Application filter not working?

Discussion in 'LnS English Forum' started by Klaus, Mar 10, 2003.

Thread Status:
Not open for further replies.
  1. Klaus

    Klaus Guest

    Hello,

    I'm new to LnS and just installed v2.04p2 plus the patch on my WinXP SP1 system.

    Unfortunately the application filter doesn't seem to work at all. My browser (Opera) connects to the internet without beeing even mentioned in the connected apps window. Shouldn't LnS ask me to allow/block the unknown app in the first place?

    I didn't touch the default settings except switching to advanced mode.

    Maybe I'm doing something wrong? Does LnS depend on some special WinXP services? I deactivated those that were causing the default open ports (alg, microsoft-ds, ssdp etc). Maybe that's the problem.

    BTW, internet filtering is working fine...

    Thanks in advance,

    Klaus
     
  2. Ghostcat

    Ghostcat Registered Member

    Joined:
    Jan 25, 2003
    Posts:
    6
    Hi,

    Make sure you have enabled application filtering by placing a check mark on the application filtering GUI. Should be a little box bottom right corner of where your apps go.
     
  3. Ph33r

    Ph33r Guest

    Application Filtering Layer


    Application Filtering Layer not functioning or functioning properly?
    You been playing with Alternative Software Firewalls? Most likely the Look ‘n’ Stop Application Filtering Driver (lnsfw1.sys) is being loaded incorrectly.

    If you quickly don’t mind viewing through the bootlog which I received from my Windows XP Machine from the following file ntbtlog.txt located in C:\WINDOWS or C:\WINNT.

    Service Pack 1 1 11 2003 08:36:58.500
    Loaded driver \WINDOWS\system32\ntoskrnl.exe
    Loaded driver \WINDOWS\system32\hal.dll
    Loaded driver \WINDOWS\system32\KDCOM.DLL
    Loaded driver \WINDOWS\system32\BOOTVID.dll
    Loaded driver ACPI.sys
    Loaded driver \WINDOWS\System32\DRIVERS\WMILIB.SYS
    Loaded driver pci.sys
    Loaded driver isapnp.sys
    Loaded driver viaide.sys
    Loaded driver \WINDOWS\System32\DRIVERS\PCIIDEX.SYS
    Loaded driver MountMgr.sys
    Loaded driver ftdisk.sys
    Loaded driver dmload.sys
    Loaded driver dmio.sys
    Loaded driver PartMgr.sys
    Loaded driver VolSnap.sys
    Loaded driver atapi.sys
    Loaded driver disk.sys
    Loaded driver \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
    Loaded driver sr.sys
    Loaded driver bsstor.sys
    Loaded driver KSecDD.sys
    Loaded driver Ntfs.sys
    Loaded driver NDIS.sys
    Loaded driver vvoice.sys
    Loaded driver vpctcom.sys
    Loaded driver vmodem.sys
    Loaded driver viaagp.sys
    Loaded driver viaagp1.sys
    Loaded driver Mup.sys
    Loaded driver \SystemRoot\System32\DRIVERS\processr.sys
    Loaded driver \SystemRoot\System32\DRIVERS\nv4_mini.sys
    Loaded driver \SystemRoot\System32\DRIVERS\dc21x4.sys
    Loaded driver \SystemRoot\System32\DRIVERS\ptserial.sys
    Loaded driver \SystemRoot\System32\Drivers\Modem.SYS
    Loaded driver \SystemRoot\System32\DRIVERS\AN983.sys
    Loaded driver \SystemRoot\System32\DRIVERS\parport.sys
    Loaded driver \SystemRoot\System32\DRIVERS\serial.sys
    Loaded driver \SystemRoot\System32\DRIVERS\serenum.sys
    Loaded driver \SystemRoot\System32\DRIVERS\fdc.sys
    Loaded driver \SystemRoot\System32\DRIVERS\i8042prt.sys
    Loaded driver \SystemRoot\System32\DRIVERS\mouclass.sys
    Loaded driver \SystemRoot\System32\DRIVERS\kbdclass.sys
    Loaded driver \SystemRoot\System32\Drivers\ElbyCDFL.sys
    Loaded driver \SystemRoot\System32\DRIVERS\cdrom.sys
    Loaded driver \SystemRoot\System32\Drivers\Imapi.SYS
    Loaded driver \SystemRoot\System32\DRIVERS\redbook.sys
    Loaded driver \SystemRoot\System32\DRIVERS\usbuhci.sys
    Loaded driver \SystemRoot\system32\drivers\smwdm.sys
    Loaded driver \SystemRoot\System32\DRIVERS\audstub.sys
    Loaded driver \SystemRoot\System32\DRIVERS\rasl2tp.sys
    Loaded driver \SystemRoot\System32\DRIVERS\ndistapi.sys
    Loaded driver \SystemRoot\System32\DRIVERS\ndiswan.sys
    Loaded driver \SystemRoot\System32\DRIVERS\raspppoe.sys
    Loaded driver \SystemRoot\System32\DRIVERS\raspptp.sys
    Loaded driver \SystemRoot\System32\DRIVERS\ptilink.sys
    Loaded driver \SystemRoot\System32\DRIVERS\raspti.sys
    Loaded driver \SystemRoot\System32\DRIVERS\rdpdr.sys
    Loaded driver \SystemRoot\System32\DRIVERS\termdd.sys
    Loaded driver \SystemRoot\System32\DRIVERS\lnsfw.sys
    Loaded driver \SystemRoot\System32\DRIVERS\swenum.sys
    Loaded driver \SystemRoot\System32\DRIVERS\update.sys
    Loaded driver \SystemRoot\System32\Drivers\NDProxy.SYS
    Did not load driver \SystemRoot\System32\Drivers\NDProxy.SYS
    Loaded driver \SystemRoot\System32\DRIVERS\usbhub.sys
    Loaded driver \SystemRoot\System32\DRIVERS\flpydisk.sys
    Did not load driver \SystemRoot\System32\Drivers\lbrtfdc.SYS
    Did not load driver \SystemRoot\System32\Drivers\Sfloppy.SYS
    Did not load driver \SystemRoot\System32\Drivers\i2omgmt.SYS
    Did not load driver \SystemRoot\System32\Drivers\Changer.SYS
    Did not load driver \SystemRoot\System32\Drivers\Cdaudio.SYS
    Loaded driver \SystemRoot\System32\Drivers\Fs_Rec.SYS
    Loaded driver \SystemRoot\System32\Drivers\Null.SYS
    Loaded driver \SystemRoot\System32\Drivers\Beep.SYS
    Did not load driver \SystemRoot\System32\DRIVERS\kbdhid.sys
    Loaded driver \SystemRoot\System32\drivers\vga.sys
    Loaded driver \SystemRoot\System32\Drivers\mnmdd.SYS
    Loaded driver \SystemRoot\System32\DRIVERS\RDPCDD.sys
    Loaded driver \SystemRoot\System32\Drivers\Msfs.SYS
    Loaded driver \SystemRoot\System32\Drivers\Npfs.SYS
    Loaded driver \SystemRoot\System32\DRIVERS\rasacd.sys
    Loaded driver \SystemRoot\System32\DRIVERS\msgpc.sys
    Loaded driver \SystemRoot\System32\DRIVERS\ipsec.sys
    Loaded driver \SystemRoot\System32\DRIVERS\tcpip.sys
    Loaded driver \SystemRoot\System32\Drivers\lnsfw1.SYS
    Loaded driver \SystemRoot\System32\DRIVERS\netbt.sys
    Loaded driver \SystemRoot\System32\DRIVERS\netbios.sys

