labynko 6 Posted July 23, 2023 Posted July 23, 2023 Hello. After the release of the new firewall module 1438.2 dated 07/13/2023, problems began to be observed with blocking applications for which allow rules were created using environment variables (for example, %userprofile%). Programs begin to block a few hours after they have been launched. It helps to restart the blocked program. Is this a known issue and how soon will it be fixed?
PatrickB 0 Posted July 26, 2023 Posted July 26, 2023 (edited) Its certainly known to users, but ESET so far is yet to ackowledge anything except for "well, just create firewall rules for everything" Even though it has worked normally for years. Edited July 26, 2023 by PatrickB
labynko 6 Posted August 3, 2023 Author Posted August 3, 2023 I have collected, I hope, all the necessary information that can help deal with the problem. At the moment, I do not have the opportunity to create a case through my personal account, but I hope that ESET is interested in solving the problem. I recorded a video that demonstrates how ESET Endpoint Security 10.1.2046.0 blocks Opera's network communication with the ESET PROTECT web interface, ignoring an allow rule that specifies the process path using an environment variable. I sent the password and a link to the archive with diagnostic information to Marcus in private messages. 2023_08_03-10_44.mp4
Administrators Marcos 5,741 Posted August 4, 2023 Administrators Posted August 4, 2023 Thanks for the logs, we have successfully reproduced the issue. It will be fixed in the Firewall module 1440 soon. We have also fixed default rules that now match those from v10.0 and older, this fix will be distributed via an automatic module Configuration engine update soon. FRiC 1
labynko 6 Posted August 4, 2023 Author Posted August 4, 2023 Glad to hear that. Thank you. We are waiting for the update of the firewall module.
labynko 6 Posted August 10, 2023 Author Posted August 10, 2023 Marcos, how soon will a new version of the firewall module get into regular updates?
labynko 6 Posted August 15, 2023 Author Posted August 15, 2023 A month has passed since the release date of the firewall module 1438.2. When will the new version of the firewall module get into regular updates?
Administrators Marcos 5,741 Posted August 15, 2023 Administrators Posted August 15, 2023 The firewall module 1439 has been fully released just yesterday, we are now working on v1439.1 which is expected to include also a fix for the variables in the app path. It should be available on the pre-release update channel around Oct 21.
labynko 6 Posted August 27, 2023 Author Posted August 27, 2023 Almost two weeks have passed, and the firewall module version 1438.2 has been distributed in regular updates and is still being distributed. At the same time, it's funny that if you install ESET Endpoint Security 10.1.2050.0, then the firewall module will have version 1439, and if you upgrade to ESET Endpoint Security 10.1.2050.0, it will be 1438.2. What is the reason for such a delay?
Administrators Marcos 5,741 Posted August 27, 2023 Administrators Posted August 27, 2023 The firewall module 1439.1 with a fix was put on the pre-release update channel on August 21. I assume that we'll start to distribute it gradually to users on the regular update channel next week.
labynko 6 Posted September 21, 2023 Author Posted September 21, 2023 Do I understand correctly that the problem has not yet been resolved, and it will be resolved in version 1440 of the firewall module, which will be released on October 21?
Administrators Marcos 5,741 Posted September 21, 2023 Administrators Posted September 21, 2023 The issue was addressed in the Personal firewall module 1439.1 fully released on Sept. 5.
labynko 6 Posted September 22, 2023 Author Posted September 22, 2023 (edited) I inform you that the problem indicated in the topic is not resolved in the firewall module 1439.1. After the new version of the firewall module was installed, in my case it was 09/06/2023, a problem arose with Opera at least four times. Sometimes restarting the browser does not help, and you have to restart it again. Edited September 22, 2023 by labynko
Administrators Marcos 5,741 Posted September 22, 2023 Administrators Posted September 22, 2023 Then it must be a different issue. What we have fixed was that a restart of the application was needed for the firewall rule to work. Please raise a support ticket.
Recommended Posts