Hi

Got a problem with this here.

The log is full of 'Protocols' and I had to go to Advanced Options and disable Protocols otherwise I could not get out anywhere.

This is on Dial-Up and XP Home.

Hi,

Could you open the Console, clic on Driver Logs, and tell us what is the blocked protocol ?

Did you update from 2.05b1 (and you didn't have this problem before) or is it a fresh install ?

Thanks,

Frederic

Hey aptisman

By Default WANARP.SYS is detected and configured to block, you must Allow manually… ;)

Yes, it's WANARP.SYS which is showing as blocked in the Console, although it's shown as allowed under 'Advanced Options/Protocols'.

Phantom, how do I allow it manually please?

Sorry, I should have said I did upgrade from 2.05b1 and I did not have this problem before.

Goto Protocol Filtering settings and select that Protocol Driver and click BLOCK, apply and go back and now "Allow".

:)

Hey aptisman

Yea it seems to be minor problem we overlooked, upgrading over the existing somehow reset the Protocol Driver choices

Thanks Phantom, I have done that, I think correctly, but it has not helped. Nothing is resolving with Protocols enabled.

Hey aptisman

Try deleting that driver from the list, and try to surf, go back and authorize that driver which should be placed back into the Protocol filtering list.

Deleted it, tried to surf but it did not re-appear in the list.

I added it back manually but that did not help either!

Delete it from the list, re-boot the machine.

Normally when a newly Protocol Driver becomes detected it automatically adds with a Block, In Internet Filtering screen you should see indications with "Protocol" alerts.

Re-booted and it's back in the list. Allowed it but no joy, still nothing resolving with Protocols enabled.

Disabling Protocol Filtering Feature, does this fix the problem? In Look 'n' Stop Internet Filtering screen do you see "Protocol" alerts?

In Welcome screen, what you see for "IP Address:" ?

Yes, disabling Protocol Filtering fixes the problem.

Not sure what you mean 'do I see Protocol alerts in Internet Filtering screen, sorry.

IP address in Welcome screen is 213.104.224.62

Hey aptisman

Perhaps if you Enable Protocol Filtering and click Allow for that Protocol Driver and re-boot the machine, perhaps that’ll fix?

No, nothing works with Protocol Filtering enabled. It did under 2.05b1!

I'm using your Sept 9th Ruleset by the way.

How many things are listed in Protocol Filtering?***
And do they all show being allowed?

WANARP.SYS
NETBT.SYS
TCPIP.SYS

All allowed, all active, the latter two with a * against Yes.

Hey

OK I GIVE UP! LOL

Uninstall and Install v2.05b1 or use v2.05b2 and disable Protocol Filtering Feature and wait for a Fix!

Ok

Thanks for your help meanwhile!

LOL sorry, guess there really isn’t much else I can think of…

Me I would Install v2.05b1 and verify there isn’t a problem, and backup rule-set and Plug-Ins and whatever and Uninstall v2.05b1 and re-boot and try Installing v2.05b2 and re-boot. Afterwards manually “Allow” that Protocol Driver in Protocol Filtering.

-{ Quote: " quoting: aptisman link=board=13;threadid=23118;start=15#msg137070 date=1077992406]
WANARP.SYS
NETBT.SYS
TCPIP.SYS

All allowed, all active, the latter two with a * against Yes.
" }-
With this configuration, do you confirm you still have "Protocol" alerts in the log ?
If yes, it is still wanarp that is indicated in the Console when asking for the driver logs ?

I've placed the old driver from the 2.05b1 here:
http://looknstop.soft4ever.com/Beta/En/2.05b1/LNSFW1.SYS
Normally you can use it with the 2.05b2.

If it works it will confirm the problem is in the new driver from the 2.05b2.
If it doesn't work, the problem comes from the looknstop.exe.

Thanks,

Frederic

I swopped the driver but it still didn't work. I've gone back to the newer one now.

Hey

This may seem like a stupid question, but when you swopped drivers did you also re-boot the Machine?

Ok, thanks, in this case the problem is in the looknstop.exe.
I will look at that.

Frederic

I'm going to go back to 2.05b1, check everything works there, and then un-install and install 2.05b2 again.

Watch this space!

Hello,

Thanks Phant0m`` for letting me know about this thread. I've the same problem. I read whole thread and followed all steps. Tried deleting and adding (of course I rebooted every time - delete - reboot - add/allow - reboot) and replacing the driver with the open Frederic uploaded and DNS resolution is still not working on my system. :(

I hope something can be done about this.

regards,

richter

Yea, you can be sure Frederic will have this fixed ASAP! :D

I certainly hope so. It's a small glitch, I'm glad it's being fixed right away. Other than this, things seem to be working fine.

I've run into a problem.

Unistalled b2, resinstalled b1 but it will not run, I get an error 'unable to load lnsfw driver (error 0)

-{ Quote: " quoting: aptisman link=board=13;threadid=23118;start=15#msg137107 date=1077995484]
I've run into a problem.

