Is pfsense actually any good what-so-ever?


Recommended Posts

n_K

So I thought I'd play around with it.

I've spent probably about 2 whole days trying to get it to work, firstly there's no vmware appliance as it says there is on the homepage, so I went with the ISO install method for x64.

Install went fine, rebooted and picked some IPs, 192.168.10.10 for WAN, 192.168.12.10 for LAN. I actually had to turn it off and change some settings, despite saying 'Preparing for VMWare Install...' during the install, I assume that meant it included vmware tools so vmxnet3 would be supported out the box! Nope, no support for vmxnet at all. Switched both network cards to e1000s.

Anyway, the proxy system is an utter pain in the arse, and the inability to install packages from the commandline (I've got no more public IPs, so I eventually got the proxy working with an apache proxy). Installed snort, though the install seems broken, put in my snort code and enabled SNORT rules and emerging threats, updated a few times and it got emerging threats but it completely ignores updating the normal SNORT rules, the SNORT update log was always empty too.

Anyway, that was the pain of snort out the way, the actual wall is that no matter WHAT settings I use for WAN/LAN and NAT/Rules I CANNOT get it forwarding ANY traffic from WAN -> LAN. I looked on the state list and it shows the connections as 'SYN SENT | CLOSED'. Right about now, I'm just tempted to forget I ever saw it because it really does seem to have been far too good to be true.

So does anyone have any advice/experiance/suggestions of things to do to get a simple damn NAT working? IE from 192.168.10.10:80 -> 192.168.12.4:80? I originally thought it'd work without needing to act as a NAT if I'm honest, e.g. just assign it an IP and allow traffic to flow through but use snort to block any rubbish that shouldn't be there and have each other server behind it still have their normal public IPs.

Link to post
Share on other sites
  • 2 weeks later...
+BudMan

So I have been running pfsense for years and never an issue..

I currently run it via vm on vsphere 5 for my physical network.

"Preparing for VMWare Install...' during the install, I assume that meant it included vmware tools"

Why would you think that?? Did it say it was installing the Tools? And no there is no vm appliance -- which is clearly stated on the link off their main page

"There are currently no VMware appliance downloads, simply install from the iso as usual."

As to getting a simple nat working -- its pretty difficult ;) You click NAT under firewall menu and put in what you want.

If I had to guess where you having your issue is the private IP you have on the WAN, there is a default rule that would block private IPs on the wan.

post-14624-0-36899800-1336829334.jpg

post-14624-0-35253200-1336829734.jpg

This would clearly block your traffic before it could get to your forward rule.

Why would you have a double nat in the first place - ie private on the wan?

And you can get vmxnet3 drivers to work, just install the official tools. But to be honest e1000 works just fine, I was using the vmxnet3 but did not see any real improvement and ran into a bug in using an ipsec client behind the router. It might have to do with the odd naming of the interfaces.

I have left them on my pfsense box if ever want to switch back to them.. Makes it easy to switch back and forth that way, etc.

vmx3f0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500

options=403bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,VLAN_HWTSO>

ether 00:0c:29:4b:2f:44

media: Ethernet 10Gbase-T

status: active

vmx3f1: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500

options=403bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,VLAN_HWTSO>

ether 00:0c:29:4b:2f:4e

media: Ethernet 10Gbase-T

status: active

I believe the issue might have to do with that 3f0 and 3f1 in the name -- there was post about it on the pfsense forums a few days back, related to why vlans were not working with those nics.

More than happy to help you get a pfsense router up an running -- I love the distro and have had no issues with it, and a few other users here on neowin run it as well without any problems.

Link to post
Share on other sites
n_K

I gave up with pfSense, it wouldn't work and forward any traffic. The SNORT for it was a bit tosh too, apparently it updated emerging-threats but not the normal VRT rules using my oink code, and the SNORT info page never showed any details on what versions of files were installed plus the update log was always empty. If I'm honest, I see it as a OK-ish starting base product that really needs updating and fixing to be what it says it is on the box.

After all the hassle I went with arch with my own customised grsec and selinux kernel, 3 ethernet's with 2 being IP-less and creating a bridge then using SNORT and iptables together on them... Took an incredibly long time to get right and working but it runs fine now! Although I'm not impressed that I need promisious mode enabled on all the switches that the VM is attached to :(.

