet these two tools are currently the only ones that can’t connect as set up.

Well (using Win7x64sp1) besides Comodo Firewall and Behavior Blocker i use Avast and as this is a fresh installation it also offered me a testversion including it’s own firewall (i activated after above tests failed - also with avast fully deactivated, and i don’t have both running the same time, 1 is always deactivated). In a short test with avast’s fw configured moreless the same way both tools could connect easily so i am sure the port port forward works and it has something to do with Comodo Firewall.

So anyone got an idea why/what i can do/…?

Check your global rules if you have any rules that would block such traffic, like “Block IP In From MAC Any to MAC Any Where Protocol Is Any” or similar. If you have any such rule then you either have to remove the rule or create a global allow rule for the ports you want and place it above the block rule.

Okay, i thought i would see a note in the logs but i missed to set protocol for such a rule you wrote down.

What has changed: Added a global rule "Allow and protocol incomming from “Zone Forward1” to “Zone Local IP” where “sourceport is any” and “destination port group: Forward1UDP” while Forward1 contains the Source-IPs (of both tools), Local IP contains LAN-IP-Subnet and Forward1UDP the Port(s) i want to allow (/tested).

Using Simple Port Tester all ports i tested were OK. Log also writes about the allowed UDP from SPT-Source to me.
Now the main tool i’d like to use doesn’t complain any more, yet taking a look into log files i see blocked UDP from the main-Source to me.

So … Log isn’t correct or …?

Honestly I’m getting confused, I find it hard when I’m not in front of the computer in question. 88)

The issue may be that you’re using your LAN IP addresses for destination addresses, unless I’m mistaken an external computer will send the request to your public IP address and the router will then forward it to the Local IP address specified in the port forwarding, basically it might be that it doesn’t actually send it to your local IP address… However I’m not sure, something you could do to mitigate that is to use your MAC address instead, this would solve that issue, if it is an issue that is…

Another thing you could do is compare the logs with the rule, for example is the source IP inside the “Zone Forward1” range, is the destination IP inside the “Zone Local IP” range, is the destination port inside of the “Forward1UDP” range?

Maybe the attached pic helps. I have renamed Source-IP and Destination Port as this board is visible for everyone.

Well, but then the rule shouldn’t have worked with Simple Port Tester (in Pic lowest log #1)? Anyhow beside (allowed application for both tools and)

  • Allow incomming UDP “Zone Forward1” to “Zone Local IP” where “sourceport is any” and “destination port: Forward1UDP” (#2)
    i also did test:
  • Allow incomming UDP “Zone Forward1” to “any” where “any” and “any” (#3)
  • Allow incomming UDP “any” to “Zone Local IP” where “any” and “destination port: Forward1UDP” (#4)

Yes on all 3. Except the Source IP the rule else wouldn’t have worked with Simple Port Tester.

[attachment deleted by admin]

Oh, it’s saying it’s blocked for Windows Operating System, don’t worry about that, I think that’s normal but I can’t say for sure but pretty sure that it’s normal but not sure… I do however think someone else can say for sure whether normal or not… But as long as it doesn’t say that it was blocked for the application in question and as long as the port forwarding actually works, then it shouldn’t be an issue.

Okay. If someone can confirm that it’s ok with me. Just be sure I also did an Application Rule for “Windows Operating System” like at rule #2 and now i don’t get such a blocked entry in log. Either i did say protocol i don’t get an allowed log too but yeah. On that program everything seems to work. So … who cares? Still if some1 can clarifiy that with WOS - about which i just know Comodo uses as phantom process for “everything else it doesn’t know”