When will Comodo be usable?

Hello all,

interesting in new products I’ve installed comodo firewall and run it. And … what a disaster. I’ve tested some products of firewalls but no one I’ve learned to hate like this comodo. Why this? Because it’s completly unusable. The problem: Try to create rules using the pop up function of the lerning method. And after you’ve noticed the hell you try to create rules manually … and get your next hell.

Sorry, but a firewall which no one can use/handle is a firewall which is not needed. And it’s a security problem at all!

Oh yes … before you cry out … have a look to KERIO, SYGATE, OUTPOST and so on. These firewalls are usable … and configurable.

Hi firewalker, welcome to the forum :slight_smile:

Sorry to hear your having problems configuring CFP, It’s really a very easy firewall to use. I’m sure if you have a SPECIFIC problem, someone will be glad to help you :slight_smile:

In the meantime you might want to read the following:

Summary of Network rules
How To - Understanding & Creating Network Control Rules properly
Tutorials - A Compiled Resource


Sorry to hear you have problems!

But don’t you think, if no one could use this firewall, if it was unusable for everyone…there would exist many many more threads like yours? :slight_smile:

We are many that can use this firewall without problem!

As Toggie said…we are many users here that will try to help you if you describe your problems in more detail.


Sounds like another trool to me :wink:

Lee (B)

Hmmmm, let me see now…

#1: Try to create rules using the pop up function of the lerning method.

Ok…created rules…works just fine. Can you specify where you went wrong? Maybe someone
here can help you.

#2 And after you’ve noticed the hell you try to create rules manually … and get your next hell.

Ok, after reading some instructions on creating rules, (posted EVERYWHERE thru-out this forum),
I created a few manualy involving some of my file transfere protocols, chat programs, ect.
Still works just fine. Could you be a bit more specific here also? Perhaps someone could show you how…
Next hell? Well, since I never had the first hell, I am sure I do not know what you are refering to by “next hell”. Could you maybe specify here as well?

It is very easy to get on a forum and trash talk. Be prepared to back it up with specifics.
I would like to learn too. If you show specifics, I can learn from the answers just like everyone else. :THNK


I thought that what I’ve posted would be understandable for other people. Looks like it is not … ???

OK … let’s try again. For this example I use svchost.exe. Zones: loopback, homenet, internet.

No I’am starting WIN and get the first pop-up informations from COMODO. What I now need is the possibility to create a rule using the informations of the pop-up.

The pop-up will inform about svchost.exe, homenet, dns. I just allow connection because it’s really necessary in/out.

The second pop-up informs about svchost.exe, internet, upnp. This I deny for in/out.

In both cases COMODO will generate ONE global rule for svchost: Block all, because the last rule is unsed for global setting.

There is no possibility to create a specific rule using the pop-up informations. Why do I get the pop-up when I’am unable to use it for creating rulesets?

Now I create a rule manually for the first pop-up information (see above): homenet, dns, allow in/out.

After this I get the information from pop-up, that svchost.exe will connect ot intertnet, upnp, in/out. And no, what should I do? Like explained above I deny this connection whit a fatal result: COMODO creates a global rule again and overwrites the manually created rule for dns.

This are two examples, where COMODO is really unusable. And COMODOS reaction is a security problem because of this uncontrolled rule creation.

The next step where COMODO still sucks is the point, that rules work from up to down, but it is impossible to set rules fixed. So COMODO will set ‘block all’ before ‘allow dns’ with the result that all is blocked.

Sorry for that … unusable!

Please let me know if I missed. Thank you and by.


As I stated in my first post, if you would like to ask question related to rule creation, someone will be glad to help you. Just post your question in the help forum: Help

If you haven’t read the instructions in the links I posted, I suggest it’s a good place to start, as all of the objections you raised in your post are covered.

As with any application, a little time spent understanding the basics can help significantly in the long term :slight_smile:


Look what we have here? ???

It’s a help button… :o
You can click it and also make someone read it for you :wink:

Like I posted [url=https://forums.comodo.com/index.php/topic,6883.msg55742.html#msg55742]elsewhere[/url]
In order to train new subscribers, they could undergo a training phase of ten forum posts.

Trainers could be high posts volunteers which review new users’ posts before they are published on the board.
If a post is not reviewed after 24h it gets automatically posted.

