Look'n'stop: "wish list"

Discussion in 'polls' started by Climenole, Jun 1, 2007.

?

Improvements required for Look'n'Stop

Poll closed Jul 1, 2007.
  1. Support for multiple Network Interfaces

    17.6%
  2. Results in leak tests

    35.3%
  3. Applications filtering

    52.9%
  4. Internet filtering and rules

    47.1%
  5. Log and statistics

    11.8%
  6. Installation

    0 vote(s)
    0.0%
  7. Documentation

    17.6%
  8. Support

    0 vote(s)
    0.0%
  9. Other (please give details)

    23.5%
  10. I'm an LNS user

    47.1%
  11. I'm a forner LNS user

    23.5%
  12. I'm trying LNS

    11.8%
Multiple votes are allowed.
Thread Status:
Not open for further replies.
  1. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi all :)

    I would like to know which improvement are required for LNS.

    Votes (and comments) are welcome ! :)

    1- Support for multiple Network Interfaces
    2- Results in leak tests
    3- Applications filtering
    4- Internet filtering and rules
    5- Log and statistics
    6- Installation
    7- Documentation
    8- Support
    9- Other (please give details)
    10- I'm an LNS user
    11- I'm a former LNS user
    12- I'm trying LNS

    :)
     
    Last edited: Jun 1, 2007
  2. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi

    a better orthograph from some LNS users ... :rolleyes:

    FORMER not forNer... :eek:

    :)
     
  3. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    I tried it and liked it. I already suggested one thing:
    The other is also an easy one, then move on improvements to the firewall (lol):
     

    Attached Files:

  4. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi Pedro :)

    Hmmmm... Not a bad idea but not easy to do I guess because there's a lot of parameters.
    How to show all of these into ONE screen? :eek:

    Depending what's written in the description field... Description is used as a guide for the user. You may improve it from your side... By the way take a look at this to see if the description is so "useless":
    https://www.wilderssecurity.com/showthread.php?t=174202


    Okay :D
    The LNS icon is not very nice: we need something more "glamour" !

    Thank you your vote and comments.

    :)
     
  5. danieleb

    danieleb Registered Member

    Joined:
    Dec 11, 2006
    Posts:
    111
    Oh, no! :eek: Not the icon
    And let's hope it will never be like those of ZA, Sygate and Comodo, with flashing arrows and stuff that go greeeeeeeeeeeeeeeeen when I listen to internet radio. I don't want "glamour", I want fire+wall+pc! :D
     
  6. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi Danielb :)

    A "glamourised" icon for LNS is asked from time to time...

    with no results :thumb: : let us keep the hope ! :D

    :)
     
  7. danieleb

    danieleb Registered Member

    Joined:
    Dec 11, 2006
    Posts:
    111
    Climenole
    Here's one (bad) idea: why not animate the little fire when your ports are being scanned for example, a bit like the ol' Sygate?
    And then some small firefighters could come rushing to put the fire out! That's glamour... :D
     
  8. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi Danielb :)

    Hmmmmm after all , you're right:

    What a nice idea indeed. :D

    For Vista, LNS can have a 3D loooong flame for each blocked packets !
    and, for a $10 option you may replace the firefighter face by YOUR picture !

    News! Enhanced! Exiting!

    o_O
     
  9. danieleb

    danieleb Registered Member

    Joined:
    Dec 11, 2006
    Posts:
    111
    Climenole

    You're funny! :D

    Yes, those are the key words. Oh, what sad times are these...
     
  10. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    I certainly don't want to anger LNS users. That's why i identified myself clearly: i tried it, liked it, but not sure if i need it. So far, if i were to buy, LNS or OA would be the chosen.

    Climenole, you are right on the "description" tab. It can have whatever info i want.:thumb:
    The icon, well, if you like it, go ahead. I'm not saying i'd like animation, i have that disabled in Comodo (one click..). I hate those too.
     
  11. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi Pedro :)

    You anger nobodies Pedro! :)

    Your opinion and comment are always welcome !

    Have a nice day (and week end)

    :)
     
  12. Jo Ann

    Jo Ann Registered Member

    Joined:
    Jan 6, 2007
    Posts:
    508
    Hello (bonjour):

    I tried LnS (v2.05p3) late last year. After installing it the permission-requesting popups were expected (having used other FWs), and I answered each one appropriately. Afterwards I found that LnS was blocking my LAN connectivity, so apparently it did not sense and popup the appropriate networking questions. At the time, I sought help in the LnS forum, but none of the suggestions resulted in my getting LnS to 'see' my network.

    While I'm not a programmer, I consider myself quite PC-literate (I work in a HelpDesk department), but I find writing FW rules to be more of a challenge than I (and I suspect most users) want to endure. So I would like to see LnS develop its 'learning mode' so that it can ask all necessary questions of the user during setup, so that writing rules would never be necessary, but merely available for those who prefer to do so.

    Thanks (merci),
    Jo Ann
     
  13. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi Jo Ann :)

    I'm sorry to ear that nobodies give you the solution. I agree that some network configurations are a bit tricky and required too much works from users.

    I keep your valuable comment in my archive...


    Learning mode instead of creating rules manually... Okay.

    So I guess LNS have to improve the pre-set rules for different applications
    and add some automatism in the rules creations...

    Actually the only specific rules needed are for "server" , applications using non-standard local ports and applications using UDP and not only TCP...

    Thre's easy way to create such rules but it's not obvious for all users...


    Thank you for your comments and have a nice week-end.

    :)
     
  14. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    Last year I posted some feature requests and a few more.

    I think number 6 may have already been implemented, but I still look for the first 5.

    Also I think the section for editting/making rules should be remade to be cleaner and more organized. I find Comodo and Jetico easier for making rules.
     
