Ubooquity is a java home server for comics and similar. The problem is Comodo firewall blocks it and I can’t find out why.
In short this is only about my local network, I am not looking at access from a public network. The Ubooquity server works properly when the Comodo Firewall is temporarily turned off. Connecting is done with several tablets and laptop (all in a wireless home network) to a wired server.
HIPS is disabled. The application rules for Ubooquity.jar and javaw.exe (C:\Program Files\Java\jre7\bin\javaw.exe) are set to allow all incoming and outgoing request. The port the server uses at the moment is 55555 and have also tried other ports. There have been no notification popups with alerts about Ubooquity or java related.
When I turn off the CIS firewall and take a look at the traffic with Comodo Killswitch I see that Javaw.exe listens on 0.0.0.0 port 55555, also see it listed with netstat -a.
Not certain what I should try I guess somehow java is being blocked on my home network, any advice?
Most likely you have a global rule that blocks incoming connections, if you do then you need to create a global rule to allow incoming connections on port 55555, you could limit the source ip-address range to your local network.
Simply creating an allow incoming rule for the application isn’t enough if you do have a global block incoming rule because the global rules have a higher priority when it comes to incoming traffic.
Thank you for your reply, I added this Global Rule:
Allow And Log TCP or UDP
Source port Any
Destination port 55555
Source IP range x.x.x.1 - x.x.x.150
Destination IP x.x.x.18 (server)
In the Global Rules section there are some other rules in this order:
Allow all outgoing requests if the target is in Home #1
Allow all incoming requests if the target is in Home #1
Five block rules added by Stealth ports - Alert incoming*
Allow and log TCP or UDP rule above
*Removed and tried connecting, but did not make a difference so added them back using the wizard.
When I look in the log I now see (believe this was not there before, but perhaps I was looking at the wrong tab) the application “Windows Operating System” is blocked (target In, protocol TCP) for destination IP x.x.x.18 and destination port 55555. The source IP is within the source IP range.
How do I unblock this, perhaps my global rule is not correct?
Make sure the allow rule you created is at the top of global rules. For testing, make sure “Block fragmented IP traffic” and “Do Protocol Analysis” are disabled in the firewall settings. If that doesn’t work then you can try making an application rule for “Windows Operating System” (you have to type it in manually) and creating an allow rule for that application too.
If none of that works… then… Well I don’t know… :-\
They were already disabled, but tried enabling and disabling these settings after a while but that did not help.
If that doesn't work then you can try making an application rule for "Windows Operating System" (you have to type it in manually) and creating an allow rule for that application too.
But this solved it! Made an application rule like you suggested and named it “Windows Operating System” with allow TCP/UDP in from Home to Home network with any source ports and destination port 55555.
Glad something worked in the end! However if I remember correctly the windows operating system psuedo-group is when CIS can see the traffic but not from which process it is generated, this also means that if any other application would be able to listen to port 55555 and remain under the windows operating system it too would be allowed to make connections as detailed by the created rule, this may or may not be an issue for you though.