This way The overall quality of the posts will be much higher, newcomers can get help on both solve their issues and use the forum properly…

Why would you wish to block svchost.exe if you are trying to create rules that will involve dynamic links?
You cannot have it both ways. Either you allow it, or not. Sorry, but that is all I got out of your explanation.

You can, (and by the sounds of things, will), have multiple instances of svchost.exe. We are not talking about the trojaned variety, but microsofts’ own little catch all. Pretty much every group you have can cause svchost.exe to fire up. If you want the group active…allow it. If you want the group silenced…block it. It kinda sounds like a mountain being made out of a molehill.
I do understand your frustration. Mine comes from when people get too frustrated before they research.
The only known totally fool proof firewall, anti-virus&spyware, and information protection module is the OFF button. All others require research. The better the research, the tighter the protection.
I too stronly erge you to read the links posted to you. Just at a glance I thought I saw your answer.
But hey, what do I know? I just read.


Sorry for my posts at all. I don’t know that someone has not the right to write critical posts.

And no, I have not a problem configuring and understanding a firewall.

And no, the helpfile will not show the way.

And yes, there are a lot arguments to block svchost’s actions.

And yes, svchost was an example … there are lot of other applications which will cause the same problems.

And yes … COMODO is a thing I’ll never recommed because of what I read here.

Sorry that I’ve installed COMODO!


I don’t really understand why your posting at all. You clearly don’t understand how the firewall works, and it seems you don’t wish to ask for help.

Anyway, it’s a free world and a free forum. you may say what ever you wish :slight_smile:

firewalker, how many firewalls haf u used alr?
do u haf any experience in hand in comp security field?
i personalli tink comodo is not troublesome like dat and its free and top-notch quality man.

how old r u?
if u r same age as my mom, i understand, u can continue usin windows firewall or turn it off also can.
my mom jus scared of any popup coz she afraid she’ll spoilt da comp.

btw, u should look at dis http://www.matousec.com/projects/windows-personal-firewall-analysis/leak-tests-results.php so u know how well comodo protect u.

You people knows, firewalker has opinions, too.
He can answer them by itself and he is able to click an help button.
He was able to uninstall many firewalls and many people rely on him to solve their issues.
He succesfully created an internet zone using only ONE ip-range :o

Maybe he has vista and an uber haxxor computer and installed cpf.

Maybe he disabled don’t show any alert for application certified by comodo because he wanted to have full control on cpf config.

Maybe he left the alert frequency level on low because he intended to manually configure the application monitor rules for specific apps and allow/deny the others on a parent/application basis without the hassle to create non overlapping rules for specific ports or ip ranges.

He surely found out that cpf wasn’t suited for his expertise level and wanted to warn us that cpf has no future if he has no use of it. :wink:

He considered useless to post his system specs, zones ip ranges, cpf settings or svchost instance specific services that needed network access.

So say bye to firewalker (:WAV)

He will install another firewall and he’ll post his wisdom in another forum.


Another troll…great…
We should gather these “I am mr knowitall and if something goes wrong I blame everybody and anything but myself in my first post because of my own ignorance” kind of posts as an example for others what they shouldn’t follow.
Firewalker if you have really read the tutorials here, and the help file (which I bet you didn’t) than you have “reading comprehension” related problems, which are elementary school basics here where I live.
Btw, the reason why svchost got blocked was because you blocked it:P
On the default settings the firewall alert frequency level is set to low. This is done to avoid novice users
being bombarded by popups. This way the firewall alerts for incoming and outgoing attempts of an application, ignoring the protocols and ports. If you want to make port and protocol specific application rules thru popups, you need to set the alert frequency level to very high (paranoid level).

Your posts are aint critical…they are as hars and rude as mine (sry for that…this time I’ve lost my mine). Your posts are insults for the patient and helpful moderators and the dev. team who made a really easily configurable firewall. If it is so unusable than how come others don’t have such problems, and like the firewall so much? I wouldn’t love a firewall thats imposible to configure…
If your only problem was that your manually configured application monitor rules were overrided be the popups with port:any destination:any generic rules, then I already told the solution. If this is the case, than you may consider to do a little research before blaming a program next time, as it has been discussed several times.

I think it’s a contradiction to be experienced in firewalls, and not being able to set up Comodo.

Couldn’t it be that Comodo Firewall actually has capabilities that the others don’t have, thus alerting you a little more? Sure you can use ZoneAlarm or whatever, but then I don’t think you will be able to create such detailed rules as with Comodo. If you consider yourself as experienced, setting up detailed rules in Comodo shouldn’t be difficult.

