fast

how can i create a ticket? have you a link?

I'm watching TV and my Firefox will freeze. I shutdown the Firefox on my task manager, and restart nothing happening. Check my Firewall rules on Eset, also freezing goes down. I restart my computer, try again. After few days, same problem. What i do is: 1. Repair my windows. 2. Check my Antivirus, nothing found. 3. I use only LAN, all shares is blocked.

Did you understand my problem? I need this dynamic "local zone" because they grep my dynamic IP. Or you can use some expressions variable in firewall rules?

Hi Marcos very simple, split the local zone in dynamic and Loopback address.

ok. How can i filtering the spoofing address ? 127.0.0.0/8 - This block is assigned for use as the Internet host loopback address. A datagram sent by a higher-level protocol to an address anywhere within this block loops back inside the host. This is ordinarily implemented using only 127.0.0.1/32 for loopback. As described in [RFC1122], Section 3.2.1.3, addresses within the entire 127.0.0.0/8 block do not legitimately appear on any network anywhere. Local Address Zone in your firewall has included this Loopback address. if you block anti spoofing filtering you block all other inside program. Local Address Zone is dynamic IP, your IP. If you block like this: Block source in "Zone locale Address" you block other internal program, because they use Loopback address.

can i use expression variable on this Firewall zone? to resolve this problem?

yes, i know, but the problem is on this zone use 127.0.0.1 address. you can see this RFC https://www.rfc-editor.org/rfc/rfc5735 This IP Address must be block inside on your network.. to protected, your network from spoofing. What is need is the dynamic IP Address without 127.0.0.1 address. Because i can't found a solutions, what is internal 127.0.0.1 or external 127.0.0.1 to communicate your computer. if a person came from 127.0.0.1 address you have a problem. normally this address will not routed, but your route compromise with mac spoofing, you open the door. 🐵

Hi Marcos Normally you make a firewall rules inbound to block some spoofing external addresses. example: you have a network address range like 192.168.5.0 /24 So you make a firewall rules inbound block source 192.168.5.0/24 to block some source address on this ip range. But Eset have defined a Firewall Zone "Local Address", they grep dynamically your network address. Example: 192.168.5.0, 127.0.0.1, ::1, etc.. That is the problem, Loopback address. 127.0.0.1, ::1 if you block on your Firewall in bound source, then you block all other app, because the user 127.0.0.1 address internal communications. Ok. you can sad, you can defined my own zone, yes, but not dynamically. Because i use VPN. they use dynamic IP's.

Hi Thank for your feedback. but local address zone, actually IP Address, and Loopback and Link local address. x.x.x.x (your address), 127.0.0.1, 169.254.0.0/16 (Link Local) If you make a firewall rules like spoofing and you use this local address zone, you have a litte problem with your other programms. Because they use also the loopback address 127.0.0.1. x.x.x.x (your address) set this dynamic, in VPN use 2 address, but i will use only this x.x.x.x on my rules. New IP set this automatically, if you change your vpn locations. that is the reason, how can i use this dynamical x.x.x.x address on my firewall rules?

restart the computer, same problem, exist, I check my harddiskk with ESET SysRescue Live but nothing found. Eset Antivirus (full scan) nothing found. Mailebyte is nothing found. i think the attack came from outside. i block temp. with src Inbound 127.0.0.0/8 Subnet, but if you restart you can't use other programms, because they use Loopback. But why can i not use Loopback interface in Eset? Block outside traffic on this interface?

Local proxy is disabled, no proxy is active. You mean the localhost file, localhost has changed, i have modified this file delete all ip Address. I will check this. Thank you

in this zone, is include loopback address, if you block inbound the src with local address zone, you block all other programms.

What can i do?

local address zone can't modify, and this zone use dynamic ip address. Can we use expression variable? Cheers Hans

Hi We have a lokal address zones with your own, loopback and link lokal address. Can we split all this address? I need only my own dynamic address or subnet address, because i will add this on my anti spoofing firewall rules. Cheers Hans