Hi I am a new user to LNS, and I am using the trial version (2.05p3) for the 30 days to see if I need to purchase a copy. Some background I am behind a router and although I have read and understood the first part of Patrice's thread on routers, the last part has me lost (that is another story) I have used Blackspear's setup instructions...thanks to him it gave me a better understanding of this firewall. When I use "TCP SPI" and visit certain web pages e.g. download.com, I get my logs filled with 'doubleclick.net', so I have used the router to block anything with doubleclick. My question is when I use IM or Hotmail my logs get filled with messages (see attached..... I hope it is legible). How can I stop this ? -do I need to create a rule, then block the execution of that rule? Any constructive input would be appreciated. Thanks. Cheers
Hi Thomas I generated a log, and it is attached. Outbound traffic?..... I don't know. Your help is appreciated. Thanks Cheers
Hi, fredra, I'm not sure if I really understand your meaning.(I apologize for my grammar mistakes). I'm new to LNS too.(and I'm also not good at English) It seems you don't like the log file to be full of records. In the "Internet Filtering" tab, click the Help button on the lower right coner, you will find your answer. Cheers
Hi Dryopithecus No problem with the grammer or English my friend, I do understand you. I had to turn on logging to get the details, however, I am still trying to figure out whether it is just showing me what has passed through the firewall or it is blocking something from "hotmail". In other words, what are the records showing me. Thanks for your input and I will check the help file, as you pointed out. Cheers
Hi fredra, The alerts in the logs show when a rule has been applied. A rule can be used to allow or to block, depending on the rule configuration. If you check the "Internet Filtering" tab you can look down the list to find the matching rule, in this case "UDP : Any other UDP packet". If the second column for this rule has a stop sign (ie. red circle with white horizontal line), it means anything which matches this rule will be blocked by LnS, unless there is a rule higher up in the list which allows it. Likewise, if there is no stop sign, it means that anything that matches the rule will be allowed, unless another rule higher up in the list blocks it. Double-clicking on a rule brings up the rule editing window. While this can be a bit daunting for the uninitiated, it is well worthwhile trying to learn as much a possible since it contains all the info related to that particular rule. For example, you can see that the "UDP : Any other UDP packet" rule applies to both inbound and Outbound packets. HTH EDIT: If you don't want a match for a particular rule to be displayed in the log, just remove the '!' from the third column next to the rule, on the Internet Filtering tab.
In the "Log" Window of LnS you can double-click on each entry that was logged. This will open a small window called "packets content". Can you do a screenshot of one of these windows and post it here in the forum? This window will disclose some more information about the packet (e.g. in- or outbound) Regards, Thomas
Hi Thomas M Thanks for your assistance, it is appreciated. I finally figured it out with some help from Phant0m's instructions over here Cheers