When rule for ICMP 3,1 tried, rule for incorrect type saved [M229]1[v6]

A. THE BUG/ISSUE (Varies from issue to issue)
[ol]- Summary - Give a clear summary in the topic title, NOT here.

  • Can U reproduce the problem & if so how reliably?: yes, 100%
  • If U can, exact steps to reproduce. If not, exactly what U did & what happened:

For global rules:

  1. Add global rule for ICMP proto.
  2. Select ICMP type “host unreachable” from drop-down list or use custom and enter type: 3, code: 1 (both ways fail).
  3. Until you close advanced config it is added ok.
  4. Click OK to close advanced config (whole window, not just this rule dialog) then reopen.
  5. ICMP type got changed to “network unreachable” which is 3,0. If we export config there we will also see 3,0.

For application rules:

  1. Create rule set for any application.
  2. Create ICMP proto rule selecting “host unreachable” from drop-down.
  3. When we close rule dialog with OK it is immediately changed in rule set to “network unreachable” (no need to save whole config).
  4. However here we can add (and it is even saved) ICMP host unreachable, but as custom ICMP type: 3, code: 1. This way is somehow not bugged.
  • If not obvious, what U expected to happen:
  • If a software compatibility problem have U tried the conflict FAQ?:
  • Any software except CIS/OS involved? If so - name, & exact version:
  • Any other information, eg your guess at the cause, how U tried to fix it etc:
  • Always attach - Diagnostics file, Killswitch processes list, dump (if freeze/crash). If complex - CIS logs & config, screenshots, video, zipped program (not m’ware)
    [/ol]

B. YOUR SETUP (Likely the same for each issue, so you can copy forward)
[ol]- CIS version & configuration: 6.0.260739.2674, own config - BTW. there is no about window in 6.0 (?), had to open cfpver.dat

  • Modules enabled & level. D+/HIPS, Autosandbox/BBlocker, Firewall, & AV: all
  • Have U made any other changes to the default config? (egs here.): sure
  • Have U updated (without uninstall) from a previous version of CIS: no
    [li]if so, have U tried a a clean reinstall - if not please do?: yes
    [/li]- Have U imported a config from a previous version of CIS: no
    [li]if so, have U tried a standard config - if not please do: no
    [/li]- OS version, SP, 32/64 bit, UAC setting, account type, & VM used: XP Pro, SP3, 32b, admin
  • Other security/sandbox software a) currently installed b) installed since OS: none
    [/ol]

Files attached inc diagnostics, config, processes - PM for pwd.

[attachment deleted by admin]

Thank you very much for your bug report in standard format. We very much appreciate the effort you have made to document this bug.

We are sorry to trouble you further but there are some items of information missing or unclear in your post:

A.8 Always attach - Diagnostics file, Killswitch processes list

The reasons we need these items of information, though they may not seem directly relevant to the issue are explained here.

We would be very grateful if you would add these items of information so we can forward this post to the format verified board, where it is more likely to get fixed. You can find assistance using red links in the Format and here. If you need further help please ask a mod. If you do not add the information after a week we will forward this post to the non-format board. If this happens we will tell you how to rectify this if you wish to.

In the current process we will normally leave it up to you whether you want to make a report which includes all necessary information or not. We may remind you if we think a bug of particular importance.

Many thanks again

Mouse

I can partly confirm this, although my findings differ when using the ‘Custom’ option.

Basically, if I create a Global rule for ICMP Host unreachable using the drop down list, it reverts to Net unreachable. If I use the ‘Custom’ option and select Type 3 Code 1 (Host unreachable) it’s retained.

</Rule>
<Rule UID="{C02CB99A-B1E9-46A3-A259-43A2242B1A3C}" Days="127" StartHour="0" StartMinute="0" StopHour="0" StopMinute="0" ID="0" Protocol="8" Action="1" Direction="2" Description="" IcmpType="3" IcmpCode="1">
<SourceIP Type="4" Name="">
<Address Type="4">
<MAC AddrType="8" MAC="000000000000"/>
</Address>
</SourceIP>
<DestinationIP Type="4" Name="">
<Address Type="4">
<MAC AddrType="8" MAC="000000000000"/>
</Address>
</DestinationIP>
</Rule>
<Rule UID="{9A7BCC9B-5CDB-40D5-BE22-BC62FDDEBCA4}" Days="127" StartHour="0" StartMinute="0" StopHour="0" StopMinute="0" ID="0" Protocol="8" Action="1" Direction="2" Description="" cmpType="3" IcmpCode="0">
<SourceIP Type="4" Name="">
<Address Type="4">
<MAC AddrType="8" MAC="000000000000"/>
</Address>
</SourceIP>
<DestinationIP Type="4" Name="">
<Address Type="4">
<MAC AddrType="8" MAC="000000000000"/>
</Address>
</DestinationIP>
</Rule>

[attachment deleted by admin]

Indeed, when I try this today it stays on “host” while using custom data. However when I did this at the time of reporting it was reverted. Weird. Anyway bug is still there.

PM sent

there is no about window in 6.0 (?), had to open cfpver.dat
Will fix today - wish all bugs were as easy!

