Jump to content

Recommended Posts

Posted

The interactive mode of my firewall is not working as intended. It blocks all non explicitly allowed connections without prompting.
Since when I upgraded to ESET 9 the problem occurred. I even uninstalled it and installed it again (exported/imported all my settings) the problem did not resolve.

In my log the blocked connections no rule name is specified.

I'd checked all firewall rules, but I can not find global deny rules.

<ESET><LOG><RECORD>
      <COLUMN NAME="Time">8/29/2016 5:14:25 PM</COLUMN>
      <COLUMN NAME="Event">Communication denied by rule</COLUMN>
      <COLUMN NAME="Source">X.X.X.X:1843</COLUMN>
      <COLUMN NAME="Target">X.X.X.X:80</COLUMN>
      <COLUMN NAME="Protocol">TCP</COLUMN>
      <COLUMN NAME="Rule/worm name"></COLUMN>
      <COLUMN NAME="Application">C:\XXX.exe</COLUMN>
      <COLUMN NAME="User">xxx</COLUMN>
</RECORD></LOG></ESET>

  • Administrators
Posted

It sounds like a blocking rule is higher in the rule list than the appropriate allowing rule. Without checking your rule list and knowing what communication you would like to allow or to be asked about we can't tell more.

Posted (edited)

It blocks all non explicitly allowed connections without prompting.

Sounds to me you enabled the default deny all inbound/outbound connections that resides at the bottom of the firewall rule set. I did the same thing initially.

 

That rule should only be enabled when running the firewall in policy mode. Disable that rule and make sure the firewall is set to interactive mode. You will then start getting alerts of anything for which an existing rule does not exist.

Edited by itman
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...