Interactive Firewall useless since 16.2

[Manly Electronics 6]

Since 16.2.11.0 Interactive Firewall mode prompt does not pass Remote computer and Remote port values to the rule creating window. 

The only option left is to allow Any for this program. That defeats the purpose of the interactive firewall.
Plus, accessing rules requires more clicks. And 16.2 rules table missing ports and protocols columns.

ver 16.1

 

ver 16.2

 

Edited August 2 by Manly Electronics

[Marcos 4,844]

It is not a bug, this change was intentional, however, we will most likely improve it in the next versions of the product. Also the list of available columns in the rule editor will be extended.

[Pax 2]

I honestly thought this was a bug.

This is a huge regression from the previous version, without an option to roll back to the previous version both in UX and features. People who don't fiddle with these options will use automatic mode.

On top of that, there's not even an option to download the previous version under advanced download anymore...

Edited August 2 by Pax
extra

[Patch 16]

So with the new interactive rule creation editor, how is it intended the user determine what is the minimum port, protocol and host required for the current data transmission?

Edited August 3 by Patch

[Manly Electronics 6]

On 8/2/2023 at 4:36 PM, Marcos said:

It is not a bug, this change was intentional, however, we will most likely improve it in the next versions of the product. 

There is more.. Choosing ‘Edit rule before creating’ allows Any for this program ignoring ports and previous rules of higher priority.
Choosing ‘Create rule and remember permanently’ and Alow, give access to the  entire application ignoring ports and destinations.
Choosing ‘Create rule and remember permanently’ and Deny entire application blocked, ignoring previous Allow rules of hire priority. 

The only intentional such deceptive app behaviour can be if that was a stub, a placeholder code used in MVPs for presentation before beta.. ! 
 

[Shamaz Zeb 1]

I agree with the critics. This update was disastrous for my workflow. On top of this issue, it seems like I can't change the firewall profile manually anymore.

I can't imagine the reasoning for the change in the Interactive mode. Until now it was easy to create a rule for specific IP and ports in one single pop up window. Now we have to go through two windows and no auto-filled information.

I agree with what was said, for a security product, this all seems deceptive.

Would be great if Eset could rollback some of these "features" and changes at least until the new features are more finished.

[Marcos 4,844]

The interactive window will be improved. If you wish, you could join the Insider program and so provide feedback on new Insider versions in advance before the version is made available to the public.

[fbeltrao 5]

This is driving me nuts, I can't work anymore, the firewall keeps bugging me to take a decision, even allowing everything, my software that use network licensing stopped to work.

 

 

[EISUser 1]

Oh thank God someone posted this. Exactly  same experience Manly Electronics.

Contact support by chat and they were clueless and tried to convince me that this updated method was more secure. 🤨

Two days later, for whatever reason, EIS decided to block my nic from getting an IP from my router. Ended up having to uninstall and reinstall.

Ready revert to v15 assuming I can prevent auto upgrade to v16.

[fbeltrao 5]

I had to downgrade to 16.1.14 and block EIS from making version update, current 16.2.x is unusable, I couldn't use any software that makes online license checks, they were all having timeouts and closing, making me loosing my work.

[Pax 2]

6 hours ago, fbeltrao said:

I had to downgrade to 16.1.14 and block EIS from making version update, current 16.2.x is unusable, I couldn't use any software that makes online license checks, they were all having timeouts and closing, making me loosing my work.

Does this stick?

Mine auto updated to 16.2 during the day.

[Marcos 4,844]

7 hours ago, fbeltrao said:

I had to downgrade to 16.1.14 and block EIS from making version update, current 16.2.x is unusable, I couldn't use any software that makes online license checks, they were all having timeouts and closing, making me loosing my work.

Do you use automatic, interactive or learning mode? Does switching to other that the policy-based mode make a difference?

Please carry on as follows:

1. Enable advanced logging under Help and support -> Technical support
2. Reproduce the issue
3. Stop logging
4. Collect logs with ESET Log Collector and upload the generated archive here.

[Marcos 4,844]

9 hours ago, EISUser said:

Two days later, for whatever reason, EIS decided to block my nic from getting an IP from my router. Ended up having to uninstall and reinstall.

