Alas, I had to deinstall the comodo firewall.
Why? Because it did it’s job far too well.
I’m using a Thinkpad R52 as my primary PC. I am running IBM marvelous “Client Security Solution”, that depends on access to my TPM chip, during bootup to allow me to log in via fingerprint scanner. This is also known as “security that works”.
Alas the Comodo firewall blocked the CSS login service from accessing the TPM device via internal communication, so when I enabled Comodo Firewall, I was no longer able to log in. Luckily I back up my system before I make any changes to it, so it was just a temporary setback.
The problem isn’t really with Comodo Firewall (that software just did its job), but with the CSS/TPM interaction, which is mostly undocumented.
Since this intercommunication happened before login, there was no way I could “allow” the transaction manually.
What I would like added to the Comodo firewall is a setting where it allows (but logs) all internal intercommunications, so the user can select a log item, and make a rule for it. Thus setting up the system later on. This would leave far fewer gray hairs on users like me.
(Who will continue to participate on this forum)