MrZork 3 Posted November 2 Posted November 2 This was a feature I suggested in the future thread for ESET. To group Firewall and HIPS rules by Application as Outpost Firewall did. (Not every rule has an application, but the vast majority do.) So when you open the UI for Firewall rules, so you see a list of applications, opening the application reveals the set of rules for that app. (Rules without an app would be in a "system rules" section.) This would be a great improvement over the current situation where all the rules are dumped in a huge list that's painful to navigate and update. Quote
Administrators Marcos 5,468 Posted November 2 Administrators Posted November 2 Unfortunately I don't have any information about Application control. I can only say that it's not planned for the next year. Quote
Joshua44 0 Posted November 2 Posted November 2 25 minutes ago, Marcos said: Unfortunately I don't have any information about Application control. I can only say that it's not planned for the next year. It's disappointing to hear that Application Control isn't on the roadmap for next year, but it's good to have clarity. Hopefully, there will be more features in the future that can enhance user experience. If you hear anything else, please share! Quote
MrZork 3 Posted November 3 Author Posted November 3 My post wasn't about "Application control," which would imply to most people a behavior change or new functionality. It was about improvements to the UI that would group rules together by application to make the rules easier to edit. You say you're not aware of any such future change, so how would I make the suggestion to the developers? Can you forward that to the developers as a question or suggestion? Quote
Administrators Marcos 5,468 Posted November 3 Administrators Posted November 3 To me Application Control means merging the HIPS and firewall rules into a single pane. This is not planned for the next year at least. Quote
itman 1,807 Posted November 3 Posted November 3 (edited) 9 hours ago, MrZork said: It was about improvements to the UI that would group rules together by application to make the rules easier to edit. The problem is Eset firewall rules are positional dependent. The rules are executed in top-to-bottom precedence. What is being suggested is a "cosmetic" change that would group rules by app but would have no effect on actual rule execution order. One way this could be done is to add a rule execution order column to the Eset GUI where firewall rules are displayed. A number value from 1 to xxxxx in this column would show the actual order the rule is being executed. Problems with this approach. When a new rule is manually added, the numeric value of the proceeding rule would have to be specified to indicate the positional location where the rule is to be added. Then all following rules will be renumbered. Doubtful Eset would incur the expense for the above. What Eset could do at minimal cost would be a provide a "sort by app" feature to the GUI which would be manually selected. This would be a temporary display of sorted rules which would be deleted upon exiting the display. The problem with this is the execution order context of the rules will be lost which is critical in determining rule functionality. As far as HIPS rules go, their execution order are not position dependent. Allow rules are executed before other rule types. Providing an option to permanent sort these rules by app should be relatively easy to accomplish. Edited November 3 by itman Quote
MrZork 3 Posted November 5 Author Posted November 5 (edited) On 11/3/2024 at 2:31 PM, itman said: The problem is Eset firewall rules are positional dependent. The rules are executed in top-to-bottom precedence. What is being suggested is a "cosmetic" change that would group rules by app but would have no effect on actual rule execution order. One way this could be done is to add a rule execution order column to the Eset GUI where firewall rules are displayed. A number value from 1 to xxxxx in this column would show the actual order the rule is being executed. I don't follow at all. The relative order of rules that apply to different applications is irrelevant -not important. Within the dialog editing the rules for a specific application, the order of the rules is important, but not between applications. So, again, my suggestion would only require refactoring of the UI. Internally, the rules for different applications could be put in any relative order when the dialog containing all the application rules is saved/closed without changing behavior. Right now, editing the single global list of rules is very tedious. For example, there's no way to move more than one rule at a time. In fact it's so tedious that I wrote a tool to convert the exported rules (exported by ESET) into JSON where any number of tools can be used to manipulate them. After reordering or manipulating the rules as JSON, I re-import them. Obviously, this a huge PITA. Edited November 5 by MrZork Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.