What's this?

This looks like a log from Comodo firewall. Am I correct? WHOIS lookup shows:

Information related to '91.124.0.0 - 91.124.255.255'

inetnum: 91.124.0.0 - 91.124.255.255 org: ORG-USTC1-RIPE netname: UA-UKRTELECOM-20061006 descr: JSC "Ukrtelecom" country: UA admin-c: ARM3-RIPE tech-c: DKZ1-RIPE notify: *******@ukrtel.net status: ALLOCATED PA mnt-by: RIPE-NCC-HM-MNT mnt-lower: AS6849-MNT mnt-routes: AS6849-MNT changed: **********@ripe.net 20061006 source: RIPE

Information related to '91.124.0.0/16

route: 91.124.0.0/16 descr: AGGREGATE BLOCK FOR UKRTELECOM origin: AS6849 mnt-by: AS6849-MNT changed: *******@ukrtel.net 20061006 source: RIPE

I don't know who your ISP is, but possibly Comodo is causing a communications problem between your router and ISP. Just a guess. Would be more helpful if I knew what Rule 5 is specifically.

Thanks. Yes it is Comodo. Please see the screenshot

A good guess would be that you are running Skype or something similar which has the mentioned port stated as connection port.

Use netstat or TCPview to check if an app is listening on this port.

Yes, it means that you're using software, which you don't understand. It's useless to log all such things. And I hope, your software does not show you ridiculous popup windows for each event ;-)

Yours, VB.

Well, UDP packets from various hosts on the Internet to port 35865/udp on your computer triggered Comodo's "Network Control Rule 5". Whatever that's supposed to be.

First step should be to find out why your router forwards this traffic to your computer in the first place. Your computer has a private IP address, so it shouldn't receive any unrequested traffic from the Internet unless there's a good reason for it. Next step would be to find out what exactly "Network Control Rule 5" is, and why it is in place (IOW what purpose it serves). Any subsequent action would depend on the outcome of the aforementioned two steps.

cu

Thanks for everyone's help. I found out it was eMule listening for the packets. Now I'll try to figure out why.

If you use emaule to download anything, the other IP's will continue to probe that port for the entire session. If you are on a broadband connection, that will probably continue until you reboot your computer. Also, if you attempt to download with emule and don't have a specific rule created for it, you'll get those alerts from Comodo since the other peer IPs are not reaching the port emule is listening on. If your emule program is not running, it shouldn't be listening on that port. In that case, you might want to check task manager and make sure all the elements for emule are not running. I know that when I've used Bittorrent or Utorrent, once I close out the program the IP's will continue to probe until I go offline. Then, once I go back online, it will stop. You probably also want to create a specific rule for emule to receive packets at port 35865.