A couple questions about the firewall

[j_mo 2]

I'm not having any technical issues per se, more like a little configuration confusion. In other firewalls I've used, they will usually have a distinct local/LAN zone and a WAN/internet zone. ESET seems to have instead by default a localhost zone, LAN zone and "DNS servers" zone. In addition to the port visibility zone; if someone could explain that to me it would help because it isn't in the docs.

I assumed that the DNS server zone was comparable to a WAN zone, since it included my router gateway IP, but when I make rules using that zone it does not grant access to the internet. I assume it is only granting access to that gateway IP. What is the point of that? To deny access to the internet? That's the only one I can think of.

It seems a bit inaccurate to call my gateway IP a DNS server anyway since I do not even use the DNS servers configured in the router. My encrypted DNS traffic simply passes through with everything else. So in the absence of a WAN zone, I need to create a deny rule for the trusted zone in order to only grant it internet access? I guess that's not really a big deal.

For example, I keep getting alerts for the BITS service wanting to connect to the gateway IP. I'm not sure why it is the only one that does this and why it's doing it. Everything else shows the remote destination, or the LAN IP of a specific host, or a multicast or network broadcast IP. Never the gateway, I don't really want to allow that connection until I know what it is. BITS is a pain in the , because it's the one service/dll I can't easily figure out what launched it. Its event log will tell me the URL BITS is trying to connect to, but that doesn't always help. So why is BITS's requests showing the gateway IP instead of the destination?

Any assistance would be appreciated.

[j_mo 2]

Nobody has any insight? Guess I'll ask support then.