SPF router issue

Discussion in 'other firewalls' started by papasmurf, Aug 23, 2010.

Thread Status:
Not open for further replies.
  1. papasmurf

    papasmurf Registered Member

    Joined:
    Jul 4, 2010
    Posts:
    28
    Location:
    Pacific Northwest USA
    I have posted this problem in the Sunbelt support forum,
    but I wanted to also post it here, in case any others are having this issue:

    Product: Sunbelt Personal Firewall Free Edition

    System version 4.6.186.1.0 Rules version 4.3.225.0

    The following logged message happened so many times that I was forced to
    reboot both modem and router:
    ICMP PATH MTU denial of service" from my router ( IP: 192.168.1.2 ).
    I first made the attempt to put a range of ip masks in as "Trusted", but
    that did no good. I then was forced to edit one of the config files in order
    to remove the rule.
    It seems to me that this is a pretty healthy bug in this firewall. Free or not, there MUST be a way to edit the ruleset without compromising security. When will the option to ignore router addy be put in? Or when will the rule editor be turned on?
    Either one of these options would have solved this issue without having to take down the entire system.
    Other than that, I do like the firewall, I would just prefer that such an obvious bug be taken care of, maybe thru a patched update?
     
  2. papasmurf

    papasmurf Registered Member

    Joined:
    Jul 4, 2010
    Posts:
    28
    Location:
    Pacific Northwest USA
    Well, here is the answer that I recieved on this issue.
    I will be moving on to another firewall, but this one is not bad,
    it just lacks some options in the free edition, options which should
    be on in any edition:

    ~ Replaced Quote with Actual Forum Thread: Router Rule Bug ~
     
    Last edited by a moderator: Aug 23, 2010
  3. act8192

    act8192 Registered Member

    Joined:
    Nov 9, 2006
    Posts:
    1,272
    In the free version, as well as the paid version, the filtering is editable - look in the ...\config\IDS rules, do a quick search for the Description you see in the NIPS log, and put "#" before the rule. But yes, you are correct - in the GUI you cannot tweak each and single rule in that long list.
    I only had to do it once for the L3 retriever ping from another LAN computer.
     
  4. papasmurf

    papasmurf Registered Member

    Joined:
    Jul 4, 2010
    Posts:
    28
    Location:
    Pacific Northwest USA
    Yeah, I was able to edit the appropriate file, but that is something I really do not wish to do.
    To be honest, I sort of went on a little tour of firewalls, just to see what changes had been made to ones I dumped, and also to try a couple I had not tried before. Sunbelt was one of those.
    I have since gambled enough with my system, and have returned to an old friend,
    one that has not let me down, and one I still hold a lifetime license for, Outpost Pro Firewall.

    The whole concept for me comes down to ease of use, and being able to control data
    a bit better.
    While Outpost does use a little more resource, in the end I found it to be the best one for my usage.
     
  5. Brocke

    Brocke Registered Member

    Joined:
    Mar 16, 2008
    Posts:
    2,190
    Location:
    USA,IA
    if i remember reading something that sunbelt is not longer dev. newer versions of the firewall.
     
  6. papasmurf

    papasmurf Registered Member

    Joined:
    Jul 4, 2010
    Posts:
    28
    Location:
    Pacific Northwest USA
    That may be true of the free version, seemed to me that they are continuing
    with version revs though.
    In any case, it just did not work for me.
    And in case any1 is interested, I also tried ZA again, (against my better judgment),
    and Checkpoint has continued to ruin this once fine firewall. Not only is it a resource
    cow, not only does it still install junk you do not want, (even if it is not used), even the installer
    was buggy as heck. At one point, it tried, (and failed), to cancel out it's own install, telling
    me I did not have rights on MY machine..lol. I only have 1 account on this beast, the admin's.
     
Thread Status:
Not open for further replies.