Jump to content

(Solved) ESET Internet Security v10.1.204 Firewall bug


Recommended Posts

The OP is running either Internet Security or Smart Security; not sure which since he referenced both. In any case, he is not running Smart Security Premium. So the problem appears to be with IS or SS 10.1.240.

Also other people in another thread are reporting problems with Learning mode in addition to Interactive mode.

Best advice for ver. .240 is to run the firewall in default Automatic mode or roll back to ver. 10.0.390 till Eset figures out what the problem is.

Edited by itman
Link to comment
Share on other sites

  • ESET Insiders
3 minutes ago, itman said:

The OP is running either Internet Security or Smart Security; not sure which since he referenced both. In any case, he is not running Smart Security Premium. So the problem appears to be with IS or SS 10.1.240.

Also other people in another thread are reporting problems with Learning mode in addition to Interactive mode.

Best advice would be for ver. .240 is to run the firewall in default Automatic mode or roll back to ver. 10.0.390 till Eset figures out what the problem is.

I'm running EIS, didn't test ESS but i can test it if the moderators want

 

6 minutes ago, cyberhash said:

Unsure as to why yours is broken, but here is a video of mine working without fault.

Are you running your Firewall in Interactive mode ?

Link to comment
Share on other sites

  • Most Valued Members
3 minutes ago, itman said:

The OP is running either Internet Security or Smart Security; not sure which since he referenced both. In any case, he is not running Smart Security Premium. So the problem appears to be with IS or SS 10.1.240.

Also other people in another thread are reporting problems with Learning mode in addition to Interactive mode.

Best advice would be for ver. .240 is to run the firewall in default Automatic mode or roll back to ver. 10.0.390 till Eset figures out what the problem is.

Well spotted itman :) . That would probably explain why i am not having issues because i am running "premium". Might be easier for them to fix out the problem with EIS if it's running properly with ESSP.  Apologies BALTAGY ...........

 

Link to comment
Share on other sites

Also a FYI. If you run the firewall in Automatic mode, it does not mean that any existing firewall rules are not be applied. They are. In Automatic mode, any future new outbound activity for which there is no existing rule will be allowed.

 

Edited by itman
Link to comment
Share on other sites

  • Most Valued Members
1 minute ago, BALTAGY said:

I'm running EIS, didn't test ESS but i can test it if the moderators want

 

Are you running your Firewall in Interactive mode ?

Yes i use interactive mode as automatic has always caused issues for me. But itman has hit the nail on the head ....... it's EIS that's the problem and not ESSP that i am running that has issues. Hopefully this post can help ESET identify the problem you are having with EIS , by checking the differences against ESSP firewall.

Link to comment
Share on other sites

  • ESET Insiders

I will test ESS and ESSP and let you guy's know, so we know who's have the problem

Link to comment
Share on other sites

Also one way you can get Interactive mode firewall behavior while running in Automatic mode is to do the following.

Create a rule to ask and alert for any outbound traffic. Note that it is critical that this rule always exists at the bottom of all existing rules. This means that every time a new firewall rule is created, the ask outbound traffic rule is always moved to the bottom of the existing rule set.

Link to comment
Share on other sites

  • Most Valued Members
9 minutes ago, BALTAGY said:

Ok i tested ESS and ESSP and both have same problem

Hmm , makes no sense when my ESSP works fine :blink:

Link to comment
Share on other sites

8 minutes ago, BALTAGY said:

Ok i tested ESS and ESSP and both have same problem

Take a close look at the Eset default firewall rules since these are executed prior to any user created rules. First, make sure the rules for ekrn and equi are enabled. If they are not, enable them and see if that solves the issue.

Next, closely examine your existing IDS rules. If they are not set to default values, they will change what default rules are active for the Eset firewall.

Next, make sure all user created rules are positioned below all Eset default rules. Remember that the Eset firewall executes rules from top to bottom of the rule set.

Finally, make sure there is no rule that is monitoring(ask mode) all outbound traffic. If such a rule exists and it is positioned prior to outbound traffic allow rules, it will override all outbound traffic allow rules.

Link to comment
Share on other sites

  • ESET Insiders
4 minutes ago, itman said:

Take a close look at the Eset default firewall rules since these are executed prior to any user created rules. First, make sure the rules for ekrn and equi are enabled. If they are not, enable them and see if that solves the issue.

Next, closely examine your existing IDS rules. If they are not set to default values, they will change what default rules are active for the Eset firewall.

Next, make sure all user created rules are positioned below all Eset default rules. Remember that the Eset firewall executes rules from top to bottom of the rule set.