I was quite surprised at the fact there's nothing at all that I found on google about setting up SNORT to be an IPS and act as a 'passive switch'-type mode at all, there was a few things on snort-inline which are from 2006 and don't work with the current SNORT and I wasn't able to find out how to use afpacket anywhere :s.

Link to post
Share on other sites
+BudMan

"I gave up with pfSense, it wouldn't work and forward any traffic."

And I showed you why that most likely was..

"I see it as a OK-ish starting base product"

I don't have a reason to run snort on my home network currently, so have not played with it on pfsense in a while - didn't have any issues with it when I did. What package where you trying to install? And kind of hard to see traffic for snort to look at if you were blocking private IPs on your wan? Not sure how you would of gotten it to update signatures if you were blocking private ip on your wan interface and your wan was on a private ip space -- did you have internet access working on it at all? But as far as you having issues with snort (a package not part of actual distro) I don't see how that reflects on the actual product of pfsense. Where on the "box" does it say its designed as an IPS?

http://www.pfsense.org/

pfSense is a free, open source customized distribution of FreeBSD tailored for use as a firewall and router. In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution. pfSense is a popular project with more than 1 million downloads since its inception, and proven in countless installations ranging from small home networks protecting a PC and an Xbox to large corporations, universities and other organizations protecting thousands of network devices.

Where does that mention IPS? Looking on the feature page

http://www.pfsense.o...id=40&Itemid=43

Again not seeing mention of Full Blowin IPS? Not even seeing it mentioned at all.. So where is it on the box? Same goes with proxy feature of squid -- this is a "package" not built in feature. And you don't need a proxy to be a great firewall/router!

"Although I'm not impressed that I need promisious mode enabled on all the switches that the VM is attached to"

You wouldn't unless you want it to see all the traffic on that switch ;) Comes down to what traffic you would want snort to see. And how its connected to your physical network, and what your physical switches support, mirror/span ports, etc.

as to using afpacket on snort.. Do you have DAQ, did you built it with DAQ support?

As to your rules issue - do you have a VRT subscription? Not sure what rules you were wanting to grab with snort on pfsense?

I just checked my oinkcode and still worked

budman@ubuntu:/tmp$ wget http://www.snort.org...snipped>6a86394

--2012-05-12 09:43:06-- http://www.snort.org...<snipped>a86394

Resolving www.snort.org (www.snort.org)... 23.21.68.83

Connecting to www.snort.org (www.snort.org)|23.21.68.83|:80... connected.

HTTP request sent, awaiting response... 302 Found

Location: http://s3.amazonaws....ipped>TYV6aI%3D [following]

--2012-05-12 09:43:08-- http://s3.amazonaws....foZjHnTYV6aI%3D

Resolving s3.amazonaws.com (s3.amazonaws.com)... 72.21.195.97

Connecting to s3.amazonaws.com (s3.amazonaws.com)|72.21.195.97|:80... connected.

HTTP request sent, awaiting response... 200 OK

Length: 17738637 (17M) [binary/octet-stream]

Saving to: `650292155171<snipped>86394'

Maybe I will fire up snort on pfsense -- have not played with it in a while.

Link to post
Share on other sites
n_K

I setup pfSense and removed all 'block wan' etc. and it still didn't forward traffic. I've got some more coding to do now and then I'll get this compiled, deploy it then I'll create a new VM and put pfSense on and see what it does.

'Where does that mention IPS? Looking on the feature page'

IPS is a feature of SNORT. SNORT is an IDS.

'You wouldn't unless you want it to see all the traffic on that switch...'

That's the problem, VMSwitch doesn't act like a real switch, switches are layer 2 devices but VMSwitch seems to be a layer 3 device and forwards only to the interface based on IP, if you remove an IP from an interface but have the VM acting as a switch, without promisious mode it gets no traffic at all, but with proisious it's getting a lot of traffic it shouldn't be :/.

'as to using afpacket on snort.. Do you have DAQ, did you built it with DAQ support?'

afpacket worked in that snort started up fine and used it, but I've no idea what the hell to do with it or how to configure it or do anything with it, so I compiled the nfq daq and used that instead.

'As to your rules issue - do you have a VRT subscription? Not sure what rules you were wanting to grab with snort on pfsense?'

The free rule set. I've tried with pulledpork and the other largely used one but didn't find them all that great, and both failed to set the rules up properly so I made my own script to download, change alert -> block, remove useless/bogus rules and update the SO rules.

