FromBabylon

Hello, Thanks for your answer So you mean Eset firewall can work with 2 zones at the same time ? Because, despite it seems to be a good solution to my problem, when VPN connected ESET recognized the utun0 interface and therefore load zone 2 (let's call it like that) and allow basic rules like I said before. But if an attempt of connection from my real IP pops up while still connected to VPN with utun0 (so if there is a LEAK) would ESET take into account the 2 zones ? I mean would it block the leak because it's in zone 'Block all from real IP' and also continue to allow trafic on utun0 which belongs to 'zone 2' ? I thought it could only deal with one zone at each time and has to change between zones. Am I wrong ? Furthermore I would have to allow some essential trafic from my real IP : connection to the router to be assigned IP address via DHCP. Basically allow from/to 192.168.0.0.1 with UDP and ports 67/68 isn't it ? The DNS and the connection to my VPN server for the login.

Hi all ! I've just downloaded Eset Cyber Security Pro for my mac and I need help to configure the firewall. (I used to have Icefloor) First question is : do I have to disable built-in os x firewall so as to make eset firewall work correctly ? Second question : How do i setup the firewall so as to NO OUTBOUND connexions could escape from my real IP address (192.168.0.0/24) to the internet. I have setup two zones : - one for the en0 adapter which load several rules : allow in/out for OpenVPN connect (my VPN app) TCP/UDP, allow in/out for openvpn process in TCP/UDP and allow local network. Also Checked DNS. So while only connected to Wifi, internet doesn't work but i can connect to my VPN which is what I wanted. - one for the tun0 adapter which loads basic home rules when my VPN is ON. This should be ok because if my VPN drops then ESET switch to en0 zone and load the profile that only allow connection to my VPN. The problem is that while analyzing network trafic with ice floor PF states (and while VPN connected) i noticed some established connexion between my real IP (192.168.0.0/24) and internet. Which basically means that some trafic is not in the tunnel. I know with ice floor i could put custom rules like "block drop out quick inet proto tcp from 192.168.0.0/24 to any" and same for udp. I don't how I can do that with eset firewall : I can only says to the firewall "don't connect to that ip" but not "don't connect from that IP". Does anyone knows how I could deal with that problem ? Thanks