Comodo firewall is blocking... What?

Discussion in 'other firewalls' started by bellgamin, Jul 17, 2008.

Thread Status:
Not open for further replies.
  1. bellgamin
    Offline

    bellgamin Very Frequent Poster

    I just noticed that my firewall (CFP3) is doing a repetitive block ~every 2 minutes. The log is loaded with them. Below is a screenshot of a small part of them. Can anyone explain...

    1- What is going on?

    2- Should I stop this blocking action? If so, how?

    Attached Files:

  2. Sully
    Offline

    Sully Registered Member

    That would be an all broadcast. If I remember right that is an all hosts broadcast. I think a different octet is all routers, maybe like .3 or .4

    Edit. Oops. That is local traffic. You should not need to worry about it. One time I had an older 10base hub that was seeking to announce itself. I had to com into it to tell it to shut up. Unplug your devices one at a time to find the broadcaster. It looks like something on your network is asking maybe why you are transmitting. I am not aware of what program would do that. Maybe some SNMP application?

    Sul.
  3. bellgamin
    Offline

    bellgamin Very Frequent Poster

    Hola Sul -- On my "network" there is just little old me & my faithful but aging computer.

    I definitely want to STOP all this dadgummed logging, but HOW?:mad:
  4. aigle
    Offline

    aigle Registered Member

    Logging is rather stupid in CFP. There seems no way to control the logging.
  5. Sully
    Offline

    Sully Registered Member

    Hmm. Something on your computer is expecting others to be 'out there' locally. Here is a quick google finding, may not be the best but does sort of explain it's uses.

    http://tldp.org/HOWTO/Multicast-HOWTO-2.html

    And about IGMP

    http://209.85.141.104/search?q=cache:2IIsKUhuwuoJ:en.wikipedia.org/wiki/Internet_Group_Management_Protocol+igmp&hl=en&ct=clnk&cd=1&gl=us&client=opera

    http://209.85.141.104/search?q=cache:0nZ1earGfDQJ:www.et.put.poznan.pl/tcpip/igmp/igmp_intro.htm+igmp&hl=en&ct=clnk&cd=4&gl=us&client=opera

    I have networks, so I always assumed when I seen it that it was due to the hardware switches, hubs, routers, print servers, servers, etc.

    Sul.

    Edit: You have a router, dsl modem or cable modem? Could be part of the equation.
  6. Adric
    Online

    Adric Registered Member

    Create a network rule for WOS (windows operating system) from 'Running Processes...' and block IGMP and leave logging unchecked for that rule. You can allow or disable logging for each network rule. Mine looks like this:

    WOS4.JPG

    If you noticed, I set logging on for all except one rule. BTW, I do not use global rules because I find it easier to do everything via Application Rules.

    Al
    Last edited: Jul 17, 2008
  7. bellgamin
    Offline

    bellgamin Very Frequent Poster

    IGMP was not on the Protocol drop-down list.

    In any event I located the default global rule that was generating the repetitive log entries, & turned off logging. That did the trick.

    However, I would like to know how you got IGMP on the protocol list.
  8. wat0114
    Offline

    wat0114 Guest


    Hi Bellgamin,

    I'd agree with Sully. the source ip looks to be that of a router, so I assume you are behind one? It is probably your router sending the broadcasts.
  9. Adric
    Online

    Adric Registered Member

    WOS5.JPG

    Al
  10. bellgamin
    Offline

    bellgamin Very Frequent Poster

    @Adric - I see. 10 Q!
Thread Status:
Not open for further replies.