unable to open ports

hello all,

i am a happy user of Comodo Firewall for over two years now. so far i haven’t had any problems, but recently i needed to open one port for mental ray satellite rendering application. it uses TCP 7513, so i went and set a new global rule to allow all incoming and outgoing traffic, from any to any IP address, from any port to destination port 7513. also, i checked the option to log if the rule was fired.

however, nothing is happening; i can still see the line ‘Application: Windows Operating System, Action: Blocked, From IP :-- To IP:-- From Port:-- To Port: 7513’ in the Event Viewer. (please note that the ‘–’ string is written here only because i am too lazy to write down that information and don’t consider it important :wink: )

also, everything works fine when Firewall is set to Disabled.

does anyone know, how shall i open the port? i will be very grateful for any answers and/or ideas.


Two things.

  1. In addition to the Global rule you’ve created, have you associated a similar rule to the application under Applications rules?

  2. Is there any information in the applications output window related to IP Addresses/Ports?

  1. yes, i think this rule should be sufficient (i have set it to Ask, because i want to be notified about the rule acting) http://img846.imageshack.us/img846/4527/screenshotuf.png

  2. i’m not sure what you mean by this. if you are asking whether the application itself (mentalray) produces any reasonable output we can work with, then it’s always a ‘connection timed out.’

It might be better to place the firewall in Custom Policy mode and crank up the Alerts, both of which can be found under Firewall behaviour Settings. Doing so will enable you to identify what the applications demands are. Be warned, however, it may generate quite a few alerts.

2. i'm not sure what you mean by this. if you are asking whether the application itself (mentalray) produces any reasonable output we can work with, then it's always a 'connection timed out.'

Apologies, I seem to remember something like a console utility that displays information about the connections between the master and the slaves.

One other question, did you manually specify the port in the rayhosts file?

Edit: Apologies, I had my quote tags messed up so you may not have seen everything I said.

i tried to leave it first at default (i.e. i didn’t specify the port), and now it is set to 7513.

Check my previous post as I messed up the quote tags.

you’re right, i didn’t notice :slight_smile:

well, it didn’t help. i tried it before already. now i deleted all the rules i’ve set for the application/port, in the hope i will be asked or at least notified in some way about any action. sadly, the log shows that the request was automatically blocked - http://img29.imageshack.us/img29/4122/screenms.png

funny thing is, that i can do it vice versa (with the same Comodo). the laptop (Vista 32bit) can serve as a satellite, but the desktop (W7 64bit) cannot. i tried checking the settings in Vista’s comodo, and found out that it has a defined home network zone, where obviously no such blocking occurs. however, i would not want to create a network zone on the desktop, as it has a public static IP address and i would like to be able to use the desktop as a slave when working from home. that’s why i wanted to open the port.

Looking at the source and destination IP addresses in the log-file seems to suggest you’re behind a router? If this is the case, creating a trusted Network Zone and then applying that zone to your rules shouldn’t be a security risk. Doing so would simply allow all PC’s behind your router, with an address in the range 192.168.137.* (which is a private address range not public) to communicate freely.

With regard to the blocked entries, you’ll notice they’re being blocked by Windows Operating System (WOS), which is actually a pseudo process that kicks in when there is no real process to deal with the requests. This seems to indicate the real application is not being seen.

Did you check for any errors in the mental ray console utility?