Jump to content

Question about creating a rule in ESET Firewall

Alex33
 Share

Recommended Posts

Alex33

Alex33 0

Posted
Posted

When I create a new rule from the Outbound network traffic prompt window, and after I specify the "Application, Remove computer address, Protocol" (it has the same parameters as the current new connection) and then I click the  "Deny" button, the new rule is not applied until the connection occurs again in the future.
I was wondering why ESET Firewall can't apply the new rule immediately  ?


This problem doesn't happen if I select "Ask every time" and then click the Deny button, in this case ESET Firewall will block the new connection immediately.

Thanks

Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 4,706

Posted
  • Administrators
Posted

By clicking Allow or Deny you select an action for the existing connection. Afterwards the action will be remembered if you choose to save the rule.

Link to comment
Share on other sites
Alex33

Alex33 0

Posted
  • Author
Posted

For example, If I check for updates in VirtualBox(it could be any application), I get this prompt: 

VleUPi0.png

Then I click the Deny Button, and I get this window :

uauL0KG.png

---------------------------------------------------------------------------------------------------------------------------

So far so good, but if I decide to create a rule from the prompt window and then click the Deny button, ESET Firewall will allow the the existing connection to connect to the remove site and only start blocking the existing connection if I check for updates again.

UMIdVsF.png

BnV1DBQ.png

 

I was expecting that ESET Firewall would block the existing connection right away. I mean, in this example nothing bad will happen to your computer, but if the application is some kind of malware trying to call home, ESET firewall will allow the existing connection to connect.

Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 4,706

Posted
  • Administrators
Posted

We were unable to reproduce it. Please enable advanced firewall logging in the adv. setup -> Tools -> Diagnostics, then trigger the firewall window, select to create a rule and deny the communication. If the communication of the application was allowed, disable logging, collect logs with ELC as per the instructions linked in my signature, upload the generated zip file to a safe location and pm me a download link.

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...