'Maybe I will fire up snort on pfsense -- have not played with it in a while.'

It was using the official snort package for pfsense from the list... I did also find it a pain in the utter arse to get internet on pfSense too, it doesn't support SOCKS proxy at all so I had to setup an apache proxy for it on my other server (limitation of only having 5 public IPs) and go through that, but only HTTP traffic works, no FTP or HTTPS :/

Link to post
Share on other sites
+BudMan

"IPS is a feature of SNORT. SNORT is an IDS."

Just did a search on this page

http://www.pfsense.o...id=40&Itemid=43

No snort mentioned.. Where and what does it say, and were are you reading it?

"it doesn't support SOCKS proxy"

Who and the F uses a proxy for a router/firewall to access the internet?? I think your not actually understanding the purpose of what pfsense is to be used for.. If what you want is a prebult ids/ips vm appliance than grab that - that is not what pfsense is meant to do.

As to proxy support for its internet connection -- just at a lost to understand that? If what you want is to chain proxies -- again pfsense is not a proxy. There is a package to add proxy support too it, which can be chained - squid. But that is not what pfsense is actually designed todo. So no if your trying to use a product for something its not designed to do, its not going to shine.

Use it as a router/firewall and it rocks!

"VMSwitch seems to be a layer 3 device and forwards only to the interface based on IP"

Well yeah I agree with you that you do not see traffic if no IP, real world you would still see the broadcast traffic, etc. -- but keep in mind its not a REAL switch.. So yeah it prob takes some sort cuts, why should it process the packets to the port if there is nothing there to see it from its perspective.

Link to post
Share on other sites
n_K

'No snort mentioned.. Where and what does it say, and were are you reading it?'

It's a package, under packages.

"it doesn't support SOCKS proxy"

It wouldn't be on the internet, I'd ideally like it more if I could install packages without having to be on the internet using the stupid web GUI interface, would much rather prefer to SSH in, copy the file packages over and install them that way but no, pfsense doesn't support such a simple feature! So I can use a HTTP proxy which is the only one it supports, and since the only way I can get it working is using apache's mod_proxy, it doesn't support https or ftp, so half the packages don't even download!

'again pfsense is not a proxy'

I agree, I don't want it to act as a proxy, I wanted it to act as a 'passive' network switch that did stateful packet inspection and dropping when traffic seemed dodgy, with no public or private IPs assigned to it what-so-ever.

True about the vmswitch I guess, but it'd be useful if there was an option to allow it or input the IPs you want forwarded :(. I was looking at the nexus e1000 thing from cisco, and if I'm honest, I've still no idea what it does or how it works or even how you'd use it. Then there was the linux kernel's new 'vSwitch' but that sounded even worse than the vmSwitch haha!

Link to post
Share on other sites
+BudMan

"I wanted it to act as a 'passive' network switch that did stateful packet inspection and dropping when traffic seemed dodgy, with no public or private IPs assigned to it what-so-ever"

That is not purpose of pfsense - sounds like you want a IDS/IPS box, that is not what pfsense is -- it is a router/firewall

"pfSense is a free, open source customized distribution of FreeBSD tailored for use as a firewall and router."

Now there are some docs around on the site to use it as a transparent filtering bridge - which sounds more what your looking for, etc. But that is not really what is meant to be.

Its like saying this apple sucks, because what you wanted was an orange.

Link to post
Share on other sites
n_K

But that is the definition for a router, they usually have inbuilt firewalls in them, and with firewalls comes IPS systems.

But yeah, doesn't matter now since I've got it all running from an arch vm!

Link to post
Share on other sites
Graimer

But that is the definition for a router, they usually have inbuilt firewalls in them, and with firewalls comes IPS systems.

But yeah, doesn't matter now since I've got it all running from an arch vm!

IPS isn't a feature that is built into all firewall software. IPS is a feature that's supported by some(many) dedicated firewalls(which costs more then normal home routers). Routers normally include a basic firewall, not a full-blooded firewall.

pfSense is something I haven't tried yet, so I'm not gonna join that debate. ;)

Link to post
Share on other sites
+BudMan

"and with firewalls comes IPS systems."

NO!!

Sure a IDPS could be considered a firewall because it is meant to control unwanted traffic from your network, but a firewall does not have to be a IDPS. Nor does a router have to have a firewall in it.

