[EDIT] Mistakes in Comodo configuration

[sunnymorning 1]

so ive used the settings as per this guide and i gotta tell you ive realised , having leaks since torrents still where connecting , thats how i noticed in the first place ,i even set the airvpn dns in my physical network adapter , never happened with the old comodo firewall settings , hence the comodo firewall guide is a very dangerous setup !

https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=3405&Itemid=142

i suggest to rather set it up as was in the old guide , thats setting your wifis ip as network zone and then setting it to block everything not connected by your wifi to your selected airvpn server , then create allow rules for all airvpn server ips , just create a network zone for each airvpn server used , that way you can update

the network zone without having to touch the actual allow rules as stated in the guide , seriously this new guide shouldnt even be released as is , i wasnt expecting this from airvpn , since i put ALOT of trust in them and thought they actually test these things before releasing inaccurate guides that could endanger ones security , test these things before releasing AIRVPN , this is not good

and you guys know me i hardly complain but this is serious stuff not to be taken lightly

[Staff 9781]

Hello!

The guide is just fine and it works perfectly. It has also been thoroughly tested in several months successfully. There must be some mistake on your side, please contact our support team at your convenience.

Kind regards

[sunnymorning 1]

as i said i wish it where a fault on my side , but it isnt ive followed the setup by the book , ill contact support asap , and dont think im doing this for fun ok , dont know what is up , but somethings not right in the setup here

[sunnymorning 1]

ok after further testing , ive found out that its the loopbackzone , apparently when i set it as allow rule , torrents keep on downloading

its 127.0.0.1 - 127.255.255.254 and ive tried with 127.0.0.0 - 127.255.255.255 as well , same, anyhow ive contacted support as well

[Staff 9781]

ok after further testing , ive found out that its the loopbackzone , apparently when i set it as allow rule , torrents keep on downloading

its 127.0.0.1 - 127.255.255.254 and ive tried with 127.0.0.0 - 127.255.255.255 as well , same, anyhow ive contacted support as well

Hello!

That's incorrect, your [Loopback Zone] network zone is defined as [127.0.0.0 / 127.255.255.255], while it should have been defined as

IP Range in [127.0.0.0 - 127.255.255.255]

(or to be precise [127.0.0.1 - 127.255.255.254] but it does not make any difference for leak prevention purposes).

The wrong definition caused packets authorization to be sent to and received from a massive amount of IP addresses. The guide clearly warns about the difference between an IP range (which is displayed with a "-") and an IP / NetMask (which is displayed with a "/" according to CIDR notation). If you have issues please feel free to contact the support team before assuming that there's some incredible mistake in the guide, your accusations are inappropriate.

Kind regards

[sunnymorning 1]

lols, damn i totally didnt add as well

Allow IP In/Out From MAC Any To IP 255.255.255.255 Where Protocol Is Any

and actually made the loopback zone as an ip with dns instead of a ip range , my bad ,thanks airvpn , you guys rock as always helping out the noobs when lost , how could i have mixed that one up , jesus xD

[sunnymorning 1]

yep , your right guess that caught me off guard , thanks xD

[sunnymorning 1]

ok ive just tested it with the working comodo configuration , still leaks , still downloading torrents ,please help , only way to stop it is set the mac to mac block rule and nothing else , but then i cant connect to airvpn , im gona have to contact support again , damn it , this is really difficult to get right

[Ellipsis 0]

I had a post in the past that had a Comodo config.

2 things to note, disable IPv6 and also there is another loopback zone called link-local that is 169.254.0.0/16

I also did a few other tweaks there, but make sure your firewall is in the right mode to follow the rules.

If you have logging on for the rule, check that when not on the vpn that triggers show up in the log.

[sunnymorning 1]

its already fixed , was abit of a hassle , but got it to work , had a couple wrong entries thats why, but its workin fine now thanks to support , thanks

[Pulse 0]

I had a post in the past that had a Comodo config.

2 things to note, disable IPv6 and also there is another loopback zone called link-local that is 169.254.0.0/16

I also did a few other tweaks there, but make sure your firewall is in the right mode to follow the rules.

If you have logging on for the rule, check that when not on the vpn that triggers show up in the log.

The addresses from 169.254.0.0/16 are actually link local addresses (used for APIPA) not loopback. The zone will only exist if you've answered a 'New Network' alert for this block. This can happen if, on just one occasion your DHCP server fails to reply in a timely fashion.