Jump to content

Intermittent issue: 'All Networks' overrides 'Traffic handled by application' rule


Recommended Posts

Here is my current setup,


EIS v.


Windows Services (TCP) - Block - IN/OUT - TCP -


Public Networks


Windows Services (UDP) - Block - IN/OUT - UDP -


Public Networks


Traffic handled by application rules (TCP/UDP) - According to app rule -


0-65535 (ie blank entry)

All Networks


then I have an added rule:

"Rule 3389" - Block - IN/OUT - TCP - 3389

All Networks


When I need to use port 3389, i move the port below "Traffic handled by app"

When I don't need to use port 3389, i move the port above "Traffic handled by app"


The issue is, if I set it as "All Networks", it keeps blocking the "Traffic handled by app"

regardless whether its above or below.


However if I change it to "Public Networks", it blocks the way it should.


I say its an intermittent issue, because yesterday I had this issue, and while trying

to troubleshoot it, it seemed to start working properly, and i couldn't duplicate

the results.


I tried it again today, and the issue was present again.


Could you verify these results?

Link to comment
Share on other sites

Lets get some debug logs from Emsisoft Internet Security. In order to do this, you will first need to run a batch file to enable debug logging. This batch file is contained in the ZIP archive at the this link (this ZIP archive also contains a batch file to disable debug logging).

Please save that ZIP archive on your desktop, extract its contents, and then follow these instructions:

  • Run the enable_debug_output batch file (if your computer has Windows Vista, Windows 7, or Windows 8 then please right-click on the batch file and select Run as administrator).
  • You will see a black window pop up, and then disappear very quickly. After that happens, please restart your computer.
  • Reproduce the issue you are having with your port rules.
  • Once you have reproduced the issue, hold down the Windows key on the keyboard (the one with the Windows logo on it, usually in between the Ctrl and Alt keys) and tap the R key to open the Run dialog.
  • Type the following into the Run dialog, and then click OK:

  • A window should open and you should see a Logs folder. Right-click on that Logs folder, go to Send to, and select Compressed (zipped) folder.
  • Move the new ZIP archive you created with the logs folder in it to your desktop.
  • Attach the ZIP archive containing the logs to a reply by using the More Reply Options button to the lower-right of where you type in your reply.
Note: If you get an error message when trying to send the Logs folder to a Compressed (zipped) folder then you may need to try a utility such as 7-Zip or WinRar to compress the folder. Both 7-Zip and WinRar have options to create an archive and save it in another location (such as on your desktop), which should prevent the error message. Here are links to the download pages for 7-Zip and WinRar.

After posting the debug logs, you can run the disable_debug_output batch file (be sure to run it as administrator as well) and restart your computer again to disable debug logging.

Link to comment
Share on other sites

This topic is now closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...