Couldn't it be that you are using the policy-based mode? Otherwise all DHCP communication should be allowed.

[Tony XP 2]

No... We are a reseller and I can tell you that the update is a disaster. All applications that worked properly until then are blocked. Since the 16.2.11.0 update, we have been receiving a lot of calls. Setting up the firewall interactively requires the same exclusions continuously. This is an unmanageable situation and your support is overwhelmed, I waited 30 minutes before I could speak to someone who had no solution.

[Marcos 4,844]

2 hours ago, Tony XP said:

All applications that worked properly until then are blocked. Since the 16.2.11.0 update

Please provide ELC logs from such machine here. There are basically these issues with v16.2:
1, With default firewall rules which affects users using the policy-based mode
2, Ekrn crashes if a GSM/LTE modem is used.
3, If a variable is used in the application path, the rule will take effect only after restarting the application.

Other than that, firewall rules should work properly.

[Manly Electronics 6]

10 hours ago, fbeltrao said:

I had to downgrade to 16.1.14 and block EIS from making version update, current 16.2.x is unusable, I couldn't use any software that makes online license checks, they were all having timeouts and closing, making me loosing my work.

How did you downgrade and stop updates ?

[Marcos 4,844]

We're gonna provide v16.2.13 with a fix for the default firewall rules affecting policy-based mode and the GSM/LTE issue as early access later today if everything goes well.

[fbeltrao 5]

5 hours ago, Pax said:

Does this stick?

Mine auto updated to 16.2 during the day.

 

2 hours ago, Manly Electronics said:

How did you downgrade and stop updates ?

There is an option in advanced setup to block ESET product from making automatic version upgrades, it's under Update > Profiles.

I had to find EIS version 16.1.14 elsewhere, since ESET themselves don't provide old versions, at least publicy. Of course I checked file signatures to make sure it's the official installer and not tampered.

 

5 hours ago, Marcos said:

Do you use automatic, interactive or learning mode? Does switching to other that the policy-based mode make a difference?

Please carry on as follows:

1. Enable advanced logging under Help and support -> Technical support
2. Reproduce the issue
3. Stop logging
4. Collect logs with ESET Log Collector and upload the generated archive here.

I use interactive mode. I tried many things but I didn't take note, so to stop wasting time, I just downgraded the version altogether and now everything is working as intended.

 

[Marcos 4,844]

Version 16.2.13 is now available for download as early access from https://forum.eset.com/files/file/117-eset-security-16213/.

[Tmod 3]

13 hours ago, Marcos said:

Version 16.2.13 is now available for download as early access from https://forum.eset.com/files/file/117-eset-security-16213/.

Does this update solve the  issues with interactive mode?

[Marcos 4,844]

1 hour ago, Tmod said:

Does this update solve the  issues with interactive mode?

It contains the following fixes which should not affect interactive mode. The second one should affect only those who use the policy-based mode:

- fix for crashes on systems with GSM/LTE modems
- fix for firewall issues that manifest in policy-based mode due to differences in default firewall rules

[JWT 3]

On 8/3/2023 at 11:04 PM, fbeltrao said:

This is driving me nuts, I can't work anymore, the firewall keeps bugging me to take a decision, even allowing everything, my software that use network licensing stopped to work.

 

 

Having the exact same issue here since the update.  Been pulling my hair out having to approve the same rule x15 times, sometimes more.  Having spent a short time fumbling though the new UI I thought it were something I was doing wrong.

Very poor move on ESETs behalf to push this update out half finished.  I cannot express enough how disappointed I've been with this service for the past year.  One more straw on the camels back.

[Marcos 4,844]

Please switch to the pre-release update channel in the advanced setup. Should you still have some issues with the firewall, please provide more details so that we could try to reproduce it by following your instructions.

[JWT 3]

No thanks, I would rather have a stable and fully functional product like im paying for.

My solution, like many others on this forum, was to downgrade to v16.1.14 and block any version updates until ESET resolves this mess.  I'll keep checking in monthly to see what progress is being made.

[Manly Electronics 6]

On 8/3/2023 at 8:18 PM, Marcos said:

The interactive window will be improved. If you wish, you could join the Insider program and so provide feedback on new Insider versions in advance before the version is made available to the public.

What are insider's benefits and how to join?