dcs18 Posted June 4, 2017 Author Share Posted June 4, 2017 27 minutes ago, Undertaker said: What I don't understand is how IP block is not working but CIDR is in my WFC? While both of them work on the same principle. Did you disable Adguard before trying them both? Link to comment Share on other sites More sharing options...
Undertaker Posted June 5, 2017 Share Posted June 5, 2017 8 hours ago, dcs18 said: Did you disable Adguard before trying them both? Yes sir, I did. BTW it will only appear in Adguard if it bypasses through the FW stage. Otherwise, it will be blocked at FW,requiring no need of Adguard intervention but yeah, I did close it before testing. Link to comment Share on other sites More sharing options...
dcs18 Posted June 5, 2017 Author Share Posted June 5, 2017 13 hours ago, Undertaker said: What I don't understand is how IP block is not working but CIDR is in my WFC? While both of them work on the same principle. Did you notice that after some time, the CIDR rule in WFC turns from 169.32.0.0/11 to 169.32.0.0/255.224.0.0? It's affecting a range from 169.32.0.0 to 169.63.255.255 (that's quite substantial — what value did you use as a IP filter?) Link to comment Share on other sites More sharing options...
Undertaker Posted June 5, 2017 Share Posted June 5, 2017 42 minutes ago, dcs18 said: Did you notice that after some time, the CIDR rule in WFC turns from 169.32.0.0/11 to 169.32.0.0/255.224.0.0? It's affecting a range from 169.32.0.0 to 169.63.255.255 (that's quite substantial — what value did you use as a IP filter?) The GUI change of CIDR is intentional I think, nothing wrong with that. Win FW in its record keeps it as 169.32.0.0/11 only while WFC keeps it in this form IP/SubnetMask(169.32.0.0/255.224.0.0). Infact you will see WFC changes the CIDR to IP/SubnetMask form as soon as you choose refresh list from right side bar. Maybe that's how they read stuff. BTW, I changed the CIDR IP to 169.55.0.0/18 (covers both 169.55.40.5 and 169.55.0.224) and this is 1/100part or 1% of the earlier one that I mentioned. Another thing is that I tried some older builds of WFC and they are working as they should(no bypassing) but as soon as I updated to latest version bypassing started, So the bug maybe in WFC. I have two untouched WFC builds, I'm trying 4.8.3.0 version and there were no bypass(2-3 hrs) until I updated to latest version(bypassed within 5 mins). If you want I can upload another build(4.9.4.0) for your testing, that is if only you are interested. Note: When testing for bypass, CIDR rules were disabled and testing was done only with IP rules. CIDR rules continue to work even in latest build. Link to comment Share on other sites More sharing options...
dcs18 Posted June 5, 2017 Author Share Posted June 5, 2017 2 hours ago, Undertaker said: BTW, I changed the CIDR IP to 169.55.0.0/18 (covers both 169.55.40.5 and 169.55.0.224) and this is 1/100part or 1% of the earlier one that I mentioned. Note: When testing for bypass, CIDR rules were disabled and testing was done only with IP rules. CIDR rules continue to work even in latest build. The CIDR has a very limited role in firewalling and the only time it should be used is when all IPs confirmed for blocking are in a consecutive order — IPs to be blocked for IDM are certainly not in consecutive order. If used indiscriminately, CIDR would only cause collateral damage by blocking valid IPs. Moreover, an indiscriminate use points to trial-n-error through a hit-n-miss implementation — it kills the art form in firewalling and exposes a knowledge deficit. If however, even if all IPs confirmed for blocking were in a consecutive order, my personal preference would be to use the IP range (169.55.0.0-169.55.63.255 instead of 169.55.0.0/18) — if not in consecutive order, with necessary changes made in the range. 2 hours ago, Undertaker said: Another thing is that I tried some older builds of WFC and they are working as they should(no bypassing) but as soon as I updated to latest version bypassing started, So the bug maybe in WFC. I have two untouched WFC builds, I'm trying 4.8.3.0 version and there were no bypass(2-3 hrs) until I updated to latest version(bypassed within 5 mins). If you want I can upload another build(4.9.4.0) for your testing, that is if only you are interested. Initially, I suspected a WFC IP leak bug and wanted to use my status update to appeal to Users of the firewall method to come forward and share their experience about their IDM activation — however, found that my status update was not working (shall make an appeal soon.) In the meanwhile, you could upload the WFC installer confirmed as working — shall check it out for any leaks. Link to comment Share on other sites More sharing options...
Undertaker Posted June 5, 2017 Share Posted June 5, 2017 I understand what you're saying but had to maintain activation by some sort Site: https://www.upload.ee Sharecode[?]: /files/7086160/wfc4setup_old_.exe.html This is 4.8.3.0 build which has been working flawlessly for 6 hrs now(even after numerous program and system restarts). I will use this build for a couple of days and then upgrade to 4.9.4.0 version(the last old version I have). My exported settings and rules backup from new version were successfully imported in this older version, just had to adjust the notification option. Scratch that, just now IDM bypassed WFC, thank god for Adguard(Saved me again) Back to start. Link to comment Share on other sites More sharing options...
dcs18 Posted June 5, 2017 Author Share Posted June 5, 2017 They seem to have changed the key bypassing IP from 169.55.40.5 to 169.55.0.224. Link to comment Share on other sites More sharing options...