A firewall controls traffic based upon rules - is it reply to something, state. Is the dest port specific, is the source IP specific, etc..

IDPS detects and or blocks bad traffic based either upon signatures or behavior, etc.

Just because its a firewall does not mean its a IDPS at all.

Link to post
Share on other sites
eXtermia

You say you are not passing traffic, I pass minecraft server traffic all the time in on mine. is your pfsense behind a NAT firewall modem router from your ISP you may need to forward all traffic to your pfsense router too. (or put it in DMZ settings on modem routers)

Snort is a pain on pfsense I will agree, even more so if you dont customize the rules, you can end up blocking dns queries and more. But I fault it more with snort and not the pfsense.

I use HAVP, and squid on mine no problem. They work really great together. I also load balance 3 wan links, have a OpenVpn connection out when I want to watch netflix overseas. Update about 20 separate dynamic domain names with DynDns on it.

Of course you want to limit how many thing you put in it for security.

Bud talks about proxy above, I have used pfsense both as normal proxy using squid and as a loadbalancer with reverse proxy as well . All seems to work well just don't add to many packages to it as they can conflict and for security as I previously stated.

Link to post
Share on other sites
eXtermia

Oh I also have used two IP6 tunnels using hurricane electric (two /64 ranges) free over pfsense. It requires some updates to 2.1 to run but is pretty smooth. Squid doesnt seem to like to run will with ipv6 running however.

Link to post
Share on other sites
n_K

Yes the AV scanner got me interested most in pfsense :p but if you look around on snort, it was discontinued about 2 years ago and had a lot of problems which indicated to me pfsense's version of snort is ancient.

Link to post
Share on other sites
+BudMan

Would not call it ancient

BTW found this article that is interesting

http://www.smallnetbuilder.com/security/security-howto/31406-build-your-own-ids-firewall-with-pfsense

Build Your Own IDS Firewall With pfSense

Package says its version Stable 2.9.1

I show on the snort page, 2.9.2.3 is current is it not? Sure ok the package is a bit dated, but it is not Ancient ;)

Link to post
Share on other sites
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By Copernic
      GlassWire 2.3.323
      by Razvan Serea



      Visualize your current and past network activity by traffic type, application, and geographic location, on an easy to use graph. GlassWire lets you see what applications are sending out data over the Internet and shows you what hosts they are communicating with. The program also looks for; domains or IP addresses that are known threats, networking system file changes, unusual application changes, ARP spoofing and more.

      GlassWire shows you what network activity occurred while you were away or logged out from your computer. No more wondering what your computer was doing while you were out. Just go back in time with GlassWire's graph and see exactly what happened in detail.

      GlassWire visualizes what current and past applications are accessing the Internet. If you don’t like what you see you can instantly block network access to specific apps with GlassWire’s firewall manager.

      GlassWire 2.3.323 changelog:

      Fixed a problem reported on HackerOne about GlassWire and its QT implementation.

      Fixed a bug with our free 7 day trial system.

      Modified the behavior of "Things" notifications for free users.

      Download: GlassWire 2.3.323 | 55.3 MB (Shareware)
      Links: GlassWire Website | Android

      Get alerted to all of our Software updates on Twitter at @NeowinSoftware

    • By Copernic
      NOD32 Antivirus / ESET Internet Security / Eset Smart Security Premium 14.2.10.0
      by Razvan Serea



      NOD32 for Windows is the best choice for protection of your personal computer. Almost 20 years of technological development enabled ESET to create state-of-the-art antivirus system able to protect you from all sorts of Internet threats. ESET Internet Security boasts a large array of security features, usability enhancements and scanning technology improvements in defense of your your online life.

      ESET Internet Security
      ESET Internet Security keeps your computer or laptop safe with intelligent multi-layered protection combining proven antivirus, antispyware, firewall, anti-rootkit and antispam capabilities. Based on ESET NOD32 Antivirus, it protects you from viruses, worms, spyware, and all Internet threats. It conserves resources and improves computer speed. You are protected at the highest level while you work, social network, play online games or plug in removable media.

      ESET NOD32 Antivirus
      Your best defense against viruses, trojans and other forms of malware—and the top choice for IT professionals. Powered by the ThreatSense® engine with advanced heuristics, which blocks far more unknown threats than the competition. The latest generation of the legendary ESET NOD32 Antivirus takes your security to a whole new level. Built for a low footprint, fast scanning, it packs security features and customization options for consistent and personalized security online or off.