It’s now in ‘?’ ~ about

Thank you very much for your report in standard format, with all information supplied. The care you have taken is much appreciated by Comodo, and will increase the likelihood that this bug can be fixed.

Developers may or may or may not communicate with you in the forum or by PM/IM, depending on time availability and need. Because you have supplied complete information they may be able to replicate and fix the bug without doing so.

Many thanks again

Mouse

Yes, I’ve finally found it. :wink: Pretty mixed up.

2708 - not fixed

Updated tracker

I am a power user and have the firewall set up to allow fine grained control over individual rules with maximum popups. I have found a lot of bugs in the software as a result which many users are likely to never notice if they use the default settings or interact minimally with the software and let it choose whether to allow things or not for them.

A. THE BUG/ISSUE (Varies from issue to issue)
[ol]- Summary - Give a clear summary in the topic subject, NOT here.
When I edit the Global Rules in the Comodo Firewall, if I add an ICMP rule and specify a specific ICMP type of “NET UNREACHABLE”, a rule is added which allows ICMP “Any” instead of the specific type I specified. For example, if I create a new rule and choose “ICMP Host Unreachable”, it actually creates a rule that says “ICMP Net Unreachable” instead. So there are two bugs here, choosing “Net Unreachable” results in a rule being created that allows/blocks “any” instead of what was requested, and choosing “Host Unreachable” results in a rule that actually uses “Net Unreachable”. I do not know if this is just a labelling problem and the actual rules that get created behind the scenes are for the correct types or not as I haven’t tested it with a network analyzer.

  • Can U reproduce the problem & if so how reliably?:
    100%. I’ve had a friend who also uses Comodo Firewall verify this on another Windows 7 system as well.
  • If U can, exact steps to reproduce. If not, exactly what U did & what happened:
    Go into Global Rules, choose “Add Rule” and specify Action == , Protocol == “ICMP”, Direction == , the source and destination address fields can be anything, then go to ICMP Details and choose Message “ICMP Net Unreachable” and hit “OK”. The rule will be created with type “Any” instead of what was requested. Delete this rule now and repeat the above process only choosing “ICMP Host Unreachable” this time. This time a rule is created that has “ICMP net Unreachable” instead of Host Unreachable.
  • If not obvious, what U expected to happen:
    Obvious, see above…
  • If a software compatibility problem have U tried the conflict FAQ?:
    Not applicable.
  • Any software except CIS/OS involved? If so - name, & exact version:
    No.
  • Any other information, eg your guess at the cause, how U tried to fix it etc:
    The cause is most likely a bug in the Comodo GUI code which configures the firewall rules. It may
    have an off by one programming error or similar it seems.
  • Always attach - Diagnostics file, Watch Activity process list, (dump if freeze/crash). If complex - CIS logs & config, screenshots, video, zipped program (not m’ware)
    [/ol]

B. YOUR SETUP (Likely the same for each issue, so you can copy forward)
[ol]- Exact CIS version & configuration: Comodo Internet Security Premium - Product Version
6.0.264710.2708

  • Modules enabled & level. D+/HIPS, Autosandbox/BBlocker, Firewall, & AV:
    Antivirus and Firewall are enabled. Firewall is configured to “Custom Ruleset” and “Set alert frequency level” is set to “Very high”, D+ is enabled with HIPS configured to “Safe mode”. Not using autosandbox, bblocker.
  • Have U made any other changes to the default config? (egs here.):
    yes. There is no easy way that I can determine on how to specify each individual setting I may have enabled compared to the default configuration, and I’m not able to recall the defaults so I’m not sure how I can provide that level of detail without major effort. Perhaps there should be an integrated bug report mechanism right in the software which can gather together the configuration data files and offer to the user the option of automatically submitting the data to Comodo when encountering problems.
  • Have U updated (without uninstall) from a CIS 5?:
    No, this is a clean installation of CIS 6 on a clean install of Windows 7 Pro 64bit.
    [li]if so, have U tried a a clean reinstall - if not please do?:
    N/A
    [/li]- Have U imported a config from a previous version of CIS:
    No.
    [li]if so, have U tried a standard config - if not please do:
    N/A
    [/li]- OS version, SP, 32/64 bit, UAC setting, account type, V.Machine used:
    Windows 7 Professional x64 edition. UAC is OS default, account type is default user account with OS default privileges (Administrator). The computer system is custom built with the following details: AMD FX-8350 CPU, ASUS Sabertooth 990FX R2.0 motherboard, 32GB [at] 1866MHz of Corsair Venegeance RAM, XFX Radeon 7850 2GB.
  • Other security/s’box software a) currently installed b) installed since OS: a= b=
    CIS is the only security software that has been installed on this system since the OS was first installed.
    [/ol]

Welcome to the forum.

Your report is similar to - When rule for ICMP 3,1 tried, rule for incorrect type saved [M229]1[v6]

Thanks for a very clear bug report.

This issue appears to me to be the same as one already on file. Accordingly, I will merge them, if that’s OK. You can locate the merged report by following the link in the email notification.

If you don’t agree please PM any active mod with your reasons and, if appropriate, they will unmerge the issue.

Many thanks

Mouse

2801 - fixed

Thanks very much, tracker updated