After installing 1.10.4, i noticed a powershell command running over and over in task manager on all my windows machines.
The command line is:
C:\Windows\System32\WindowsPowershell\v1.0\powershell.exe “New-NetFirewallRule -DisplayName zerotier-icmpv4-8286xxxxxxxxxxxx22.214.171.124/24 -InterfaceAlias ‘ZeroTier One
[82xxxxxxxxxe6]’ -Protocol ICMPv4 -Action Allow -LocalAddress 192.168.192.112/24”
I checked my firewall rules, and indeed this has been very busy. I now have thousands of rules created by this.
I have confirmed this to be happening on all the windows machines (8 in total) that i installed 1.10.4 on.
Stopping the zerotier service, stops the powershell from executing.
update: i uninstalled 1.10.4 from the affected machines and re-installed 1.10.3 and the problem has gone.
This does appear to be an issue with 1.10.4.
Thanks. We are working on a new build. Here is a link to the previous version:
The download site should point to 1.10.5 now for Windows. Give it a try.
I’ve been running 1.10.5 for a few hours on the previously affected machines - no problems.
Thanks for the fast resolution.
I tried 1.10.5. The infinite loop is gone. However after a day of running 1.10.4, it has already created tons of firewall rules. These rules are still causing high CPU usage and stops all applications from connecting to internet.
I’ve done it manually - it took a while for Windows Defender Firewall UI to remove the rules.
Would be nice for 1.10.6 to clean up the rules.
THANKYOU so much for posting this issue and info. I had been having no end of trouble on 3 PCs I support since last week. Oddly the 1.10.5 update isn’t being offered through either chocolatey or winget, so I manually installed it and it helped. Then, I manually deleted all those extra junk firewall rules (which took about 60 minutes per machine for WDF to process the delete, so there must have been millions of entries. Things are stable again now.
I was also hit by this issue on a few machines. There is a way to get rid of all erroneous firewall rows in one go using Powershell:
Remove-NetFirewallRule -DisplayName “zerotier-icmpv4-*”
If you first want to list all the rules that are affected before you remove them it can be done using:
Get-NetFirewallRule -DisplayName “zerotier-icmpv4-*” | ft