PDA

View Full Version : SqueezeSvr.exe not recognized by COMODO



ovonrein
2010-03-04, 04:38
Hi all,

Ever since I allowed my squeezebox installation to upgrade itself recently, I have no end of trouble with my COMODO Internet Security suite. Both the Firewall and Defense+ do not appear to be able to remember/recognize SqueezeSvr.exe. I assume you are not familiar with COMODO so I will give you a brief outline of its behaviour in the hope that it will set some bells ringing:

In COMODO, I can associate a ruleset (direction of traffic, protocol of traffic, ports, addresses) with every process. If traffic hits the firewall, COMODO will trawl thru the list of rulesets to find one associated with the application for which the traffic is headed. If it finds such a ruleset, it applies the rules to the traffic. If it cannot find a ruleset, eventually it will hit a catch-all ruleset.

Any traffic to and from SqueezeSvr.exe ALWAYS hits the catch-all ruleset.

I can modify that catch-all ruleset so that an alert pops up and asks me to manually decide what action to take. If I say "allow" and "remember my answer", then COMODO will actually add a (very crude) rule to the ruleset for SqueezeSvr.exe - the very ruleset it ignored on the first pass. And also, this automatically generated rule will be ignored on subsequent traffic and I continually get hit with firewall popups.

The same happens on the pro-active Defense component. On the first popup I told COMODO to treat SqueezeSvr.exe as a "Trusted Application" - it makes no difference. I get pop-up after pop-up. It's insane.

Anyone come across this behaviour before?

Thanks.

ovonrein
2010-03-04, 09:54
Good Lord - it's never happened before that NO-ONE on this forum replied within the hour. Anyway, time for an update: I managed to get SqueezeSvr.exe running by ... double-clicking on the actual file in Program Files/Squeezebox/server!! Basically, it seems that it's ok to launch direct but not ok to launch from the SqueezeTray.

Ring any bells?

Mnyb
2010-03-06, 14:06
Can't you just do the rules manually ? remove the old rules and make new ones for SqueezeSvr.exe

I've never used comodo but most other firewalls have a list where you can see the apps and their rules, usually you can edit or add new ones yourself.

I assume you now that squeeze should have port 9000tcp and port 3483 tcp & udp open

ovonrein
2010-03-07, 05:31
No ideas from anyone? I am still working on this problem and I think I may have narrowed it down. I suspect that there may be a bug inside COMODO 4.0 with regards to 8.3 DOS names.

I can start SqueezeSvr.exe by double-clicking inside the folder "C:/Program Files/Squeezebox/server". Started this way, SqueezeSvr.exe will identify itself to COMODO as "C:/Program Files/Squeezebox/server/SqueezeSvr.exe" and will thus abide by any ruleset I configure. However, launching SqueezeSvr.exe the normal way, via SqueezeTray.exe, will always fail because COMODO will see "C:/PROGRA~1/SQUEEZ~2/server/SqueezeSvr.exe" instead. I also have problems with MySqld.exe for the same reasons. Now, this clearly appears to be a problem with COMODO. It would just help me for now if I could work-around the issue by somehow modifying the startup behaviour used by SqueezeTray. Any ideas?

ovonrein
2010-03-07, 05:38
Can't you just do the rules manually ? remove the old rules and make new ones for SqueezeSvr.exe
Sorry, did not see your reply before posting above. As you will appreciate, the problem with SqueezeSvr is that it needs to receive incoming connections. There isn't too much of an issue with outgoing stuff: I could just leave the default rule in place which says "allow all outgoing traffic". However, I cannot clearly add a similar rule for incoming traffic. So I must add incoming rules for each admissible process. And the problem appears to be that COMODO simply fails to map a 8.3 DOS name against any rule. I tried adding every permutation. There's simply a bug. Ideally, as I wrote before, I would like to get rid off the 8.3 name used by SqueezeSvr.exe.

