Stateful Packet Inspection question

Looked at my log recently and I noticed a lot of entries regarding Stateful Packet Inspection. This occurs when I'm running NewReactor and downloading files from several news servers. Now this doesn't have any effect on my being able to download the files. Works just fine. But I don't remember there being this many log entries regarding this. So unless I unwittingly turned the logging to this on; why so many log entries all of a sudden?

Finally while I got people's attention

One feature I'd like to see in the next version of LnS is for it to default to whatever settings I've saved when it first starts up. The reason I mention this is because I sometimes turn off Internet filtering for to allow me to do something that I can't do when it's on; only to forget to turn it back on. Thankfully I have a router with an SPI firewall so it's not that great an issue. But something like this would be nice for the absent minded of us.

 

Hi,

The problem could be related to the number of connections. The TCP SPI is limited for the number of simultaneous connections it can handle.
You have to look to the console and driver logs, to get some additional information.

Also the 2.05p3 contains some improvements in the TCP SPI. Are you using this version ?

About the default configuration, if the problem is just about the ruleset then the solution is simple: just keep the default rulesets unchanged and as soon as you did a modification save the new ruleset to a new file.
A copy of default rulesets is available here:
http://looknstop.soft4ever.com/Rules/En/

Regards,

Frederic

 

Using the lastest version yes.

I think though I may have discovered (perhaps) what was going on. Today while downloading I did not see those log entries. What happen yesterday was that I noticed that I had forgot to turn the Internet filtering back on and did so while I was downloading. Then those log entries appeared. Nothing today though.

As for the second part of my question; I'm a little confused about your reply. I probably didn't make my question clear.

When I used Sygate (for example) there was a option to turn off filtering front the task bar icon. If I reboot; I would hope that the program would be smart enough to turn filtering back on. (any software firewall).

LnS allows you to turn off application and/or internet filtering..even if it isn't via the task bar icon. What I was wondering is that if I turn off internet filtering (like I might for Sygate) is there anyway to have it come back on when I reboot the system.

Is the state of filtering (and other settings outside the filtering rules) something that's saved whenever you shut-down your system (and LnS quits)? If so can it be some part of an overall settings you save (like when you make rule changes) so that the state of the program will be loaded when it starts.

Hope that makes more sense. Though reading what I wrote, I doubt it.

 

Yes, if Internet Filtering was disabled and you were downloading, then enabling suddenly the TCP SPI will create alerts.
This is because the TCP SPI engine is OFF when the Internet Filtering is disabled, so the state of current connections are not known when you enable the TCP SPI. At least this is an evidence it works

Ok I understand your point now for the second question.
It is not possible right now to do that with the current version. Current options are saved to the registry when Look 'n' Stop closes and they are read again when Look 'n' Stop starts. There is no overall settings.
I will think about that, probably a new option has to be added, it can't be automatic, since some users want to use only Application or Internet filetring and I supposed they don't want to disable it each time (the opposite of your case).

Frederic