Hi.

I have a few questions regarding the firewall in smart security.

When in interactive mode some rules are by default determined and they can't be changed, so what are they doing?

Also I get a lot of logs with "no application listening on the port" and "packet blocked by active defense"... Why do I get them and how do I get rid of them?

could you post a screenshot of the log with few of those alerts displayed? did you get any prompts to create rules? are you behind a router?

no router and didn't get prompt to create any rules.

What do these messages say? (in english)

Can I just ignore them or is it anything important?

(Another question... In IDS and advanced options what services should I allow in the allowed services section?)

i usually leave ids on its default settings. in plain English it means what it says that no app is listening on a given port and that some packets have been blocked (as in eset saying not expected so block it). what were you using the machine at the time of the log, torrent?

right now I have all ids "allowed services" turned off... I noticed that the log regarding packets stopped coming then.

About the listening on port, I can't understand them. I didn't do anything at the time for the logs. I was connected to the internet but didn't use it.

Can I change some options and make them dissapear or am I going to have to live with them?

furthermore I can't understand what that listening port thing is about. What is eset trying to tell me?
something or someone trying to get into my computer or "someminorthing that eset is reporting about anyway?"

{QUOTE->
furthermore I can't understand what that listening port thing is about. What is eset trying to tell me?
something or someone trying to get into my computer or "someminorthing that eset is reporting about anyway?" <-QUOTE}

The message means that the connection to a port with no application listening on was blocked/denied. Maybe it's your router which generates this communication, some brands/types produce really strange communications, including port scans which are then correctly evaluated by the firewall as attacks.

So... what can I do to make these logs go away? If I could be 100% sure thet they aren't a threat, I could just manually allow these ports?

If something constantly tries to connect to these ports should I treat that like a threat? or just some app or equipement that eset thinks is a threat but really isn't?

Investigated some more and if I allow "allow response to ARP requests from outside the trusted zone" (and have the other options turned of) the packet thing goes away.
But the listening on port remains but not as many logs as before

Err....i dun know what mean of this eset firewall log but seem like a colour different that me is red and other is black why?And what the meaning of this log?