Disabled Firewall required for network video streaming - Please Help

Discussion in 'ESET Smart Security' started by spalek83, Jun 12, 2010.

Thread Status:
Not open for further replies.
  1. spalek83

    spalek83 Registered Member

    Joined:
    Jun 12, 2010
    Posts:
    8
    Hello.
    I am using two PCs in a network.
    Both have Win7 Home Premium / Newest copy of Eset Smart Security
    Both set to 1000baset/full duplex


    I have to disable the firewall to get the videos to stream without skipping.
    Are there are settings specific to streaming movies over the network that I can focus on to keep the firewall enabled but not interfering?

    Tried playing them on Windows Media Player/Center x86/64, VLC(smb stream buffer set to 1000), XBMC

    If i turn the firewall off, it works. If i turn it on it dosn't. If the host computer is booted into osx(with little snitch) it works, if it is booted into windows 7 with smart security running and firewall enabled, it dosn't work

    Host is i7 860 with 4gb memory, streaming to a computer with a 4200+ 64bit amd cpu(not a beast, but it works when the host has no firewall)

    thank you in advance
     
    Last edited: Jun 12, 2010
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Whenever there is a problem with the firewall blocking certain communication, do the following:
    1, enable "Log all blocked connections" option in the IDS section of the firewall setup
    2, reproduce the problem
    3, check the ESET firewall log for details about the communication and the reason/rule why it was blocked. Subsequently you can adjust that rule or create a new one allowing the communication, or post the relevant records from the log here so that we can help you.
    4, disable "Log all blocked connections"
     
  3. spalek83

    spalek83 Registered Member

    Joined:
    Jun 12, 2010
    Posts:
    8
    the other computers ip address gets the following (and it happens on my end as well, blocked/error logs are pretty similar)
    Address temporarily blocked by active defense (IDS) ...:61865
    Detected Port Scanning attack ...:5355
    No usable rule found ...:5355

    So even tho its in the same network/home-group, it doesn't recognize it as such... what would be a safe was of fixing this? putting the other computers fixed network ip address into trusted zone?
     
    Last edited: Jun 12, 2010
  4. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
  5. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    The remote computer is performing a port scan attack which is blocked by ESS. Add the IP address of the remote computer to the list of addresses excluded from active protection (IDS) in the zone setup.

    If you have more computers in LAN, switch the firewall to learning mode so that all necessary rules are created automatically.
     
  6. spalek83

    spalek83 Registered Member

    Joined:
    Jun 12, 2010
    Posts:
    8
    I added each computer to its opposing IDS exclusion list. now those previous errors are gone, but one that was there before but mostly hidden by the rest of the errors is still there (forgot to mention in previous post)

    Incorrect TCP packet checksum

    its the only error i get now. but a bunch in a row, spaced first together then every couple of minutes
    lag/issue is still there. video will play then freeze for 10 or more seconds as it catches up
    how can i resolve that?
     
    Last edited: Jun 13, 2010
  7. MasterTB

    MasterTB Registered Member

    Joined:
    Jun 19, 2007
    Posts:
    547
    Location:
    Paran?, Argentina
    That is the same problem I'm having that is preventing me to copy/move files over my Home LAN without issues. You start to copy/move, all goes well until.. ESS flags an Incorrect TCP packet checksum and all stops. Windows does not know why and the operation stalls for seconds to restart terribly slow and keeps it that way.
    I've been looking for an answer to this for a loooooooooooong time and my license is expiring next month. Guess what will happen to my license if I cannot solve this?
    It is very annoying that only Eset is giving me this problem. I uninstalled it just to check and no other firewall/suite gave me this issues. I also checked my drivers just to be sure. No solution at all.
    ((This is my thread just in case: https://www.wilderssecurity.com/showthread.php?t=273119))
     
  8. spalek83

    spalek83 Registered Member

    Joined:
    Jun 12, 2010
    Posts:
    8
    you set both computers to full duplex/1000bastT?

    and yea, it's frustrating. on my end, I can't play a movie on the network past 5 minutes with the firewall enabled, yet with the firewall disabled I can watch the entire movie without even a hiccup? Is it the same for you, can you copy files with it disabled?

    I read in this and another forum that "
    if that is the case, and the packet checksum is completely irrelevant, that means there is absolutely no error in the log file to attribute why the firewall causes streaming movies over the network to be unplayable...
    then what is?

    setting wmpnetwk.exe to be excluded in protocol filtering.. didn't help either
     
    Last edited: Jun 13, 2010
  9. MasterTB

    MasterTB Registered Member

    Joined:
    Jun 19, 2007
    Posts:
    547
    Location:
    Paran?, Argentina
    Exactly, ESS shouldn't report the Incorrect TCP checksum because it is not an incorrect checksum.
    It should just ignore it and let the transfer/stream continue, instead, the IDS is blocking the transfer and causing the problem.

    What worries me is that this has been a problem since previous versions and Eset is not acknowledging it.

    I have checked my nics and there is nothing wrong with them. Brand new machine with no issues whatsoever, except for what Eset is causing.
     
  10. spalek83

    spalek83 Registered Member

    Joined:
    Jun 12, 2010
    Posts:
    8
    wonder if there is an option to make it ignore TCP checksums, if that is indeed the specific issue.
     
  11. MasterTB

    MasterTB Registered Member

    Joined:
    Jun 19, 2007
    Posts:
    547
    Location:
    Paran?, Argentina
    I believe that is the cause of our problems, but the only "soluction" I've been given is to disable IDS protection for the LAN, I don't see that as a solution. If it is, what is the point of having the IDS in the first place.

    Although I must say it didn't work for me.
     
  12. spalek83

    spalek83 Registered Member

    Joined:
    Jun 12, 2010
    Posts:
    8
    are you using interactive filtering mode or automatic filtering mode with exceptions?


    reason i ask is eset support sent this link to me, not sure yet if it is the fix, tho loosing interactive mode 100% of the time is a sad loss it they are right
    http://kb.eset.com/esetkb/index?page=content&id=SOLN2140
     
  13. MasterTB

    MasterTB Registered Member

    Joined:
    Jun 19, 2007
    Posts:
    547
    Location:
    Paran?, Argentina
    Hi: spalek83 I Always use Interactive mode. Never tried automatic. I used learning mode once on my brother's pc because he doesn't know a thing about rules, launched all the applications he used and then switched to automatic with exceptions. Ne never had issues because he uses the pc to work, doesn't do much browsing and since it's his only pc doesn't do stream or copy/move operations over the lan.
     
  14. spalek83

    spalek83 Registered Member

    Joined:
    Jun 12, 2010
    Posts:
    8
    set yours to automatic filtering mode with exceptions

    does it still do it?
     
Thread Status:
Not open for further replies.