Finally, make sure there is no rule that is monitoring(ask mode) all outbound traffic. If such a rule exists and it is positioned prior to outbound traffic allow rules, it will override all outbound traffic allow rules.

- ekrn and egui is allowed

- IDS rules is defaults also when i tested on the video it was clean install and didn't change anything except made the Firewall Interactive mode

- All created rules are below ESET defaults rules

- No such rule

Link to comment
Share on other sites

  • ESET Insiders

The problem is that the ESS simply does not observe the created rules and continues with applications, although these have a rule already, is the same problem what Eset had with the hip!

(German: Das Problem ist das die ESS einfach die Erstellten Regeln nicht Beachtet und weiter bei Anwendungen Nachfragt, obwohl diese eine Regel schon haben , ist das gleiche Problem was Eset mit dem Hip hatte!)

Link to comment
Share on other sites

Appears to me that Eset's firewall has a "hidden" outbound ask rule that is activated when Interactive mode is selected. Normally that rule would be executed after all existing rules have been parsed. Looks like this processing is "borked" in the 10.1.204 ver. and the rule is being internally activated prior to the execution of any existing user rules. 

Edited by itman
Link to comment
Share on other sites

  • ESET Insiders

I hope the Eset fixes the error quickly, because this is the firewall is not really use! 

(German: Ich Hoffe das Eset den Fehler zügig Behebt, denn so ist die Firewall nicht wirklich zugebrauchen!)

Link to comment
Share on other sites

  • ESET Insiders

It's now happening without even running Microsoft Edge, backgroundTaskHost.exe now asking me about every connection even there's a rule for it

 

I think it's time to go back until this problem be fixed and until Moderators replay maybe before the end of this year!

Link to comment
Share on other sites

Windows 10 pro x64 1703 , ESET Internet Security 10.1.204.3

At the firewall is everything standard, only not automatic but interactive mode.

I have the same problem. The firewall does not respect all rules.

It works for example fine with firefox, vivaldi, tor-browser or teamviewer

It works not for example with MSN weather, BackgroundTaskHost, cortana or edge - here it always asks for the same permit although rules already exist. So it is unusable.

In version 10.0.390 everything was fine, so I will downgrade until there will be a solution.

Link to comment
Share on other sites

ESET, please fix this firewall bug! The firewall is virtually unusable in ESS v10.1.204 (on Windows 10 Enterprise v1607 x64). And a downgrade isn’t an option for me, because with the previous ESS version I experienced network protection problems (just like user Arash in the other thread).

Link to comment
Share on other sites

  • Administrators

The issue is not related to a particular version of ESS/EIS and it's caused by the firewall module which is same for all versions. A newer firewall module with a fix is planned to be released next week.

I would strongly recommend keeping pre-release updates enabled on non-production systems. This way you will be able to switch between the previous and current version of a module in case you encounter an issue and report it to ESET, giving us enough time to fix it before the module is released for all users.

Link to comment
Share on other sites

Same bug... this is EXTREMELY annoying clicking 100 times the freaking prompts.

Hope this is solved soon !

I used the rollback to previous modules and now definition update is locked, is there a way to rollback only specific module to previous version while keeping all the rest to current version (including definition updates) ?

Link to comment
Share on other sites

  • ESET Insiders

Nun, das wäre mal ganz gut, wenn Eset nenn Fehler mal wäre rechtzeitig fixes, na dort bin ich wirklich wirklich auf sie aufgeregt!

(German: Na das wäre ja mal was feines, wenn Eset nenn Fehler mal zeitnahe Beheben würde, na da bin ich ja mal wirklich gespannt drauf!)

Edited by SlashRose
Link to comment
Share on other sites

  • Administrators
1 hour ago, tiliarou said:

Hope this is solved soon !

I used the rollback to previous modules and now definition update is locked, is there a way to rollback only specific module to previous version while keeping all the rest to current version (including definition updates) ?

Switch to pre-release updates in order to receive a fixed firewall module at the beginning of the next week.

Link to comment
Share on other sites

  • ESET Insiders
12 hours ago, Marcos said:

The issue is not related to a particular version of ESS/EIS and it's caused by the firewall module which is same for all versions. A newer firewall module with a fix is planned to be released next week.

I would strongly recommend keeping pre-release updates enabled on non-production systems. This way you will be able to switch between the previous and current version of a module in case you encounter an issue and report it to ESET, giving us enough time to fix it before the module is released for all users.

I downgrade to v10.0.390 with same Firewall module: 1349.3 (20170410) and it's working fine

In EIS v10.1.204 with same Firewall module: 1349.3 (20170410) i have the problem

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...