Discussion in 'other firewalls' started by no13, Jan 17, 2005.
This is final release i believe.
i dont use jetico pf, but now that its not longer beta and still freeware, maybe ill give it a shot. i know theres a complete thread about jetico, but could someone summarize a comparison between jetico, sygate pf pro, and outpost pf pro?
Time to give this baby another whirl.
As soon as you guys get a chance to try it out, please report back. I would be interested in finding out how much memory it uses!
19. v. 188.8.131.52 Freeware, 17th January, 2005.
The problem occured in the firewall interface when the program displays log entries is fixed. The problem of compatibility with programs creating many listening/accepting sockets (like Vypress Chat) is fixed.
Seems very light, fwsrv.exe taking up only 2852K Virtual memory.
I received an email from Jetico asking me to try out the new build and see if the problem that I previously had with Sun Java is fixed.
Well, they fixed that problem, and so far I have not found any new bugs. They must have done some work on the process table.
Memory use is about 5 mb. You can't get much lower than that.
Please keep me/us less experienced firewall users posted. My Emachine NPF 2004 expires in May.
May? That is eons from now. A firewall that expires, what a concept. Heck, its free. Try it. Remember, its rules based. From my experience with Kerio 2.15, it ws relatively easy to do the rules for mall my applications. Some of the other stuff that is under the hood is a bit difficult to understand. I suspect there is a lot in that little FW.
If its as configurable as Kerio 2x hopefully it should be as easy to setup, currently I have a ICS setup for my dial-up connection so I hope the program makes that easy to configure as Kerio 2x.
Jetico = Kerio 2.1.5 + Sandbox + More!
I am loving it. But be aware that I still found some small bugs: the software should still be considered beta. Anyway it is already better than any other free firewall. Give it a try!
I've installed it. it seeem quiete secure, but i'm still confused with hierarchical of table, what i don't understand is: If i create an application rule for internet iexplorer in the application table with verdict web browser, the firewall process goes to the table ask me, i got pop up and if i answer yes i've access to internet.
then i'm not ask anymore.
but why it goes to this table ( ask table) if the rule match ?
Most probably your rule was not matched. Did you put any event/protocol/host/port restrictions into it? All of these should be "Any".
Another thing you should care for is the order of rules. If the reference to Ask User table is before your newly created rule, then it will be processed before your rule. In this case reorder your ruleset by drag-and-dropping your new rule between the rule triggering the System Applications table, and the rule triggering the Ask User table.
You can check your rule was matched by enabling logging for that rule, and triggering the communication in internet explorer. The log will list the rule if it is matched.
thanks for answer
but i check all that you said and i still have the problem let me explain more:
I create an application rule for iexplorer between system application and ask user in the application table.
verdict of this rule is web browser witch is another table ( i didn't touch), i enable logging for this rule.
the log says that it enter in the web browser table, don't find any rule match (witch is very strange)and goes back to application table, enter and ask user table and finally ask me to add this rule.
i really don't understand why it goes to this table (ask user).
i write mail to the support but still don't have answer.
get me a manual for this thing man...
too hard to think straight with all that weirdness going on in its config screens.
Anyone willing to translate it all into Kerio?
PS: thanks Snapdragin... sorry about not PMing... I'm lazy
I foundit preetty easy to go from Kerio application rules to Jetico rules. One nice shortcut is to make a table for "Simple HTTP". Just two rules: the first allows access to the network, the second allows local ports 1024-5000 to connect TCP outbound to port 80 at any remote address. A lot of programs can use this table.
Another trick is that UDP is replaced by TCP/send datagrams or TCP/receive datagrams.
The part I do not understand is the system l evel stuff. DNS address is "name server" but I can't find which addresses are in its range. I suspect that there is a lot of elegant power in the way that thevarious tables interact, but I really do not know what is going on with that.
can someone who is jetico user's friendly can post a tutorial or config's screenshots.
cause i think this firewall has lot of posibilities but it's dificult to learn.
Actually the manual which you can download is pretty good. I am afraid I can not translate it into Kerio, even though I think I understand both. It just provides more control not available in Kerio.
OK, I have one more idea. Your Internet Explorer is initiating "outbound connection" to a remote port which is not listed in the Web Browsers table. By default this table only allows remote port 80 (http) and 443 (https). The Web Browser table ends with the verdict Continue, meaning if no rules from this table is matched the walking through the ruleset continues - in your case with the rule triggering the Ask User table. I modified my Web Browser table to allow remote port 8080 (http proxy) too, but that may not be enough. If you usually browse sites which are using exotic ports, you may need to allow "outbound connection" to any remote port in the Web Browser table.
All of this is caused by the quite restrictive default ruleset. For example the default permitted port list for Outpost firewall lists several other remote ports in the Web Browser preset.
How about you download the official User Guide which includes several full screenshots? Or is there any problems with that one?
i was browsing yahoo or google, do you mean that these sites use exotics ports !!!!!!!!!.
Could yout tried my config on your computer and let me know the result.
The link to the user guide is the compiled help file that installs with Jetico PF. I managed to get something out of it, but I have a few more questions.
I have been able to migrate my experience creating application rules with Kerio 2.15 and have been able to get an idea of what is going on, although some things on the system level seem a bit oblique. Most of my knowledge in this area comes from the Kerio support forum over at DSLR, and from BlitzenZeus' rule set in particular.
It would be great if one of the resident networking gurus started to look under the hood of Jetico and posted what they can find out.
I don't have time to write a full tutorial, but I will try to answer any specific questions.
Possibly yes. The remote port can be seen in the learning popup, and in the rule created if you just pressed Allow. Can you tell what is/was the remote port.
I'll try tomorrow at work because my testing computer is there.
What about opening a specific forum ? It will be very usefull for user who are interested by this firewall.
i'll send results tomorrow
You mean we ask Paul Wilders himself to create and open a subforum for Jetico Firewall? Hmm interesting idea. I would like it. Especially considering that it has no other dedicated forum.
Separate names with a comma.