Is it in anyway possible to set rules without entering interactive mode? I'm in automatic mode, but I want to allow incoming connections on a certain port/application. Every time I try and communicate with that application or port remotely, it just gets blocked.

No need to set it to interactive for the need of only one rule, and then be forced to make a rule for every other connection.

Would it work if I went into interactive mode, added a rule, then switched back to automatic? Would it preserve the rule?

No. You could create rule and then return to Automatic and the rule would be retained.

Create the desired rules in the interactive mode, switch to the policy-based mode and enable the following rules:
1, block all unknown inbound traffic
2, allow all outbound traffic

-{ Quote: "Create the desired rules in the interactive mode, switch to the policy-based mode and enable the following rules:
1, block all unknown inbound traffic
2, allow all outbound traffic" }-

Is this because rules are followed in interactive & policy modes, but ignored in automatic mode? (Trying to come to grips w/ the ESET structure.)

-{ Quote: "Is this because rules are followed in interactive & policy modes, but ignored in automatic mode?" }-


Yes , it is.

Me bad....>:( Rule is retained, but not in force if you return to Automatic Mode.

-{ Quote: "No. You could create rule and then return to Automatic and the rule would be retained." }-

In order to make the firewall work like in automatic mode whilst applying rules you have defined, please follow my instructions in post #3.

-{ Quote: "..............
2, allow all outbound traffic" }-

What about stopping zombie/robot outbound, esp those that contribute to DOS attacks on other sites? I suppose malware detection should have caught any resident, but what if it hasn't?

-{ Quote: "Create the desired rules in the interactive mode, switch to the policy-based mode and enable the following rules:
1, block all unknown inbound traffic
2, allow all outbound traffic" }-
Marcos,

I created the rule and switched to policy based mode as you said.

However, I was unable to find where to enable those 2 options. In the rule editor where I added the rule in interactive mode, I didn't see those 2.

Once in policy based mode, can you tell me where to find those 2 options? They weren't in the rule list.

Thanks.

In Advanced Setup/Personal Firewall/Rules & Zones the (for me) Default "Rules to Display" at bottom is "User & Pre-Defined Rules (sounds logical & complete - but it isn't). The Drop-Dn menu allows "All Rules" and that's when you'll see those Marcos Rules in Zone & Rule Editor.

I twice have posted the Marcos Inbound selection did not exist but stumbled on it this a.m. Well intentioned Help with ESS still requires imagination, exploration, and patience.

Thx Cosmo26 for needed additional info...
-----------------
added:
and after this you get :"Your system has achieved a perfect "TruStealth" rating".....

-{ Quote: "In Advanced Setup/Personal Firewall/Rules & Zones the (for me) Default "Rules to Display" at bottom is "User & Pre-Defined Rules (sounds logical & complete - but it isn't). The Drop-Dn menu allows "All Rules" and that's when you'll see those Marcos Rules in Zone & Rule Editor.

I twice have posted the Marcos Inbound selection did not exist but stumbled on it this a.m. Well intentioned Help with ESS still requires imagination, exploration, and patience." }-
Hi,

Thanks, I see them now... and they are enabled, along with ALL other rules. But once I press OK, I can't browse the internet... it seems that everything is blocked?

Do I need to uncheck any of the rules? Right now they're ALL checked, in addition to my one added rule which is just to allow communication on one port.

-{ Quote: "Hi,

Thanks, I see them now... and they are enabled, along with ALL other rules. But once I press OK, I can't browse the internet... it seems that everything is blocked?

Do I need to uncheck any of the rules? Right now they're ALL checked, in addition to my one added rule which is just to allow communication on one port." }-

If you enable the rule that allows all outbound traffic and concurrently enable the rule to block all outbound traffic, the latter will take precedence over the former one as blocking rules have higher priority.

I don't know what I'm doing wrong... but I still can't connect to VNC on port 4899 from another computer.

I switched to interactive, added the rule to allow communication port 4899 both ways. Switched to policy based mode, chose to show ALL rules, unchecked block outbound traffic.

I tried to uncheck "block all unknown incoming traffic" just to test it, but that did nothing either.

It still doesn't work.