Closed Bug 270084 Opened 15 years ago Closed 14 years ago
end of the installation should contain a message that reminds people to configure their firewalls
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5) Gecko/20041114 Firefox/1.0 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5) Gecko/20041114 Firefox/1.0 It'd be helpful for MANY people, if there was a message at the end of the installation that states that the person should configure their firewall to allow the newly installed version of firefox to access the internet. It's just something that'll save the support team and the users having this problem, time and stress. Reproducible: Always Steps to Reproduce: 1. 2. 3.
Maybe something along the lines of "If you are running a firewall, please update the settings on it to allow the new installation of Mozilla Firefox to connect to the Internet."
Status: UNCONFIRMED → NEW
Ever confirmed: true
Since this is sort of security related, can it also block 1.0.3 and 1.0.4?
I highly disagree with the denial of a block for 1.1. Hasn't it been made clear enough yet in the mozillazine forums that people need to be told to update their firewall? Many people who use firefox get pissed off over the fact that it "doesn't work" after installing an update, simply because they do not know anything about their firewall configuration. Why can't a simple message be put in there for 1.1 to tell them "hey, make sure you update your firewall settings to allow the new version of firefox to connect"?
Turns out that this is the number one call driver to our phone support partner.
Not to conflict with the support partner's revenue stream, but if that's true, then a notice and maybe a link to a readme file we can bundle with the install for the common firewalls. Although I can't imagine how people can have firewalls, turn off new-application notification, and still not think that maybe it's the issue. Or is the most commonly complained about firewall the one build into XPSP2?
(In reply to comment #6) > Not to conflict with the support partner's revenue stream, but if that's true, > then a notice and maybe a link to a readme file we can bundle with the install > for the common firewalls. Although I can't imagine how people can have > firewalls, turn off new-application notification, and still not think that maybe > it's the issue. Or is the most commonly complained about firewall the one build > into XPSP2? The thing is, as more non-techy people upgrade Firefox, having a firewall installed, the more this will be needed. Non-tech oriented people need to be told many times over again on mozillazine to set their firewall to allow firefox to get through! All I saw a few days after 1.0.2 was "omg firefox can't connect" and the answer is "change your firewall to allow the updated firefox to get through."
I went through some bugzilla bugs and marked 265512 269144 283638 284440 287464 287531 288074 289000 all dependant on this bug; in that if this bug was fixed, the other bugs probably wouldn't have been filed. This took me about 10 minutes.. is it worth me continueing through bugzilla marking all such 'firefox doesn't work after upgrading (because of my firewall)' bugs blocking this bug, as there's probably another 50 or so out there..
Isn't it possible to open up the firewall during the installation ?
(In reply to comment #8) > I went through some bugzilla bugs and marked 265512 269144 283638 284440 287464 > 287531 288074 289000 all dependant on this bug; in that if this bug was fixed, > the other bugs probably wouldn't have been filed. This took me about 10 minutes.. > > is it worth me continueing through bugzilla marking all such 'firefox doesn't > work after upgrading (because of my firewall)' bugs blocking this bug, as > there's probably another 50 or so out there.. Yes.
Not blocking a security release. Come up with a patch and request approvals.
Flags: blocking-aviary1.0.5? → blocking-aviary1.0.5-
Why, if a Firewall was configured to work with Firefox, does the user have to reconfigure it to work with the updated Firefox? I'm not questioning that this is the case, I'm just wondering why.
The firefox.exe changes (different checksum, different time/date stamp) so firewalls (correctly) block the firefox.exe from accessing the internet; it could be that a trojan or virus attached itself to the firefox in order to piggyback out onto the internet or something. Most firewalls will come up with a msg saying "firefox.exe has changed since you last used it, allow firefox.exe to access the internet" or some such, but not all firewalls.
What firewall has this behavior? I will write them a letter explaining why they shouldn't.
All firewalls worth their salt do this. Otherwise it would be easy for a trojan to rename firefox.exe to something else, rename an executable of its choice to firefox.exe, and thusly gain access to the internet.
1) There is no reason to configure your firewall to restrict internet access based on the program. If you were someone's personal firewall, and you could truthfully say that you had a whitelist of good programs (with or without md5's etc.), wouldn't it be smarter just not to run the bad ones at all? 2) It is the duty of the firewall itself to notify the user of the subsequent problems endemic to its overzealousness. The firewall introduces this problem, therefore the firewall should be responsible for leading the user through a recovery from its misfires. This is the most important part - the problem is caused by the firewall, and should be fixed by the firewall (or by uninstalling the firewall). FYI, I'm not involved as a mozilla dev at all, but the technical issues are pretty clear. I'm just speaking as a network engineer and a programmer (Not C or C++ unfortunately) who would shake his fist every time he clicks through the equivalent of a "COFFEE IS HOT!!" warning. You really ought to complain to this/these firewall vendor(s) for silently discarding harmless traffic - if it requires dumping locally sourced packets, it should require user intervention to stop them at the real source of the problem. "necessary evil" programs that have an undesirable secondary data transfer would simply have to be configured by the user before subsequent transmissions could be silently discarded.
making blocking1.8b4- to mirror benjamin's blocking-aviary1.1- ... modifying the native installer is a pita. We can do this easily after the XULRunner installer arrives.
Flags: blocking1.8b4? → blocking1.8b4-
As new XUL error page (enabled on trunk by default) contains info that one should check firewall settings, I think that it makes this bug obsolate, so it should be resolved like INVALID.
(In reply to comment #18) > As new XUL error page (enabled on trunk by default) contains info that one > should check firewall settings, I think that it makes this bug obsolate, so it > should be resolved like INVALID. That's valid IMO, and was thinking the same thing awhile ago, except I'm not going to agree with this being invalid. If anything, I'd make it a wontfix, but that's a driver's decision to make.
Assignee: bugs → nobody
QA Contact: bugzilla → installer
Version: Trunk → unspecified
As far as we can tell, the most common firewall (Windows Firewall) doesn't have an issue with Firefox out of the box, and a large number of other users do not have a personal firewall that needs this type of exposure (home router, work/school shared firewall, etc). Additionally, the new error page that results from this type of blocked connection does tell users to check firewall settings.
Status: NEW → RESOLVED
Closed: 14 years ago
Flags: blocking-aviary2? → blocking-aviary2-
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.