Zones dropdown in Edit Programs not displaying correctly when many Zones are in place.

[Emi-Emi-Emi]

When you create more than one Zones, they will not display correctly in the drop down menu in Edit Program window, it is like squeezing the list until it disappears.

But besides that, love the new update, amazing work!

[Emi-Emi-Emi]

Also, a question, aren't Zones 'disabled' state supposed to be the unchecked box ? and then the enabled - allow everything but the IPs in the Zone was the other one partially checked? ?

Seeing the disabled partially checked was confusing at first, especially when you add a program and everything is 'partially checked'. I think I wasn't getting a program to work because I think I disabled it thinking I was disabling the whole thing and therefore blocking all IPs from a program I was going to use. Then I just saw that partially checked was like the 'default' off state.

But there is an inconsistency of Zones Window using partially unchecked for 'on' and then unchecked for 'off', when all the other options like Edit Program as seen in my screenshot use checked for on and off is unchecked. and the other options unchecked.

Just my tiny feedback about it!

But great new feature 100% 👍

[tnodir]

When you create more than one Zones, they will not display correctly in the drop down menu in Edit Program window

I can't reproduce it:

Can you please show your Zones Window: how many zones there and which names?

[tnodir]

@Emi-Emi-Emi I've added 2 fields to app table in FortFirewall.config: accept_zones & reject_zones. They are a bit masks of Zone Ids.

On filtering phase:

• if accept_zones is not zero and the Accept Zones does not include remote_ip, then connection is BLOCKED
• if reject_zones is not zero and the Reject Zones include remote_ip, then connection is BLOCKED

I just saw that partially checked was like the 'default' off state. But there is an inconsistency of Zones Window ...

Yes, you are right. I've to fix this inconsistency..

[tnodir]

But there is an inconsistency of Zones Window ...

Fixed by e688f1012

[Emi-Emi-Emi]

Now, I know how ton reproduce the issue and explain the issue!

So the problem is that when you open Programs window and then open Edit Program, it will keep the height of the drop down menu depending on the amount of zones that were created previously to open the Edit Programs, so even when you close the Edit Programs window, it will not update the height of the drop down menu, and only restarting Programs window fixes it, because now every Edit Window will keep the height.

I forgot I created first a zone, then opened a program to edit, but then decided to create more and got the issue. Apparently I didn't close Programs window, because only closing and re-opening fixes the issue, but that means once an Edit Program is opened, the height of the drop down gets locked.

So for example, I created 6 zones, opened to edit programs, removed 3 and then got it like this.

In the first screenshot was the same process but with only 1 zone.

Sometimes I wonder how I can find these issues lol it is like I have a magnet for seeing the weirdest bugs that no normal humans sees. Bug vision super power.

[tnodir]

Thanks, let me fix the menu..

[tnodir]

Menu resizing fixed by 26a6761a.

[Emi-Emi-Emi]

I've added 2 fields to app table in FortFirewall.config: accept_zones & reject_zones. They are a bit masks of Zone Ids.

On filtering phase:

• if accept_zones is not zero and the Accept Zones does not include remote_ip, then connection is BLOCKED
• if reject_zones is not zero and the Reject Zones include remote_ip, then connection is BLOCKED

I noticed that the limit of zones is 32 but Edit programs only shows 16. Is that meant to be based on this mask info?

Since Zones for the moment is the the closest we are to the "rules like Agnitum Outpost" and they are now useful now to create and hit the limit, it is kind of weird, you can only have access to the first 16 and then the others are only available through the IP addresses page with no way to arrange or filter or anything once they are created.

[tnodir]

@Emi-Emi-Emi You're absolutely right.

1. From one point, I don't want to waste memory in the driver.

These accept/reject zone mask infos are stored for every app as 32-bit value (16 for accept + 16 for reject).

2. From other point, I think, most users will not hit this limit. I.e. they will usually use less than 16 zones.

But if you need more than 16 zones, then you can use "rules like Agnitum Outpost". When they will be implemented.

[Emi-Emi-Emi]

That makes sense, I still wanted to make sure the limit correctly, to optimize the Zones and don't over-extend the feature or over complicate it and create useless zones if not needed, or don't have the zones in the list of first 16 that will be seen by the Programs, and have a workaround for any future case if necessary, especially since zones can't be arranged, but for that I will probably just edit the DB as usual and quickly update many entries at once.

Thanks for the info!

[tnodir]

Please check the v3.10.5-test0.

[Emi-Emi-Emi]

Tested Zones and more and everything working great! 👍