      ESET Smart Security
      Ultimate protection for everyday web users, thanks to ESET’s trademark best balance of detection, speed and usability. Stay safe from viruses and spyware. Stay protected from ransomware - Blocks malware that tries to lock you out of your own data. Receive free support by email or telephone in your local language, wherever you are. Bank and shop online more safely - automatically secures transactions on internet banking sites, and helps to protect you on online payment gateways. Stop hackers from accessing your PC - Personal Firewall prevents hackers from gaining access to your computer and keeps you invisible when you use public Wi-Fi. Keep your kids safe online - block unwanted internet content by categories or individual websites and keep your kids safe online with Parental Control. Safer webcam and home router - Get an alert when anyone tries to access your webcam, and check your home router for vulnerabilities. Safely store passwords, and encrypt your data. Safely store, generate and prefill your passwords, and encrypt your files and removable media (USB keys). Includes protection for smartphones and tablets. Protect all of your devices - mix and match security protection for up to 3 or 5 devices.

      v14.2.10.0 changelog:

      New: Added support for Upgrade Campaign New: Redesigned Help and support page Improved: 3rd party uninstall screen Small improvements:

      Threat encyclopedia moved to Detection description in product context menu Detection engine history moved to Installed components screen Download: ESET NOD32 Antivirus 14.2.10.0 (32-bit) | NOD32 Antivirus 64-bit | ~180.0 MB (Free Trial)
      Download: ESET Internet Security 14.2.10.0 (32-bit) | ESET Internet Security 64-bit
      Download: Eset Smart Security Premium 14.2.10.0 (32-bit) | Eset Smart Security Premium 64-bit
      Link: ESET Home Page

      Get alerted to all of our Software updates on Twitter at @NeowinSoftware

    • By Copernic
      GlassWire 2.3.321
      by Razvan Serea



      Visualize your current and past network activity by traffic type, application, and geographic location, on an easy to use graph. GlassWire lets you see what applications are sending out data over the Internet and shows you what hosts they are communicating with. The program also looks for; domains or IP addresses that are known threats, networking system file changes, unusual application changes, ARP spoofing and more.

      GlassWire shows you what network activity occurred while you were away or logged out from your computer. No more wondering what your computer was doing while you were out. Just go back in time with GlassWire's graph and see exactly what happened in detail.

      GlassWire visualizes what current and past applications are accessing the Internet. If you don’t like what you see you can instantly block network access to specific apps with GlassWire’s firewall manager.

      GlassWire 2.3.321 changelog:

      Added two new device types to "Things", as requested by users. "Things" now keeps the original information GlassWire gathered even when you add your own info, as requested by users. Fixed a bug that cut off hosts in some situations. Users can now make longer scan intervals with "Things", as was requested in our forum. "Things" now auto-scans one time on GlassWire's install, so a trial user can see what devices are on their network immediately. Fixed issues with our Turkish translation. Updated our Chinese translation. Fixed a bug that could make GlassWire not show the correct number of online devices after the PC slept. Download: GlassWire 2.3.321 | 55.5 MB (Shareware)
      Links: GlassWire Website | Android

      Get alerted to all of our Software updates on Twitter at @NeowinSoftware

    • By Copernic
      Windows Firewall Control 6.5.0
      by Razvan Serea



      Windows Firewall Control is a nifty little application which extends the functionality of the Windows Firewall and provides quick access to the most frequent options of Windows Firewall. It runs in the system tray and allows user to control the native firewall easily without having to waste time by navigating to the specific part of the firewall. This is the best tool to manage the native firewall from Windows 10, 8.1, 8, 7, Vista, Server 2008, Server 2012.

      Malwarebytes acquired Windows Firewall Control in June of 2018. Binisoft Windows Firewall Control will quickly integrate into the Malwarebytes platform, which simplifies the deployment and ongoing management of security solutions. Following the acquisition, the full-featured edition of Windows Firewall Control has been re-released at absolutely no cost (the notifications system is now available for free and the program does not require activation anymore).

