Hi!

When NIS 4 (with lastest updates) installed and active, I have many notifications about an "Incoming connection attempt BLOCKED" from a local computer (an iMac at 10.0.1.5 ), Port: 137 (Windows File Sharing).

However, I've configure NIS Firewall to allow "any local network" on "Windows File Sharing". Moreover, "any local network" is in the trust zone.

Ok, I've change "Logging and Notification Settings" in order NIS "notify me of blocked connections".  However, it should not with Windows File Sharing from a local network, since it's allowed !

By the way, why my iMac uses Windows File Sharing along with Apple File Sharing ?

Thanks for any help ! 

vincentj,

Can you please go to the History window in Norton Firewall, and double click on one of the "BLOCKED"  log entries for Windows File Sharing? A new window will appear with more diagnostic information. If you could take a screenshot of this window and post it here that would help me understand what the firewall is doing. Alternatively, you can export your History file and send me the output via a private message.  The log file can be exported using the File… menu in Norton Firewall (after you open the History window).

Thanks,

Ryan 

Hi!

Here's the screenshot of a log entry:

It looks like this attempt is a broadcast packet (the .255 at the end of the IP address is a dead giveaway). The packet was broadcast by the iMac to all computers on your local network.

In the Advanced Settings of Connection Blocking, there should be an option to allow all broadcast and multicast traffic. That option is on by default, but perhaps it got turned off by mistake. 

Open the Norton Firewall application, and click on Firewall Settings. Click the Configure... button under "Connection Blocking". In the Action button (the gear at the bottom of the window), select Advanced settings... One of the checkboxes in that window is an option to allow all broadcast traffic (Always allow all broadcast and multicast). Make sure that option is turned on.

If that option is on, but you still get these alerts, it might be something about your network setup. Please open up the Terminal application (found in your Utilities folder), and please type "ifconfig". Please copy & paste the output and post it here--that'll tell us your networking setup. Also please explain how your home network is setup.

Thanks!

Ryan

This sounds like a bug that I'll have to look into this week. However, in the mean time, could you please tell me what firewall configuration are you using in Norton Firewall? Do you have any special firewall rules configured, or have you just let the firewall "configure itself?"

Also, is the firewall on the router turned on? If so, does the router allow connections to any of the computers on the internal network (sometimes called a "DMZ"). If not, then it sounds like you can just setup Norton Firewall to allow all connections from the local network, which should be done automatically if you are using the "Home" location. If you are not using the Home location (which I'd be interested in hearing why not, so we can make improvements) then you can add this rule manually from the Connection Blocking -> Zones window.

Ryan 

The firewall configuration was the default one. I've since added applications to the allow list (eg. Skype, Retrospect Client, retroclient) & services to the allow list (eg. Screen Sharing). In the advanced settings dialog, "always allow broadcast and multicast traffic" is ticked.

The router is an Apple Airport Extreme. The external firewall is turned on.  I'm using the Home location. I've added the manual Zones rule & the problem hasn't recurred.