Jump to content

djmcfar

Members
  • Posts

    8
  • Joined

  • Last visited

About djmcfar

  • Rank
    Newbie
    Newbie

Profile Information

  • Location
    USA
  1. I used learning mode to fix the issue. Interesting that learning mode added the same rule that I did (except for UDP, which is irrelevant). Note to self - don't bother entering rules, as they will have no effect, instead let ESET add them via learning mode, then switch back to automatic mode.
  2. @LesRMed Thanks LesRMed, I moved it to the top after you showed me the arrows, but it didn't fix the issue. Other than that rule, I am running installed settings, so the ESET firewall must be more complicated when it comes to adding a rule. If you see this post could you tell me if the rule in itself looks okay to you ? Thanks
  3. One of our machines that has been running ESET Smart Security premium 16.x for almost 3 months with no modifications to settings, failed to allow inbound web traffic this morning (inbound requests to ports 80 or 443). I am very experienced with iptables, but not familiar with the ESET firewall. I added a rule in an attempt to remedy the situation, and it had no effect, so I turned off the ESET firewall off to allow the web server internet access (Apache for windows running a non-profit website). Wireshark traces showed that with the ESET firewall turned on, all remote and local inbound web requests were blocked. With iptables you can place rules anywhere you want in a chain, as the order of rule evaluation is extremely important with firewalls, but I couldn't find a way to do that with ESET, so my rule got added to the bottom of the list. Any suggestions would be greatly appreciated. Note that there are no other firewalls running on the machine at the time this change in ESET firewall behavior occurred. Thanks in advance.
  4. As you suggested, switching to "Trusted network" from "Use Windows setting", allowed the connection.
  5. Forgot to mention that the testing environment was the same as shown in the Wireshark snippet from my first post.
  6. I ran the Log Collector using the recommended settings for technical support (see photo below). One of the 2 warnings in the Log Collector log was that 'C:\ProgramData\ESET\ESET Security\EpfwUser.dat' was not found (I noticed that there was no attempt to pack it either, and in fact the file does not exist - see photos below). The archived log is attached to this message. Interesting that the missing file is 'EpfwUser.dat' considering the the user created rules don't work. essp_logs.zip
  7. Looking for an explanation of why I needed to run ESSP in interactive mode to enable access to a TCP port that already had a manually entered firewall rule, I decided to try another one just for testing, and got the same result. The test rule for the server is shown in the below photos (port 4321), along with a Wireshark capture showing the failed connection attempt from the client. I don't see why this rule isn't working. If anyone can shed light on it it would much appreciated.
  8. New Windows ESSP user. I am interested in some network activity regarding the firewall, so I ran ESET Log Collector in custom mode and the firewall log was produced (epfwlog.dat), however the log is saved as a binary file rendering it unreadable in a text editor. The same applies to all Log Collector files, so my question is, are these logs of any use to the home user (i.e. is there a utility to convert them to something like json, csv, text etc) ? Thanks in advance.
×
×
  • Create New...