Is v3 perform stateful packet inspection by default or do I have to add a global rule of block all IP incoming?
CFP V3 does stateful packet inspection right out of the box. You don’t need to do anything.
I do need a final block IP in/out everything on my global rules though right?
Sry, its been some time sense I ive messing with my COMODO firewall.
Run stealth port wizard and select the option to stealth all your ports, and you will get a block all in as a final global rule and some exceptions to make certain other functions work. Don’t do a block all out global rule or you will need to repeat your application allow rules in the global rules as exceptions so applications can get out; just end the application rules for each application with a block all in/out and log.
[attachment deleted by admin]
The short answer is no
The long answer is
You can use the global rules to filter traffic if you need to really know your networking and ports but
CFPv3 also filters at the application level so
That really depends on how you want to filter your traffic.
If you have this rule(block IP in/out everything) with CFPv3 and you have not specifically allowed traffic in/out on a specific port this traffic will not be processed(period). It can get get very complicated allowing all traffic you might want and what you don’t, but if you want to try this it is possible I was doing it for a while but due to consistently upgrading during the Betas when you had to start from scratch with rules each time I have gotten slack and now use the application layer as it is easier for me to set up and is far more flexible
You might have to put up with pop-up for a little while but they quite after a little while and CFP has been trained it works fine.
Hope this helps