Unistalled b2, resinstalled b1 but it will not run, I get an error 'unable to load lnsfw driver (error 0)
" }-
You probably re-installed without rebooting after the uninstall.
Try the following:
- uninstall again
- reboot
- install again

Frederic

-{ Quote: " quoting: aptisman link=board=13;threadid=23118;start=15#msg137107 date=1077995484]
I've run into a problem.

Unistalled b2, resinstalled b1 but it will not run, I get an error 'unable to load lnsfw driver (error 0)
" }-

Hey aptisman

Please see http://www.wilderssecurity.info/0306.shtml

Did you delete lnsfw.sys and lnsfw1.sys from windows\system32\drivers directory after uninstalling and before installing beta 1? *In case they were left out after uninstall*

-{ Quote: " quoting: richter link=board=13;threadid=23118;start=15#msg137104 date=1077995404]
I certainly hope so. It's a small glitch, I'm glad it's being fixed right away. Other than this, things seem to be working fine.
" }-
Could you try to verify the problem disappears if you start Look 'n' Stop after the PC is connected to Internet ?
To test that simply do the following:
- your PC is connected
- Enable the Protocol checking in Look 'n' Stop
- quit Look 'n' Stop
- restart Look 'n' Stop
- in the welcome Tab the "Connected To internet" checkbox should be checked
- does it work ?

If yes, I think I found where is the issue.

Frederic

Hello,

I did as you said and it says I'm connected to Internet and it shows my IP address, but I still cannot browse or do anything while Protocol filtering is enabled. Sorry. :(

Yes, I think I forgot to re-boot!

Now back to 2.05b1, Protocol Filtering is enabled and everything is working again.

Do you want me to uninstall and reinstall b2?

-{ Quote: " quoting: aptisman link=board=13;threadid=23118;start=30#msg137126 date=1077996503]
Yes, I think I forgot to re-boot!

Now back to 2.05b1, Protocol Filtering is enabled and everything is working again.

Do you want me to uninstall and reinstall b2?
" }-
Not needed at this time.

I will investigate further and come back with new suggestions.

Thanks for your patience ;)

Frederic

I have the same problem with protocol filtering when its enabled in the new beta 2. By the way, I am on WinXP pro.

I don't understand why i haven't it so, all works well, is it a bug ???

:)

-{ Quote: " quoting: gkweb link=board=13;threadid=23118;start=30#msg137205 date=1078008200]
I don't understand why i haven't it so, all works well, is it a bug ???

:)
" }-

Does your connection use WANARP.SYS?

It is possible to reproduce the issue without having Wanarp, by using the MBTest leaktest.
By default Look 'n' Stop blocks NPF.SYS, this works, but if you try to allow it and restart MBTest, NPF.SYS is still blocked (like for Wanarp).

So normally I should be able to find a fix quickly.

Frederic

Hey Frederic

I didn't use MBTest but i did use something else that uses that Protocol Driver, and i have no problems on my end.

-{ Quote: " quoting: Phant0m`` link=board=13;threadid=23118;start=30#msg137208 date=1078008394]
-{ Quote: " quoting: gkweb link=board=13;threadid=23118;start=30#msg137205 date=1078008200]
I don't understand why i haven't it so, all works well, is it a bug ???

:)
" }-

Does your connection use WANARP.SYS?
" }-

No.

@Frederic
-{ Quote: "
It is possible to reproduce the issue without having Wanarp, by using the MBTest leaktest.
By default Look 'n' Stop blocks NPF.SYS, this works, but if you try to allow it and restart MBTest, NPF.SYS is still blocked (like for Wanarp).

So normally I should be able to find a fix quickly.
" }-

Exactly Fredric, i have tried and even by allowing NPF.SYS, MBtest is still blocked.

NPF.SYS shouldn’t be in continuous use unless you using Application that uses that Protocol Driver like mbtest, gkweb have you tried closing out of mbtest and pausing for a minute and go into Protocol filtering configurations and manually removing that Protocol and click OK button, then back into Protocol filtering configurations and manually add “NPF.SYS” into the field and click “Add” & “OK” buttons and re-doing that mbtest…?

Hi again

You said "I found the cause to be when Adding/Removing a Protocol Driver to/from the list when the Protocol Driver has continues activity, it will not apply until Protocol Driver refreshes. So for those who internet depends on WANARP.SYS Protocol Driver, when you see “Protocol” alerts in Look ‘n’ Stop Log screen, go into Protocol Filtering configurations and select line containing “WANARP.SYS” and click “Allow” & "OK" buttons. Now disable the Internet, Go into your "Local Area Connection Status" and in General TAB click "Disable". Re-boot the Computer and after Look ‘n’ Stop fully Loads then “Enable” your Internet again."

I'm lost from "Go into your 'Local Area Connection Status' - I don't seem to have one that's active!

What Windows ver you using?

And you using Dial-up? if not what connection type you use?

Dial-up on XP Home

After Microsoft Windows boots up, and Look 'n' Stop fully loads and before dialing a Connection goto Look 'n' Stop Protocol Filtering configurations and manually add WANARP.SYS by inserting that into blank and clicking "Add" button and then click "Allow" & "OK" buttons.

If there is already WANARP.SYS entry, delete and do the above, after doing these steps then Dial a Connection.

