Immediately whnen I try to log all the blocked traffic with the global Block All Incoming Global Rule, this has been going for years now, when are you going to fix this?
You are specifically telling the firewall to log blocked incoming connection attempts, which in turn will show WOS as no application is listening on the given port that was blocked.
First: there is no specific port to be blocked, is a global rule that comes with CFW, I just activate loggin of such rule, while this doesn’t happen when I leave it at its default of not logging it, this is a bug, not a feature, fix it, sometimes I need to see what has been blocked, and when this happens, the WOS gets blocked, everything start to work wrong or gets blocked, this was not a problem many years ago, I try not to use it because I know is broken, and never got fixed even when I reported it years ago, you really don’t care
Hello Saul Luizaga,
As Futuretech suggest’s it’s not an bug.When you enabling the Global ruleset to blocked so “All Incoming Global Rule” are blocked then it is doing their work normally. It will works as per your settings.
For further clarification Could you please follow this format to elaborate the issue.
- What you did?
- What you actually saw?
- What you expected to happen or see?and if possible with Screenshot.
Kind Regards,
PD
How do you know it is not blocking a specific port? Did you check the firewall logs which will show what was blocked? You like everyone else keeping looking at the wrong section, mainly the blocked applications list which does not give you any indication of the exact details of the block, which cause the application to appear in the block application list.
Wow I can’t believe both of your posts were, pretending to correct me when you’re all wrong.
You don’t even know your own product at the seems, because if you did you’d know the rile is at the bottom of the Global rule set, hence will only apply after the all the allow rules have been applied, second if it’s there, it’s being applied already, I just turned the logging, as I described, and in any case shouldn’t block Windows Operating System pseudo-process, which doesn’t happen happen when not logging, so it is a logging bug of that or any rule logging inbound traffic; tested on other rules I created to see if it was that specific rule, block inbound rules or a logging bug.
Since you can’t even look at your own product, I’ll do it for you:
Ignoring the insulting remarks towards not only a moderator but a Comodo staff member which is against forum policy, I’m going to explain a few things. For one you are again ignoring a key piece of information that is available to you that helps you understand the nature of the block, which is to review the firewall events in the event log. Blocked applications list doesn’t get populated with applications unless an application is logged in the event logs for a giving security component e.g. firewall, hips, etc.
Without being able to see the blocked events from the firewall log, I’m going to guess the block came from something that the rules would have no affect on, which is blocking of certain types of ARP packets if you have enable anti-ARP spoofing enabled in the firewall settings. Another cause of blocking could be multicast or broadcast traffic that have a source address that falls outside your defined network zones for allowing incoming connections.
Please look at the firewall logs and if empty make sure you use date & time filtering to entire period or no filtering to see all logged events.
It is not insult/slander when is true, this is even a legal disposition in courts of law all over the planet, but yeah, even so you were what I mentioned it was not my intention to insult but to point out your mistake, anyway I have made correction to my correction to be more to the point and less emotionally hurting. My intention is for you both to realize your reasoning is faulty and should be avoided, not to qualify you permanently as ignorant and dumb, it’s just your current reasoning state.
You again, guess wrong, it is the rule as I explained, you just decided to ignore a key piece of info I explicitly gave on my first post to precisely avoid you and the staff making all these dumb conclusions you’re coming with out of ignorance, without trying to seek truth and based any and all conclusions from facts. And so, the logging is pretty much irrelevant, because as I wrote, once WOS gets blocked it will make all communications in or out of the computer unstable and eventually blocked, the loggin reflects the blocking of such apps and WOS; this communication Catastrophyy, doesn’t happen at all when the logging is turned off for that or any incoming traffic blocking rule. Any and all allow rules are ignored, like the logging gave this rule first place, not last as seen in the configuration image, and this is fact that proves without any reasonable doubt that it is a logging bug.
The logs will only show the traffic that once was allowed, blocked, checked myself many times. There is no out of allowed zones blocking nor ARP setting is on, it’s also off 'block fragmented IP traffic '; as mentioned The Firewall works OK all the time when not logging is happening.
Just don’t reply anymore if you are not going to provide the requested information that is being asked, you clearly do not understand how the firewall works and only proved that it is working by enable logging. You also fail to realize the fact logging is relevant when WOS is listed as a blocked application it will also be shown in the event logs, which if you provided such logs it would be easier to understand what is happening. Also this thread was never locked so I honesty don’t know what you are talking about.
Finally you fail to realize that traffic must pass both global and applications rules for something to be allowed, when dealing with incoming connections the global rules are consulted first then the application rules, if both rule sections does not contain a rule to specifically block a connection, it will be allowed. Also I have enabled logging of the default block incoming rule and I did not notice any issues with other applications sending or receiving connections and network connectivity of existing connections were not blocked either.