tjack 0 Posted July 4, 2020 Share Posted July 4, 2020 Hi, I get "No usable rule found" records in firewall log, Action is Blocked, connection blocked. Firewall is in Interactive mode. No pop-ups show up for new inbound and outbound connections. Applies to ESET Internet Security, Windows 7. Please help. Details: I assume "No usable rule found" log record should never appear while firewall is in Interactive mode. The purpose of Interactive mode is to show firewall request upon each new connection which doesn't fit any existing rule. In my case that doesn't happen, when no rule fits connection is just blocked with such a log. Also, nothing is in Setup - Protection - Troubleshooting wizard, just 0 records. 1. I have hundreds of firewall rules - could that be the trigger for the solution to work incorrectly? I have enough RAM and CPU. 2. I reinstalled the EIS a few times, it worked fine in Interactive mode until I imported settings which included those firewall rules. Sure I can recreate rules from scratch but in that case I'd lose lots of my time spent on configuring those rules, and if the root cause is amount of rules the issue would come up again. Not having those rules isn't an option as that would effectively diminish the purpose of having ESET firewall. Thank you. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted July 4, 2020 Administrators Share Posted July 4, 2020 Please provide logs collected with ESET Log Collector. Link to comment Share on other sites More sharing options...
tjack 0 Posted July 4, 2020 Author Share Posted July 4, 2020 It would take some time to prepare them. Do you have any ideas in the meanwhile re: why this could be? Link to comment Share on other sites More sharing options...
itman 1,659 Posted July 4, 2020 Share Posted July 4, 2020 (edited) 13 minutes ago, tjack said: Do you have any ideas in the meanwhile re: why this could be? Take a close look at Eset default firewalls that exist prior to importing your existing firewall rules. If I recollect, a rule is added at the end of the rule set when Interactive mode select that is in essence an ask rule for any inbound and outbound network traffic. If that rule is removed, Eset will then block by default anything which hasn't been satisfied by an existing firewall rule. Or, the above ask rule is hidden but still exists. If you import settings for a prior export where Interactive mode had not been enabled, this also would remove this hidden ask rule regardless of if the firewall was set to Interactive at the time of the import activity. Edited July 4, 2020 by itman Link to comment Share on other sites More sharing options...
Recommended Posts