-{ Quote: " quoting: Phant0m`` link=board=13;threadid=23118;start=30#msg137551 date=1078064600]
NPF.SYS shouldn’t be in continuous use unless you using Application that uses that Protocol Driver like mbtest, gkweb have you tried closing out of mbtest and pausing for a minute and go into Protocol filtering configurations and manually removing that Protocol and click OK button, then back into Protocol filtering configurations and manually add “NPF.SYS” into the field and click “Add” & “OK” buttons and re-doing that mbtest…?
" }-

still blocked doing like that.

And regarding what you said, *I* need to use NPF.SYS at least for leaktest purpose ;)

You meaning to tell me that you have leaktest programs running in the background continuously holding up that Protocol Driver?

I believe not.... ;)

No, i need the file to be available, and to be blocked/unblocked on demand.

I got it down pack now baby!!!!!!!!!!

Here it is:

If Protocol WANARP.SYS isn’t allowed you can’t DNS, and because you can’t DNS you can’t authorize WANARP.SYS.


Using NPF.SYS and with DNS rules Active, Allowing Protocol Driver while Protocol Driver has activity is possible but just a small delay.

Using NPF.SYS and with DNS rules disabled, Allowing Protocol while Protocol Driver has activity, changes doesn’t apply till the very moment I enable DNS rules.

Because NPF.SYS isn’t depended on for Internet like WANARP.SYS Protocol I can Allow/Block DNS using Internet Filtering rules, but because WANARP.SYS can’t DNS it’s very unlikely we can allow this Protocol Driver and thus means no Internet until Frederic returns and creates a fix. 8)

I have done what was suggested above re WANARP.SYS (I hope!) but stilll have problems.

The only thing resolving is my time server, which is a change as nothing was resolving before, but I have had to turn off protocol filtering to send this.

Actually I think that may not be true, I've just noticed I had the time server flagged to report.

Hi,

Since there is a cache, the verification I proposed below can fail.
-{ Quote: " quoting: Frederic link=board=13;threadid=23118;start=30#msg137120 date=1077996054]
Could you try to verify the problem disappears if you start Look 'n' Stop after the PC is connected to Internet ?
To test that simply do the following:
- your PC is connected
- Enable the Protocol checking in Look 'n' Stop
- quit Look 'n' Stop
- restart Look 'n' Stop
- in the welcome Tab the "Connected To internet" checkbox should be checked
- does it work ?

If yes, I think I found where is the issue.

Frederic
" }-

Here is the correct test to be performed:
- disable Look 'n' Stop automatic start
- verify Wanarp.sys is allowed in the protocol list
- allow the protocol filtering
- reboot the computer
- connect to internet (Look 'n' Stop is not active)
- after the connexion and when you are sure you got an IP address (this is important, you can check you got an IP with IPConfig) start Look 'n' Stop
- does the problem still occur ?

This is only for investigation, obviously it is not a fix...

Thanks,

Frederic

-{ Quote: "" }-

Here is the correct test to be performed:
- disable Look 'n' Stop automatic start
- verify Wanarp.sys is allowed in the protocol list
- allow the protocol filtering
- reboot the computer
- connect to internet (Look 'n' Stop is not active)
- after the connexion and when you are sure you got an IP address (this is important, you can check you got an IP with IPConfig) start Look 'n' Stop
- does the problem still occur ?

This is only for investigation, obviously it is not a fix...

Thanks,

Frederic
-{ Quote: "" }-


Hi Frederic,

It seems to work just fine after doing what you mentioned above. No problems at all.

Hi again

Same here, all OK after doing what you asked.

Ok, thanks for your feedback.

I know where is the problem and how to fix it.

Frederic

May be just with me but I feel the approach to detecting Protocol Drivers needs re-designing, why should a Protocol Driver to be detected needing to be Allowed in “Internet Filtering” or even send packets. There has to be another way?

-{ Quote: " quoting: Phant0m`` link=board=13;threadid=23118;start=45#msg138166 date=1078169979]
May be just with me but I feel the approach to detecting Protocol Drivers needs re-designing, why should a Protocol Driver to be detected needing to be Allowed in “Internet Filtering” or even send packets. There has to be another way?
" }-
For us it's better to detect the protocol only if it really tries to send packet.
I don't know if a static detection is possible. Certainly for standard Windows protocols like Wanarp, but I'm not sure for dynamic protocol drivers like NPF.SYS.
The advantage to have a dynamic detection is that the Internet Filtering can display the content of the packet being sent.

Frederic

Hi aptisman & dukebluedevil

Please, contact me by email (looknstop@soft4ever.com) and I will send you a fix for testing.

Frederic.

Hey Frederic

You can E-mail me the Driver for testing also if you like, since I can reproduce the anomaly regardless my Internet don’t use that Protocol Driver…

*puppy*

The fix is looking good here so far!

Thanks for another great job.

Protocol Filtering is working just fine now with the fix. :) Thank you very much Frederic!

Why hasn’t the Installers been updated yet to include this fix ???

because a fix which works for one or two person isn't beta but alpha, and alpha releases aren't throw generally in public, they must be tested and then a new beta can come out.