Jump to content

Firewall: Deny rule not respected if "Remember until application quits" is selected


Recommended Posts

I've noticed this strange behaviour, steps to reproduce:
1- Create a higher priority Block firewall rule for any application, both directions, any protocol, insert all IP ranges to monitor.
2- Create a lower priority Ask firewall rule for any application, both directions, any protocol, insert all IP ranges to monitor.
3- Start a browser (or any kind of software that connects to both IP ranges).
4- Visit a website that use the Ask rule IP ranges and select "Remember until application quits".
5- Visit a website that use the Block rule IP ranges, all traffic is allowed!

OR:
3- Start a browser (or any kind of software that connects to both IP ranges).
4- Visit a website that use the Block rule IP ranges, all traffic is blocked.
5- Visit a website that use the Ask rule IP ranges and select "Remember until application quits".
6- Visit again a website that use the Block rule IP ranges, all traffic is allowed!

The same happens even without an Ask rule, every software requesting network traffic, without an existing dedicated firewall rule, once allowed it can bypass the block rule.
IP filtering is my first layer of defence against threats and data theft, I'm really worried about this behaviour, do you have advices or suggestions?

firewall_not_working1.jpg

firewall_not_working2.jpg

firewall_not_working3.jpg

Link to comment
Share on other sites

Unfortunately, I can't open a ticket because of the captcha (I don't accept google's privacy policy).
At this point I will opt for the solution I wanted to avoid: create allow and block rules for every software and remove the ask rules.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...