The First ICMP message Type (11) Code (0) is actually TTL equals 0 or Time to Live = 0. This is sent to the sending host if the original packet TTL reached 0 when it was forwarded by a gateway.
The second ICMP Type (3) Code (3) is actually Port unreachable as opposed to Host or Network being unreachable, so it’s potentially quite specific.
I’ve seen loads of these in my logs, from time to time, particularly the latter of the two. I’ve now created a rule to block those I don’t want to see. It was easy enough as they all originated at the same IP Address.
As far as I understand the System Idle Process will inherit all the open ports from any other process that “dies”.
So if I use a bit-torrent application and then close it, the SIP keeps getting attempts to connect from other BT users.
My log file shows it clearly.
How can I stop this or should I do anything about this?
OddHat
They said that they will fix this with 276.It seems not.It drives me crazy when i see the log,and i don;t want to switch it off.I use cfp without d+,but probably i’ll renounce for good.You made 2.4 great ,i’ll return to that probably,but this is too bugged.Please if u will put cmg in v3 release the book first,or test it for a year.
If you don’t want to see the logs for WOS events, just uncheck the Log… box in the block rule for WOS in Network Security Policy. If you are using a Predefined Policy, you will have to choose “Use a Custom Policy” and then select the Predefined Policy you want from the “Copy from” button balloon. Once you have that done, you can Edit the Block rule.
windows xp service pack 2 in firewall in have loads of entries for windows operating system so yeah that is what I am talking about I want them unblocked
Entries, where?? Do you refer to what I’ve taken a screen shot of below? These entries come from a predefined policy which allows Windows functions. There’s no blocking there. Do you mean something else? Do you get alerts?
no I am talking about the firewall as in the top the of comodo firewall there is the firewall icon click it then go to view firewall events and there where I can see loads of blocked attempts
So what is the problem that you actually encounter? What you normally should see in that log, is a lot of log entries for blocked attempts of ingoing connections. I still don’t know exactly what Windows system attempts you refer to.
When updating, I recommend that you switch to “Installation Mode”. This will eliminate the popups, except for a first one maybe.
I don’t use logging myself, so I’m not used to that message. But I turned it on now and I get the same as you. I think it’s just your system blocking incoming attempts of connections, thanks to your default Network Security Policy.
I’ll suppose they’re okay to be blocked.