      Windows Firewall Control offers four filtering modes which can be switched with just a mouse click:

      High Filtering - All outgoing connections are blocked. This setting blocks all attempts to connect to and from your computer.
      Medium Filtering - Outgoing connections that do not match a rule are blocked. Only programs you allow can initiate outgoing connections.
      Low Filtering - Outgoing connections that do not match a rule are allowed. You can block the programs you do not want to initiate outgoing connections.
      No Filtering - Windows Firewall is turned off. Avoid using this setting unless you have another firewall running on your computer.

      Program Features:

      Intuitive and easy accessible interface in the system tray, next to the system clock. Full support with standard user accounts. Elevated privileges are required only at installation. Disable the ability of other programs to add Windows Firewall rules. Multiple and easier ways of creating new rules in Windows Firewall. Integrated support of creating, modifying and deleting Window Firewall rules. Lock feature which can disable the access to the settings of the program and Windows Firewall. Shell integration into the right click context menu of the executable files. Display invalid rules with the possibility to delete them very quickly. Merge multiple similar rules or duplicate existing ones. Search for executable files through folders and create new rules in seconds. View recently allowed and blocked connections and create new rules from the Security log. Choose if you want the program to start at user log on. Import, export and restore all firewall rules or just the selected rules. Protection to unauthorized uninstallation. Possibility to restore previous settings at uninstallation. Global hot keys are supported and various shortcut keys are available. And many, many more. Just try it out. Other specific features:

      Notifications System which provides notifications for outbound blocked connections. Four modes available: High - Display notifications for all outgoing connections that were blocked, including System and svchost.exe. Medium - Display notifications only for regular programs, without notifications for System and svchost.exe. Low - Automatically allow digitally signed programs. Notifications are displayed only for unsigned programs. Disabled - Notifications are disabled. Create temporary rules which are automatically deleted when they expire or on program restart. Windows Firewall Control 6.5.0 changelog:

      New: The notification dialog displays now the count of blocked attempts for each program that is notified. Improved: The keyboard shortcuts to switch between notifications were changed in notification dialog to Ctrl+Left and Ctrl+Right. Fixed: Privilege escalation vulnerability was fixed in WFC service. Fixed: Some group names are not displayed correctly in Rules Panel. Download: Windows Firewall Control 6.5.0 | 2.7 MB (Freeware)
      View: Windows Firewall Control Website

      Get alerted to all of our Software updates on Twitter at @NeowinSoftware

    • By Copernic
      GlassWire 2.3.318
      by Razvan Serea



      Visualize your current and past network activity by traffic type, application, and geographic location, on an easy to use graph. GlassWire lets you see what applications are sending out data over the Internet and shows you what hosts they are communicating with. The program also looks for; domains or IP addresses that are known threats, networking system file changes, unusual application changes, ARP spoofing and more.

      GlassWire shows you what network activity occurred while you were away or logged out from your computer. No more wondering what your computer was doing while you were out. Just go back in time with GlassWire's graph and see exactly what happened in detail.

      GlassWire visualizes what current and past applications are accessing the Internet. If you don’t like what you see you can instantly block network access to specific apps with GlassWire’s firewall manager.

      GlassWire 2.3.318 changelog:

      Major "Things" improvements including a completely redesigned user interface. Click the top right "settings" icon to use the new different "Things" options. Also, mouse over a device name and click the three dot menu (...) on the right side to add custom information for devices. You can also see old devices that are now offline and scanning is much faster! GlassWire now has a new notice in "Block All" mode that some Windows Security features may have network access to avoid virus false positives. GlassWire now has a loader animation when the firewall is switched on/off. The GeoIP database we use for hosts is now updated. Fixed a bug that could cause GlassWire to crash when the mini viewer is moved between multiple monitors. Fixed a bug that could cause the GlassWire Windows Service to crash. Fixed Chinese translation errors. Fixed a bug that could cause some people to be unable to create firewall profiles. Fixed a bug that caused artifacts to appear on the GlassWire main graph. Fixed German translation errors. Added more contrast to blue colors in the user interface so the text is easier to read. Improved notifications about new "Things" that joined the network so it has more useful information. Fixed a bug where publishers would not update correctly when "traffic" is changed in GlassWire's user interface. Many miscellaneous bug fixes and stability improvements. Download: GlassWire 2.3.318 | 55.8 MB (Shareware)
      Links: GlassWire Website | Android

      Get alerted to all of our Software updates on Twitter at @NeowinSoftware