Jump to content

Eset EES 10.0.2034.0 upgrade and destroyed FW rules by unlabeled ones (IDS_CONFENG_GENERAL_UNTITLED_LABEL)


Recommended Posts

On several customers Win 10 installations I found some FW rules after upgrade 9.1.20560.0 to 10.0.2034.0 replaced by Strict Disable Rules without label (on cfg XML export labeled as IDS_CONFENG_GENERAL_UNTITLED_LABEL) Those rules disables all incoming TCP/UDP.

It seems that upgrade replaced some  rules not labeled as learned. New rules by wide disable settings also shields all rules  in lower order in rules table. I was not yet  verified this by reproducing on clean Windows

I believe that reproducinf scenario is:

- W10 with 9.x (in PCs it was probably from V8.x upgraded also).

- Switch Fw to Interactive mode

- Start some app which forces ESET Dialog for rule creation

- upgrade to V10.x

- check if rule was changed to Disable all incoming TCP/UDP


May be it destroys only rules for exe binaries which are uninstalled, or served by other rules?. Lot of similar rules untouched, some replaced.But main disaster is made by shielding  subsequent rules. May be there is some inconsistency inherited from older EES versions (Generally errors alerts about rules table problems is very long time persisitng BUG 😕 ).

I will fill tickets ASAP, but before I will try to reproduce it on clean system. 

So for other users hit by this BUG - remove unlabeled FW rules, or if it is possible - better solution:  clean Rules table and switch to learning mode. (cleaning of rules table is little (almost hidden) grey 180deg turn arrow icon (in V10 I see it is more contrast one used - great!)

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...