Since I found Comodo half a year ago, 49 days of 50 I’ve thought: (R)

firewalker I don’t want to jump on the end of the line to attack or criticize you or your knowledge of or ability to configure firewalls. I do want to comment on your statement “I don’t know that someone has not the right to write critical posts.”, this is absolutely wrong. legitimate criticism is not only welcome at these forums but is an essential part of the feedback loop that a company like Comodo needs for the evolution of it’s products. You only have to look at the Boclean forum to see how legitimate critical appraisal has been instrumental in bringing improvements to that piece of software. Indeed it is actively being sort after by the creator of Boclean, ask Kevin if he wants to be bothered by some little glitch you think you’ve found and his answer will be “■■■■ right I do”, attack him over something that you’ve convinced yourself is wrong and he’ll correct you in a reasonably polite way, but if you keep laboring the same point when you’ve been pointed in the direction for help and refuse to take that offer up then stand clear, that mans dangerous behind 42 tons of subway car :o. Toggie, in a couple of posts, showed you what to do to get help with your problem but instead of doing the reasonable thing of following up on his advice, you decided to take the stance that you were right no matter what, this is where your case about criticism falls down and turns into a rant. Being the lone voice against the mob can mean you have an insight that others haven’t acquired yet but if your right it usually isn’t to long before they start to come around, or it could mean your totally on the wrong track headed for oblivion. The smart thing to do is to check your position from time to time, one way to do this is listen to other peoples opinions, if they’re wrong and your right what have you lost except maybe a little of your time, but if they’re right well …


Ty for your posts…I did try to learn from them.
I am sorry that I could not understand, nor duplicate your troubles.
You sound like a well versed user, so I believe that you will find something
that will work for you.
If you believe that ZASS is the one you want, I say get it. If it is one of the others, get it.
However, I also suspect that NOTHING will work for you. Here is my belief in a nutshell:
Average users do not goto warez sites, average users do not use “ubber” systems for gaming, or to run servers, or to host chat sims.
The average user surfs the net and gets his/her email. The average user will never have cause to worry about how many instances of the host file are fired up.
Being the well versed “ubber” user you seem to be, I am sure you would agree that it is necessary to not only have a well functioning file that will work for a “MAJORITY” of people, but it also must have an easy to understand GUI that the “average” user is able to use.
For users such as yourself who obviously need a more specialized product with a more sophisticated
gui, I would suggest you use the old standby’s of Norton or McAffee. They may have a level of sophistication you are after, of course they are also system pigs.
Since you seem to be after something specific, try googling the answer.
On a more personal note, climb off your high horse. If you have something constructive, or a real failure of the software, why not simply forward the info to the techs? Yes, to justify your position, you may have to give a little info. If it really bothered you that much, you would have just gone straight to tech or customer support.
If your going to post here, then be willing to VIEW the answers given to you before you decide to become insulting.
https://support.comodo.com/ <---------Product support. I hope you find your answers.

Looks like a potential failure of communication here to me. firewalker, sir, you should have posted this under the CFPs Help section, as you were previously advised. Your posts don’t look like feedback to me. Also you should also be aware that we have an International Comodo Forums with many different language sections being supported. Failing all that, where either nobody on the BB can understand you and/or you cannot understand them (you seem to have taken a few things seriously wrong judging by your responses) you can go to Comodo Support, register on their system & raise a support ticket on your issue, which you have also previously been told.

I’m also sorry you are having problems with CFP, but I disagree with your stance that this is a specific failure of CFP. It is of course, impossible to know for sure, since you have not provided any evidence in the forum of screen-shots or CFP Log entries of the CFP alerts in question. But, one thing I am certain of, nobody here started attacking you… on the contrary, most want to help you. They are, for the most part, merely disagreeing with you or asking for information, neither constitutes an attack. Sure, some have lost patience with you… But, under the circumstances I’m not sure what else you expected.

Also you should also be aware that we have an International Comodo Forums with many different language sections being supported.
ye, but dun haf Vietnamese yet. BTW, in case firewalker u r Vietnamese, i can help u. :)

But ■■■■, i dun tink he come bak 2 our forum again after some kinda harsh words.

i tink its enough for firewalker. dun haf to so concern abt an ungrateful kid.

comodo giv him da best 1 for FREE and help his problem. he refused da product and da words. even act like all r suks n stupid. :-\