    As you would see if you quickly viewed through my bootlog that the Drivers in red belongs to Look ‘n’ Stop, lnsfw1.SYS Driver belongs to Look ‘n’ Stop’s Application Filtering Layer and lnsfw.sys Driver belonging to Look ‘n’ Stop’s Internet Filtering Layer. So we focus on the Driver Loading order of lnsfw1.SYS which is Look ‘n’ Stop’s Application Filtering Layer, thus should always be Loading just after the tcpip.sys driver which is in blue. Otherwise it’ll not function or function correctly.

    Contact Frederic by E-mail fgloannec@soft4ever.com and he’ll supply the Fix
     
  4. Klaus

    Klaus Guest

    Hmm, my bootlog shows lnsfw1.sys right BEFORE tcpip.sys. I guess thats it. Weird though. It was a fresh WinXP install, no other firewalls were installed before or after.

    Is there a simple way of changing the load order of system drivers?

    Regards,

    Klaus
     
  5. Ph33r

    Ph33r Guest

    Download http://looknstop.soft4ever.com/Tools/LnSRegPatch.exe and Execute after fully exiting out of Look 'n' Stop. Then re-boot the Machine...
     
  6. manuangi

    manuangi Registered Member

    Joined:
    Jan 29, 2003
    Posts:
    148
    Location:
    Italy
    Who needs that registry patch?

    Who needs this patch, Ph33r? Everyone, or...who?
    I'm running the latest 2.04p2 with the latest lnsfw1.sys which gave some troubles to many of you (not to me).
    Do I need the patch? Can you link me the post where the need for it is discussed?

    Thanx a lot!
     
  7. Ph33r

    Ph33r Guest

    This patch is needed by whomever in Klaus’s situation…
     
  8. manuangi

    manuangi Registered Member

    Joined:
    Jan 29, 2003
    Posts:
    148
    Location:
    Italy
    thanx!

    That's not my case, therefore! :D
     
  9. Klaus

    Klaus Guest

    Applied the patch and everything is working fine.

    Thanks!

    Regards,

    Klaus
     
  10. nameless

    nameless Registered Member

    Joined:
    Feb 23, 2003
    Posts:
    1,181
    Let me guess, Ph33r: This is the "ActivatedSoon" flag? ;)
     
  11. Tinribs

    Tinribs Registered Member

    Joined:
    Mar 14, 2002
    Posts:
    734
    Location:
    England
    I'm getting frustrated now, I also am having this problem of no applications appearing in the list, I've applied all patches and have no other firewalls installed, and those I have run have been removed very thoroughly.

    The list Ph33r showed, I have no lnsfw.sys services showing at all!!

    Unless someone can come up with a magic wand I guess I'm destined to go back to Sygate, but its a bit of a memory hog. :(
    Help :'(
     
  12. Ph33r_

    Ph33r_ Guest

    Hey Tinribs

    Could you take a Window Capture of Look 'n' Stop's "Console" showing the very first 10 Lines (after fresh re-boot) ?

    You you cannot link it my E-mail is Ph33r_@hotmail.com.
     
  13. Tinribs

    Tinribs Registered Member

    Joined:
    Mar 14, 2002
    Posts:
    734
    Location:
    England
    Thanks Ph33r, I'm actually using Kerio right now, if I get time at the weekend I'll give Look n stop another go and send that screenie if its still playing up.
    :)
     
Thread Status:
Not open for further replies.