  15. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi WSFuser :)

    How please? (example or screen capture if possible...)

    You mean a more detailled application filtering? Somethings like a detailled allowed/blocked programs launched by another ?


    Yes, may be... But if this pop-up is displayed at each new connection location it can be very annoying. No?

    This is not a bug, this is a feature: ;)
    Rules specific to at least one allowed program are based upon the authorised programs in application filtering.
    If you disable this level of filtering how to keep the authorisation enabled?
    OR
    Did you mean somethings like a merge of appl. filtering into the internet filtering?

    Did I understand well or o_O

    Why not?

    Why not ?

    Sorry, WSFuser, but P2P works very well with LNS as far as I know.

    May be it was a rules problem or it was about the number of simultaneous connections. (this was fixed in version 2.06: it's possible to increased this number...)

    So the improvement you wish are briefly: (tell me if I'm wrong)

    1- a better Rules editing interface
    2- a more complete application filtering (for progr. launched by another)
    3- a better editing functions for the internet filtering (drag and drop, multiple select , etc.)
    4- and may be a kind of function merging between application and internet filtering. (Is that your idea?)

    Thank you WSFuser for your opinions and interesting ideas.

    :)
     
  16. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    I took a screenshot of an LnS rule and took out everything I dont need:

    http://img530.imageshack.us/img530/6236/snap314xz7.jpg

    It needs some rearrangement but it looks cleaner and I think itd make rule making easier.
    Maybe thats it. What I wanted is just a separate section or tab for configuring "allowed/blocked programs launched by another"
    I dont want it for every connection just the first one when LnS prompts you to allow a program.
    http://img95.imageshack.us/img95/9158/24pk9.gif

    When Application Filtering is disabled, I want the "Rules specific to at least one allowed program" to still work.
    As I thought, so my wishlist is now 1 item shorter.
     
  17. danieleb

    danieleb Registered Member

    Joined:
    Dec 11, 2006
    Posts:
    111
    I think the ideas posted by WSFuser are good, and the one about the rule editing window is easy to understand.

    After reading Jo Ann's post I can imagine the frustration when you can't even get the connection to work, and when you try to create a rule, well, then there are so many options that might confuse you even more.

    Maybe the options that were removed from the screenshot could still be there but sort of "hidden", for those that still want them. An "advanced mode" for rule making?
     
  18. egghead

    egghead Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    443
    Location:
    The Netherlands
    hello,

    I like to see the number of the applications that are being monitored on the screen. This because the number is restricted to max 128 in version 2.05.p2.

    e.g. numbers of applications being monitored: 65

    LnS c'est formidable :thumb:
     
  19. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi WSFuser :)

    There's a misunderstanding here.

    LNS is a rules set firewall not an "application firewall" like ZA asking "Did you authorised that stuff?" YES / NO... :rolleyes:

    I asked in this poll about improvement not a regression to an "Australopithecos firewall from the Stone Ages" !!! :mad:

    Not a single LNS user will accept this even under the effect of drugs or under torture!

    LNS give the access of detailed setup and parameters for the IP packets:

    WE, The LNS Poeple, will never renounced to this LIBERTY!

    :p
     
  20. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    I understand that. I didnt ask for the packet filter to removed did I? No simply that the rules window be easy to understand. you could simply have a button to activate an advanced mode for rule editting like danieleb suggested.
     
  21. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi WSFuser :)

    Actually you don't ask this... :D

    1- For all applications using TCP only we don't need want you want because we already have it ...

    In LNS enhanced rules set for example:
    "TCP: Allow most comon Internet application" do this... simple and transparent for the user...

    This for "client" applications... (browser, emailer and so on...)

    2- In the example you give, you ask for same simple rule for a SERVER application (BitTorrent).

    In this case the rule MUST BE specific to this program and allow incomming connections (TCP + flag SYN incoming accepted by BitTorrent only...)

    3- So you ask for an automatic server rules setup. Somethings like :

    A pop-up asking: Did you allow µTorrent as a server?
    and the answer YES create a server rule for this AND put the rule in the right place in the list...
    (Remember that the position in the list is pertinent for all rules set firewalls in the universe !)

    Is this what your looking for ?

    I see somethings "dangerous" here: a n00b may allow server rule for any kind of program and create vulnerabilities ...

    There must be a "N00b-proof" mechanism somewhere...

    4- May be a better solution is to have a "learning mode" allowing an application monitoring to examined the behaviour of a program and set automatically rule(s) for it...

    Big job indeed...

    The rules creations looks complex for many users.

    A more simple solution exist. The only blocked packets to check in the log are:

    Outgoing UDP or TCP packets:

    The vasty majority of programs used the standard local port range:
    therefore the UDP ports outside this range shows which remote ports are used and it's easy to create a rule accordingly...

    For TCP the local ports used are outside the standard range or used for a server... and it's also easy to create a rule for this.

    Server rules have the same pattern:

    A local port in TCP + all remote ports + specific to an application + placed in the list before the rule blocking incoming connections (TCP + ack flag)

    If you know how to create such rule for one server application you know how to create the same kind of ruel for ANY server application... No ?

    Why developped an automatic mechanism for somethings so easy to learn ?


    But I have to agree with you: there is some complex applications requiring
    a lot a job outside de skills of a normal user...

    So : an application monitoring to create rules will be ok for you ?

    I have an idea of how to do this based on the packet sniffer option in LNS and the log...

    Hmmm... may be

    Best regards,

    :)
     
  22. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    2.) I only showed BitTorrent cause that was the first rule screenshot I found.

    3.) No I didnt ask for automatic rules setup.

    I just want a simpler rules window. Thats all
     
Thread Status:
Not open for further replies.