Jump to content

Small bug with "Use direct connection if proxy is not available"


Recommended Posts

Posted

We have ESET PROTECT VA and we're using it's proxy without issues. I wanted to do some experiment. Using iptables on server i blocked connections from my IP to port 3128 so my PC can't connect to proxy. I wanted to check if ESET Endpoint Security (v9.1.2051.0) would really use direct connection. And what I found out during testing was very weird. When I clicked on "Check for updates", it would try to connect to proxy for ~4 minutes and after those 4 minutes it would connect directly to eset servers and update just fine. I think that 4 minutes are much too long, especially since it receives "ICMP Destination unreachable (Port unreachable)". Here's a screenshot from wireshark, you can see it constantly tries to connect to proxy, receives Destination unreachable and tries again, and again, and again, and again, instead of just doing direct connection after first failed attempt.

Can you tell me something about this behavior? Is this as intended? Can it be changed? Will you classify it as a bug and fix it?

 

Clipboard02.png

  • Administrators
Posted

As far as I know, the product goes through all update servers first and then falls back to using direct connection so yes, the "lag" is expected.

Posted

But this is not a problem with "ESET can't connect to update server", it a problem with "ESET can't connect to proxy server". ESET should be aware that it can't connect to proxy server, but as it seems right now (like you explained) it doesn't know it and assumes it can't connect to update server and tries another one. From my perspective, it's a design flaw that can be called a bug.

  • Administrators
Posted

Please carry on as follows:

  1. Enable advanced logging under Help and support -> Technical support
  2. Run update to reproduce the issue
  3. Stop logging
  4. Collect logs with ESET Log Collector and upload the generated archive here.
  • Administrators
Posted

According to the logs it takes 1,5 to fallback to a direct connection. Had there been a new module update, an automatic update task would have downloaded it after 1,5 minute. The update progress bar lasts longer because also a check for pico updates and program updates is performed when update is run manually.

Posted

Thanks for explanation. I still think it would be viable to change update procedure. Eset should detect that it can't connect to proxy and switch to direct connection immediately. That way the whole process should be much faster, I know that 99,99% of users won't notice the difference.

  • Administrators
Posted
33 minutes ago, kapela86 said:

Thanks for explanation. I still think it would be viable to change update procedure. Eset should detect that it can't connect to proxy and switch to direct connection immediately. That way the whole process should be much faster, I know that 99,99% of users won't notice the difference.

The delay is there to give the system enough time to establish an Internet connection on system start.

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...