In this guide we will be Blocking all traffic unless we are connected to a VPN of our choice or a range of VPN servers with Comodo Firewall.
You may want to have some information from the LiquidVPN Client Area.  Such as the server status and ip address(s) of the server(s) you use.
We are going to disable HIPs before we start.  To do that we want to Right Click the Comodo Firewall System Tray Icon and Hover over HIPs then go to DISABLE see picture below.
Disabling HIPS through system tray Comodo-HIPS-Disabled



 1.   The first thing we want to do is open up Comodo! Click Tasks in the upper right Corner.
Comodo Firewall Home Screen



 2.   Click Firewall Tasks.
Comodo General Tasks; Click Firewall Tasks in the lower left corner



 3.   Click Open Advanced Settings on the lower right.
Click on Open Advanced Settings



 4.   You should now see Advanced Firewall Settings.  The only things we want to have on/checked are the following options.
Enable Traffic Filtering (Custom Ruleset)
Do NOT show popup alerts (Allow Requests)   This is completely optional so test it out!
Filter IPv6 traffic
Advanced Firewall Settings



 5.   Click on Network Zones, Make sure Enable Automatic Detection of Private Networks is enabled.  You may delete these 2 default zones if you want I did.

Right Click Add-->New Network Zone
Enter in 'DNS Servers' for the name
Click Ok

Right Click Add-->New Network Zone
Enter in 'VPN IPs' for the name
Click Ok

Right Click Add-->New Network Zone
Enter in 'VPN Servers'
Click Ok
Adding Network Zones



 6.   Yes! You made it, I know 5 was a killer! Hopefully you have something similiar to below, if not go double check what you did in Step 5.
List of New Network Zones created in Step 5
 


 7.   First we want to Right Click on DNS Servers and add a new address.  If your using LiquidVPN the DNS is 10.10.10.10.  So you would select IPv4 Single Address then enter 10.10.10.10 as the IP, Click Ok.
Add New Address for DNS Network Zone
Addressing DNS Servers



 8.   Now we want to Right Click on VPN IPs and do the same thing, but we want to do IPv4 Address Range this time.  If your using LiquidVPN you can use 10.0.0.0 - 10.45.0.0.  **If your routers Default Gateway falls in this range it defeats this whole tutorial so just exclude it from the range or change the Default Gateway on your router.
Add New Address for VPN IPs Network Zone
Addressing VPN IPs



 9.   You may have guessed, now we want to add a new address to VPN Servers.  If you didnt go over to the Client Area earlier then you need to do so now or enter in a VPN address you have.  **127.0.0.1 is not a VPN address!!
Select IPv4 Single Address and enter in the VPN IP Address. Click Ok
Add New Address for VPN Servers
Addressing VPN Servers Network Zone
 


10.  Your Network Zone should like something similiar to below except for the server address which is found in our client area.
Example Network Zones Finished



11.  Click the Global Rules (I removed all existing rules in the screenshot below. Your should as well.).
Global Rules



12.  Expand the bottom aread and Click add
Add Rules



13.  If its not mentioned below ignore.
Action: Block
Protocol: Ip
Direction: Out
Log as firewall event if this rule is fired
---Source Address---
Exclude
Type: Network Zone
Zone: VPN IPs
Click Ok
Block IP out
 


14.  Click Add again
Action: Allow
Protocol: UDP
Direction: In or Out
Log as firewall event if this rule is fired
---Source Port---
Type: A Port Range
Start Port:67
End Port: 68
---Destination Port---
Type: A Port Range
Start Port: 67
End Port: 68
Click Ok
Allow UDP In or Out, Source PortAllow UDP Destination Port



15.  Click Add again
Action: Allow
Protocol: TCP or UDP
Direction: In or Out
Log
---Destination Address---
Type: Network Zone
Zone: DNS Servers
---Destination Port---
Type: A Single Port
Port: 53
Click Ok
Allow TCP/UDP In or Out, Network Zone Dns ServersDestination Port Tab of new rule



16.  Almost there!  Click Add again!
Action: Allow
Protocol: IP
Direction: In or Out
---Destination Address---
Type: Network Zone
Zone: VPN IPs
Click Ok
                                                                                                                   



17.  Almost done!, so we want to arrange our Rules.
Allow and Log TCP or UDP In/Our From Mac Any To In [DNS Servers] Where Source Port Is Any and Destination Port is 53
Allow and Log UDP In/Out From Mac Any To MAC Any Where Source Port Is In [67 - 68] And Destination Port Is In [67 - 68]
Allow and Log IP In/Out From MAC Any To In [VPN Servers] Where Protocol Is Any
Allow and Log IP In/Out From Mac Any To In [VPN IPs] Where Porotocol Is Any
Block and Log IP Out From Not In [VPN IPs] To Mac Any Where Protocol Is Any.
Order of operation for rules see Step 17

18.  Congratulations, if you werent connected to your VPN and your Global Rules are Enabled you no longer have Internet!  You can just Right Click your Comodo System Tray and Disable Firewall if you are not connected to your VPN and wish to surf the Internet.

Also Read

OpenVPN Auto connect at start up on Windows 7
So your finally getting sick of having to click and connect to your favorite vpn!  In this guide...
How to make OpenVPN auto connect at start up Windows 8.1
Please if you are not comfortable going into the registry do not follow this guide!In this guide...
How to Connect to LiquidVPN Using L2TP on Windows 10
Automatic L2TP, PPTP, SSTP DialerThis is the simplest way to connect to LiquidVPN with L2TP, PPTP...
How to Install LiquidVPN on Windows
In this guide we will be installing LiquidVPN and configuring it to work on Windows 10. This...
Installing OpenVPN on Windows XP
In this guide we will installing open vpn.  Generatoring our OpenVPN Config Files VIA...