I’m a novice when it comes to using Firewalls. I have a question about how inbound and outbound connection rules work. Let’s say that when I’m setting up Comodo Firewall I select block all incoming traffic. Does that mean it blocks all traffic from the internet from making a connection to my computer? I also see that my firewall will sometimes block connections from Nvidia/Steam/Any other trusted application to a legitimate server. In that situation would you want to unblock it and allow all incoming and outgoing connections or just allow it to make outgoing connections? Doesn’t that defeat the whole role of initially selecting the option “block all incoming connections” when setting up the firewall or am I thinking of something different entirely?
Yes the firewall with block incoming connection attempts that originate from another system. It doesn’t matter what application rules you have set regarding incoming connections as global rules are check first before application rules to determine what action to take. So if you have the global rules set to block all incoming connections then no application will be able to receive those connection attempts. I also see blocked outgoing connections of trusted applications but I haven’t figured out what causes it. I think the firewall blocks any outgoing connection before the CIS UI is loaded as a way to prevent leaks during system startup. Because the time listed in the log indicates the time I started the system, but it doesn’t always happen either on startup so I don’t know for sure.