Apply ICMP Filter

Discussion in 'ESET Smart Security' started by brady747, Jan 21, 2010.

Thread Status:
Not open for further replies.
  1. brady747

    brady747 Registered Member

    Joined:
    Jan 16, 2010
    Posts:
    4
    I have a connection being blocked in my firewall log and I am unsure what the 'rule' being applied is. I am using ESET Smart Security 4.0.424.0 in a small business office.

    This is a local connection attempt from a computer that is running Spiceworks (and is therefore trying to ICMP ping each of the clients)

    Under the 'rule / worm' column in the client firewall it mentions 'Apply ICMP Filter'

    I don't see any rule labeled 'Apply ICMP Filter' (I am using 'Automatic mode with user-defined exceptions').

    It seems (based on existing rules for the firewall) that all ICMP traffic is allowed within the Trusted Zone (and my trusted zone seems set to include the LAN in question). I turned off blocking of ICMP attacks under IDS thinking that might be the issue, but that didn't solve it.

    Any ideas on how I can address the "Apply ICMP Filter" issue and what ESET is trying to tell me with this messageo_O

    THANKS for any time and information.

    Brady
     
  2. brady747

    brady747 Registered Member

    Joined:
    Jan 16, 2010
    Posts:
    4
    Well....I couldn't even ping the client (obviously I guess). I reset all the default settings and somehow that fixed it, though I was pretty sure I didnt have any 'new rules' that should have caused problems....I guess I must have missed something. I still think 'Apply ICMP Filter' could use a definition and/or a bit more clarity...I gather there must be a rule to that effect that I just kept glancing over? Anyway...Things are on their way to where I want them now hopefully.

    Brady
     
  3. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    If a communication is being blocked and you need to figure out the rule that is blocking it, enable "Logging all blocked connections" in the IDS section of the firewall setup, reproduce the problem and eventually check the firewall log for details about the blocked communication. This should give you enough information to adjust the necessary rule.
     
Thread Status:
Not open for further replies.