Warcraft 3

Help for v2
1

Nice Firewall,
i have only a little problem with warcraft 3. Yes i know, there are many posts about this topic, but my is special. First solution, and second the problem :slight_smile:

  1. Solution:
    If you want to host a warcraft 3 game (the frozen throne) you have to do the following:
    a. configure your router (portforwarding), see many examples in the web (test by changing comodo to allow all… but only for a very short periode of time!!!)
    b. comodo > network monitor > place a rule in front of the first blocking rule (red ball).
    c. in this rule you should define:
    allow, tcp in
    source ip: any (the ones, who tries to connect to you)
    destination ip: any (your ip)
    source port: any
    destination port: 6112
    d. close the comodo window and reopen it (seems to be a bug with network monitor rules in comodo)

Now it should work. It works for me :slight_smile:

  1. Question / Problem:
    So now a question and please try to answer:
    I dont want to open port 6112 for all applications. I want to open it only for warcraft 3 (war3.exe).
    So I defined in “application monitor” exactly the same rule as mentioned above. But comodo blocks it.
    So I looked in “network activity logs” and saw, that the last network rule blocked it (as mentioned above, if I set “my” network rule in front of this last rule, it works).
    So I looked at the “network activity connection” under working conditions. But here i saw what I have expected:
    war3.exe
    source IP: …
    destiantion ip: my local ip with port: 6112

I dont understand, why i cant define a working application rule so!!??? Someone any idea? It would be great!

Greetings,
Jesko.

2

Jesko: welcome to the forum. Never having played W3, I’ll risk my answer on this one:

Network rules have the final decision on whether ports are opened or not, even if you opened them in Application Monitor. Essentially, you also have to add a Network Monitor rule as you did with App Mon rule. You’re probably thinking: “but wouldn’t that mean any application will use this port if I open it?!”. CFP’s rules system is great in that if W3 is using that incoming port, no other applications on your computer can hog over it even if they’re known to utilize it. It’s like a first come - first serve basis. And if no application uses the port (e.g. when you exit W3), then unless they are defined and allowed in your Application Monitor rule list, the port is closed and stealthed from the internet. Network rules act similarly to a router.

Here’s LM’s thread: https://forums.comodo.com/faq_for_comodo_firewall/understanding_how_comodo_firewall_rules_work-t5372.0.html

However, it has been requested before in the wishlist that CFP implement a new rules system to allow it to tailor by application-basis. Someone who has trialed version 3 alpha might be able to confirm this.

3

thank you soya for your very fast reply,
I like this firewall, because it is very similar to my old sygate and it is more stable :slight_smile:
I read the LM’s thread. And I think this brings a security problem:

Example: If I open one port for any application that is listed in my application monitor, it doesnt seems to be secure at all. This is because of kind of connection of applications in application monitor. There, all applications have access for all destinations and ports.
If you now open a port in network monitor, all these applications can use this special port.
In sygate pf you could define a rule for special ports and and limit it to ONE application. This seems to be more secure in my opinion.
Greetings,
Jesko.

4

Remember, just because you allowed certain Application rules access to the internet doesn’t mean they use that specific ports. Applications tend to stick with certain port numbers. So if Warcraft 3 is currently using it, no other application, in your rules or not, can’t use it. But I know that other feeling of insecurity. Hence, my other statement that it’s on the wishlist. I think CFP 3 alpha currently has it, but I haven’t tried it yet.