Undertaker Posted June 5, 2017 Share Posted June 5, 2017 At my side, after flushing DNS, restarting modem as well as system, it is still 169.55.40.5 While 169.55.0.224 is being used for update check. Link to comment Share on other sites More sharing options...
Undertaker Posted June 5, 2017 Share Posted June 5, 2017 When download completes IDM is connecting to test.internetdownloadmanager.com Spoiler Spoiler Link to comment Share on other sites More sharing options...
Ecarion Posted June 5, 2017 Share Posted June 5, 2017 I had check a few times with TrashReg and no still nothing... Then I had take a look on a few topics (and to give examples) : first second third etc It seem's the solution will be one medicine. Because the trial period seem to be restored and no, the bat files didn't work... Unless you want to be bored by another popup (I don't know why but instead 10 days to register IDM, it was 4 days). At least, so far I didn't see those popups again and unless WFC fix the bug, I won't try (to register it). Link to comment Share on other sites More sharing options...
Undertaker Posted June 5, 2017 Share Posted June 5, 2017 12 minutes ago, Ecarion said: At least, so far I didn't see those popups again and unless WFC fix the bug, I won't try (to register it). On it Sir, BTW it might not be a WFC bug after all. @FaeGiN I see you following this topic all day long, you have something to say too? Link to comment Share on other sites More sharing options...
dcs18 Posted June 5, 2017 Author Share Posted June 5, 2017 When the IDM site is blocked, via hosts — one can still surf them (there's an error only when the page is reloaded/refreshed.) Link to comment Share on other sites More sharing options...
Undertaker Posted June 5, 2017 Share Posted June 5, 2017 4 minutes ago, dcs18 said: When the IDM site is blocked, via hosts — one can still surf them (there's an error only when the page is reloaded/refreshed.) That means it is bypassing hosts also because that shouldn't be happening, right? One time bypass is enough to de-activate IDM Link to comment Share on other sites More sharing options...
dcs18 Posted June 5, 2017 Author Share Posted June 5, 2017 They have adopted a completely new implementation which causes every connection to loopback — as a test example you can try all those 27 block IPs on Firefox instead of IDM and surf their site. Link to comment Share on other sites More sharing options...
knowledge-Spammer Posted June 5, 2017 Share Posted June 5, 2017 7 minutes ago, dcs18 said: They have adopted a completely new implementation which causes every connection to loopback — as a test example you can try all those 27 block IPs on Firefox instead of IDM and surf their site. inbox me pls my friend as i cant inbox u Link to comment Share on other sites More sharing options...
knowledge-Spammer Posted June 5, 2017 Share Posted June 5, 2017 Undertaker i have a feeling we have talked befor ill not say but i have feeling we was friend sometime ago ? can it be u ? Link to comment Share on other sites More sharing options...
Undertaker Posted June 5, 2017 Share Posted June 5, 2017 Just now, knowledge said: Undertaker i have a feeling we have talked befor ill not say but i have feeling we was friend sometime ago ? can it be u ? I thought the name was a dead giveaway,lol. Again, yes I'm that guy only. Link to comment Share on other sites More sharing options...
knowledge-Spammer Posted June 5, 2017 Share Posted June 5, 2017 1 minute ago, Undertaker said: I thought the name was a dead giveaway,lol. Again, yes I'm that guy only. its good to talk with u again longtime now Link to comment Share on other sites More sharing options...
A.lemane Posted June 5, 2017 Share Posted June 5, 2017 how come am the only one who dosnt remember this guy Link to comment Share on other sites More sharing options...
knowledge-Spammer Posted June 5, 2017 Share Posted June 5, 2017 17 minutes ago, A.lemane said: how come am the only one who dosnt remember this guy i was friends with him longtime ago but i was not sure if was him or not but i did have feeling it my old friend Link to comment Share on other sites More sharing options...
vhick Posted June 5, 2017 Share Posted June 5, 2017 How are these firewall blocking in IDM to be work if you are a VPN user (system-wide)? Link to comment Share on other sites More sharing options...
dcs18 Posted June 5, 2017 Author Share Posted June 5, 2017 ATM, the focus is on getting IDM to work normally, ASAP — VPN would be the last thing on everyone's mind. Link to comment Share on other sites More sharing options...
Undertaker Posted June 6, 2017 Share Posted June 6, 2017 12 hours ago, dcs18 said: They have adopted a completely new implementation which causes every connection to loopback But could it bypass IPSec in this way? Link to comment Share on other sites More sharing options...
Undertaker Posted June 6, 2017 Share Posted June 6, 2017 @dcs18 I'm assuming hosts ain't working either, you tried that I think, what was the result? I think if somehow, we're able to block the connection to test.internetdownloadmanager.com, IDM would retains its activation. As you were talking of loopback connection, I think that is the loopback. Because if you don't download anything then IDM is retaining activation, it is only when you download something that activation gives in and the only change while downloading is test.internetdownloadmanager.com Yep confirmed, that domain is the loopback. Link to comment Share on other sites More sharing options...
Undertaker Posted June 6, 2017 Share Posted June 6, 2017 1 hour ago, Undertaker said: I'm assuming hosts ain't working either, you tried that I think, what was the result? Yeah hosts is not working either, it's only able to block the connection partially. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.