Filtering modes

Three filtering modes are available for the ESET Endpoint Security for macOS firewall. Filtering mode settings can be found under Setup > Enter application preferences...  > Firewall. The behavior of the firewall changes based on the selected mode. Filtering modes also influence the level of user interaction required.

 

All traffic blocked – all inbound and outbound connections will be blocked.

 

Auto with exceptions – the default mode. This mode is suitable for users who prefer easy and convenient use of the firewall with no need to define rules. Automatic mode allows standard outbound traffic for the given system and blocks all non-initiated connections from the network side. You can also add custom, user-defined rules.

 

Interactive – allows you to build a custom configuration for your firewall. When communication is detected and no existing rules apply to that communication, a dialog window reporting an unknown connection will be displayed. The dialog window gives the option to allow or deny communication, and the decision to allow or deny can be remembered as a new rule for the firewall. If you choose to create a new rule, all future connections of this type will be allowed or blocked according to the rule.

NEW_CONNECTION

To record detailed information about all blocked connections to a log file, select Log all blocked connections. To review the firewall log files, from the main menu click Tools > Logs and select Firewall from the Log drop-down menu.