From what I can make out (after reading reams on the internet), you (may sometimes) get a 8.3 DOS name if you access a file like so

C:/Program Files/...

while you preserve the original LFN if you launch like so

"C:/Program Files/ ..."

It would seem to me therefore that somewhere in SqueezeTray's launch sequence, it does not employ quotes. Would anyone know where this might be? Perhaps I would only need to change a script file?

Thanks.

ovonrein
2010-03-07, 06:00
Weird and weirder. I was just in the process of logging a bug report against COMODO and thought "hey, let's double-check I can reproduce the bahviour with SqueezeTray". So I stopped the process (which I had started from file explorer) and launched again via SqueezeTray. And it works. It doesn't defeat my COMODO theory, mind, since SqueezeSvr.exe now reports to COMODO under its LFN.

I clearly have 2 problems: (1) COMODO has a bug; (2) I haven't got the foggiest idea under which circumstances COMODO receives (from Win XP, I presume) the 8.3 DOS moniker, and when not. Arrggh!!

ronlog
2010-03-23, 05:15
I've got the same issue with Comodo 3.14.130099.
I don't know if you had the problem with tis release of Comodo or if you got it when you upgrade to Comodo 4.0
I saw your posts on TechNet, Comodo and superuser forum.
It seems there is still no fix. :-(

Win7 64 - Comodo 3.14.130099 - Squeezebox Server 7.4.2 - r30215

jimzak
2010-03-24, 04:12
When I first started using SB a few years ago, I had to get rid of Comodo to get SB to work.

I recommend a dedicated server computer and just using Windows firewall.

BTW recently Comodo issued an update that killed many folks Windows installation. That incident ended my relationship with Comodo on all my computers.

ronlog
2010-03-24, 07:49
Yes I agree. I planned to buy a dedicated computer near the HiFi system. I think it will be a fit-PC2 running Ubuntu.
But it is just a planning. Now I'm without a solution and I don't want to go away from Comodo just because of that issue. If I change to an other firewall I will have to learn it and learn its issues. Its time that I don't have.

dwitkin
2010-09-05, 13:07
Hello. I'm currently using Comodo successfully with SqueezeCenter. You may need to setup a number of trusted applications AND change your default configuration for the "Trusted Application" under the predefined firewall policy. The default "Trusted Application" policy does not appear to include UDP communications. I also added ports 3483 and 9000.

If anyone is still having problems using Comodo with SqueezeCenter / SqueezeBox, I can try to provide detailed instructions on my Comodo configuration.

ronlog
2010-09-05, 14:21
It works now and it seems solved by updated softwares.
The issue was not a port related one but a software name one.
I can't remember whether it was solved buy updating Squeezebox server or Comodo firewall.
I use now:
Comodo 4.1.150349.920
Squeezebox Server 7.5.1

ronlog
2010-09-17, 14:51
I correct my previous message.
The issue occure again.
I then change to the new Comodo 5.0
But some program are recognize as semi 8.3 DOS name like this:
C:\PROGR~2\Squeezebox\server\Bin\MSWin32-x86-multi-thread\socketwrapper.exe

The first part is 8.3 but not the last. Strange not? That bring Comodo Firewall to not recognize the registered rule.

Sqeezebox server is the only program that gives me headache with Comodo.

I add that I use Win7 x64. That may be a reason.

jimzak
2010-09-18, 04:00
Just use Windows Firewall. Nothing to learn. Uninstall Comodo and just turn on Windows Firewall via Control Panel.

ronlog
2010-09-18, 10:02
Just use Windows Firewall. Nothing to learn. Uninstall Comodo and just turn on Windows Firewall via Control Panel.

That is what I do now as I have no other solution. But I would like to do it for short time.
I prefer much more to use Comodo as I have exact control of what applications can do. And I don't understand a lot of residential, private, ... concept of the windows firewall. As I don't understand exactly, I don't want to use. And I don't want to disable my firewall to make ONLY ONE application running.