WinGate Forums

[Alen]

Two days ago I updated KAV to version 3.0.2 from an old 2.0.3.

1. As a result I got some options changed ("Transparent proxy" Enabled, "Dreep feed data ..." Enabled, "Pad out blocked files" Enabled and may be some others). I understood this because of download managers behaviour change: resume is no longer supported when using NAT connection, proxy users are reporting downloading now shows progress, etc.

Why you did so without any caution?! What else was changed?


2. Old version of KAV could be updated via proxy service, but I can not make the new one to update.
I need this, because when DNS server ip is set on Wingate machine OS (not in Wingate itself), I got Wingate to go crazy (I reported about DNS issue here: http://forum.wingate.com/viewtopic.php?f=12&t=39972&start=60&st=0&sk=t&sd=a#p35024, but the problem was not resolved, so I just removed DNS settings from the OS).
Of course, I can add required field in the Hosts, just need to know the server name. (I did this for PureSight).


3. I don't see any activity in the Activity tab when KAV is updating!? Shouldn't I?

[adrien]

Hi Alen

sorry, just saw this!

1. I didn't think we had intended to change settings like that. It's a completely new installer though so there might be some issues leaving old settings.

2. We'll need to add support for the updater to use a proxy. I believe it still can. There are a number of servers it checks, and they are geo-located (different DNS depending on where you are). So I'm not sure which names it will look up. Are you able to test on another system on your network and monitor what is looked up?

that DNS issue we fixed in WinGate 7 (completely new resolver). The main reason we re-wrote the DNS resolver was because the old code was very difficult to maintain (due to structure), and had several issues like the one you raised (not following CNAME chains properly etc).

3. WinGate activity screen only shows activity that goes through WinGate.

KAV updater makes its own independent connections. It doesn't even use the WinGate DNS resolver, all the code is in the KAV updater SDK, so it uses the OS DNS resolver.

Regards

Adrien

[Alen]

Hi Adrien

1. I didn't think we had intended to change settings like that. It's a completely new installer though so there might be some issues leaving old settings.

Ok. But you should make some testing and warn users...

2. We'll need to add support for the updater to use a proxy. I believe it still can. There are a number of servers it checks, and they are geo-located (different DNS depending on where you are). So I'm not sure which names it will look up. Are you able to test on another system on your network and monitor what is looked up?

Ok, I'll check on Wingate machine (using netstat) and report. But please add proxy support for KAV updating (and for PS too).

3. WinGate activity screen only shows activity that goes through WinGate.

Clear.

[Alen]

Here is what I found by netstat:

TCP firewall:4616 dnl-eu1.kaspersky-labs.com:http ESTABLISHED
TCP firewall:4617 83.229.173.3:http ESTABLISHED

Then by nslookup:

Non-authoritative answer:
Name: prd.geo.kaspersky.com
Addresses: 81.176.230.19, 83.229.173.3, 95.167.139.6, 212.47.219.83
Aliases: dnl-eu1.kaspersky-labs.com, dnl-geo.kaspersky-labs.com

So I'll add the following records in the hosts file (till you add proxy support):

81.176.230.19 prd.geo.kaspersky.com dnl-eu1.kaspersky-labs.com dnl-geo.kaspersky-labs.com
83.229.173.3 prd.geo.kaspersky.com dnl-eu1.kaspersky-labs.com dnl-geo.kaspersky-labs.com
95.167.139.6 prd.geo.kaspersky.com dnl-eu1.kaspersky-labs.com dnl-geo.kaspersky-labs.com
212.47.219.83 prd.geo.kaspersky.com dnl-eu1.kaspersky-labs.com dnl-geo.kaspersky-labs.com

[Alen]

No, it doesn't work. I am still able to resolve the name on Wingate machine:

C:\Documents and Settings\Administrator>nslookup dnl-eu1.kaspersky-labs.com
*** Default servers are not available
Server: UnKnown
Address: 127.0.0.1

Non-authoritative answer:
Name: prd.geo.kaspersky.com
Addresses: 81.176.230.19, 83.229.173.3, 95.167.139.6
Aliases: dnl-eu1.kaspersky-labs.com, dnl-geo.kaspersky-labs.com

But when trying to update KAV I get an error immediately:

Object: Kaspersky AntiVirus for WinGate
Time: 07-Mar-2011 14:12:10
Message ID: 0000
Description: Data file update for 'Kaspersky AntiVirus for WinGate' could not be completed

How is this possible? If KAV uses OS for DNS name resolution it has to use hosts file!
The only reason I can suppose is: every time KAV is using different server (other than above mentioned)...

Please add proxy support ASAP.

[adrien]

Hi

did you get a chance to look at that version that has proxy support?

Regards

Adrien

[ivmay]

I think this has something to do with the newer version of Kaspersky you installed on your wingate computer.

Though I already have this version as well, but it is not displaying even one of what occurred to you. I think the DNS issue was already resolved with the fixed wingate 7. Can you please give me an update, if ever you still need help, so I can also look into the matter.

[Alen]

Hi
did you get a chance to look at that version that has proxy support?

Just installed it (with full PC restart), proxy support is not working. I have correct proxy settings in IE, but when I try to update KAV I immediately get:
"Object: Kaspersky AntiVirus for WinGate
Time: 23-May-2011 19:14:49
Message ID: 0000
Description: Data file update for 'Kaspersky AntiVirus for WinGate' could not be completed".

[Alen]

After setting up DNS address in WAN interface settings it updated normally:

Object: Kaspersky AntiVirus for WinGate
Time: 23-May-2011 19:28:09
Message ID: 0000
Description: Data file update for 'Kaspersky AntiVirus for WinGate' completed successfully

So the problem still exists...

[adrien]

Hi

Proxy support in IE is per-user configuration, and is stored in registry under HKEY_LOCAL_MACHINE

WinGate runs in the LocalSystem account, which you cannot log in as to set a proxy. So the LocalSystem account doesn't get any IE proxy settings.

What I'm saying is that KAV can't use the proxy settings in your IE - you need to set them in KAV itself.

Regards

Adrien

[Alen]

What I'm saying is that KAV can't use the proxy settings in your IE - you need to set them in KAV itself.

I believe it was not difficult to explain how to do that. Can't see such setting in KAV settings.