working with exclusions

Hi there,
I’m new to comodo, so I was wandering if anyone could help me with a little problem i got.
I searched for “exclude” but only got mixed results which didnt have anything to do with my problems and the faq doesnt really help either.
Well, here’s my problem:
I want, for instance, allow firefox to access any webpage, except google.com.
So logically I would define a rule, saying that every access is to be allowed, just not googles Ip.
To do that, I’d hit “exclude” in the destination-ip-tab then single ip and then I’d write down the ip into the form.
Well, I read in the manual that this rule doesnt automatically disallow access to the ips stated in that form, but just doesnt include it in the rule, so that you’d have to define another rule just for that ip (I know thats true cause it asks me what to do with ips other than the one I included in the rule, later when I use ff).
The thing is when I add a new rule, say block everything with that ip as destination it does not add that rule to the list, but instead alters my existing firefox-rule, changing it to “block destination ip xxx”.
Well, problem is obvious (or at least its obvious what I’m having a problem with).
Thanks for any help,

hachel

hi,

a firewall is might not build for that. use google for a web “washer”.

this is limiting software, a firewall cant do this on the fly since its layered more down.

Mike

PS: google returns with many ips, one in the forum said once

welcome to the forums, hachel ~

Working just with “google.com” there are a few methods. google.com returns an IP range of 72.14.192.0 - 74.14.255.255; no doubt as Mike said, that’s just one set of IPs for Google (as a whole).

You can use the Application Monitor rule for your browser as you mention, setting the rule to Allow… and on the Destination IP tab, select Exclude, then define the IP Range as per above.

You could also create two Application Monitor rules for your browser. One to Allow, the other to Block (with a defined IP Range).

You could also create a Network Monitor rule, placed in position Rule ID 0 (at the very top), to Block TCP/UDP Out to Destination IP/Range: (defined as above).

With any of these methods, reboot after creating your rules.

Also, in this thread, there are a number of tutorials and explanations about various aspects of CFP. One explains methods for IP-based blocking with CFP.
https://forums.comodo.com/index.php/topic,6167.0.html

Hope that helps,

LM