Hi.
I like to think i can write firewall rules ! 8)
Can’t make sense of this…
I use CIS firewall. Nicely set up… loads of rules ;D … no access issues… reported running by Action Center.
Perceived wisdom is to turn off Windows Firewall so I did. Action Center confirms only CIS on.
Noticed Resource Monitor say listening ports like 139, 445 etc all ‘Allowed, not restricted’ by firewall status. Not what my Comodo rules say!
Checked WF in control panel. WF back on! But off according to Action Center ???
Now, if WF is on, then WF’s rules are active, right? And WF allows all outgoing traffic by default. How does that fit with my Comodo paranoia rule-set?
Checked EventViewer. Confirms WF is on and ‘core networking’ Allow rules are all active.
Turned WF off again via control panel.
Event viewer told me dllhosts.exe turned WF back on again! Maybe Comodo needs WF on? :-\
So changed WF’s default to block all outgoing. Couldn’t get DHCP, let alone online. Proves WF is active if nuffing else.
Enabled WF’s DHCP Allow rules and changed WF’s DNS Allow rule to point to Comodo DNS addresses.
Now I got a connection but nothing else worked.
Sooo… if i can’t turn WF off and its rules are active, either I revert WF to allow all outward traffic or start making rules in WF for my browser, email etc. So I reverted WF to allow all outgoing that doesn’t have a block rule and blocked all the core networking stuff i didnae want. And here i am!
But hang on, I have Comodo! Does Comodo stand on WF’s shoulders? If so, how do the different rules work together? Surely I don’t need to create all my in/out rules in WF too?
If I’m missing a trick I’d like to know.