Windows operated system is blocking my local network

a part of comodo firewall log
Windows Operating System Blocked x y z TCP - what kind of rule (or rules) I should add and to what program/application to allow this connection?

The easiest way to allow your network is to use the Stealth Ports Wizard.

Firewall->Common Tasks->Stealth Ports Wizard->Click on “Next”->Check the box “I would like to define and trust a new network zone”
Enter the starting and ending IP range of the network, so for the whole range it would be to
Now click Finish, you should receive the message “Your firewall has been configured accordingly” and if you look in Firewall->Advanced->Network Security Policy, you will see 2 application rules for System and there will also be 2 Global Rules for the IP range.

Be advised that by doing this you are trusting the other stuff on your network, if you do not need access or they don`t it is not needed. Also you can alter the range to suit.


I done something like that earlier and still I have the same problem. I will try to reinstall CIS and try to run wizard one more time.

Unfortunately re-installation of CIS did not solve the problem.
I’m using 64 bit version of CIS (only firewall + defense+ installed).
I run “Stealth Ports Wizard” twice (for and later for zone)
this are the rules that i have in Network Security Policy:
allow udp in/out from is [zone] to ip ANY where source port is ANY and Destination port is ANY - i changed from only “in” to “in/out” this rule

Allow system to send/receive requests if the target/sender is in [loopback zone]/[zone]

Global Rules
Allow All Outgoing/Incoming requests if the target/sender is in [loopback zone]/[zone]

block icmp out from ip Any to ip Any where ICMP is protocol unreachable
block icmp in from ip any to ip any where icmp message is [17/15/13/echo erequest]

What is now coming up in the logs and what is not working?

You shouldn`t need the Loopback rules. Try Removing the rules for System and the Global rules.
Personally i would also never have an incoming rule for svchost.exe

Run the Stealth Ports Wizard again as above you should end up with rules like the pictures.

Just something, Comodo firewall works such that if an incoming connection is received and there is nothing listening for it/rules allowing it through it will log the droped packets as Windows Operating System.

If everything is working fine i would try and find out why is sending TCP packets to your computer. What port number is the block showing up as? This may help lead us to what is triggering the block in the log.

[attachment deleted by admin]

SOLVED - for now (I done this - removed all global rules and run wizard again)

But the real problem was that i had mark in COMODO internet security firewall driver (settings->network connections->Local Area Connection->properties->general). When I unmarked it and restarted windows in my computer connected directly to my ISP, I finally have a internet on my second computer without disabling Comodo firewall.
And NOW everything works fine.

Thanks Matty_R.