Portmaster is registered as a system service and starts immediately at boot - even before you log into your user account. This means that it generally starts before any other of your programs. Please note that the tray icon / app indicator is a separate process and is no indication for the Portmaster has started, as it is only started after login.
Besides that, there are some subtle differences depending your operating system:
The Windows system service of Portmaster is started as a regular service. The service then initialized the kernel driver / extension to integrate into the network stack. This means that Portmaster is currently started after the boot process of the Window Kernel is completed.
This means that, currently, some Windows services have a short head start before Portmaster. Tests on Windows 11 have shown these services to be able to communicate before Portmaster is ready:
255.255.255.255 UDP/137.www.msftconnecttest.com.Future Improvement: After Portmaster has started for the first time, there will be an option to “persist” the Portmaster kernel driver, so that it is started with the kernel and blocks all connectivity until the Portmaster is fully ready. This is tricky as it can easily break your network connectivity or lead to a BSOD.
The systemd service of the Portmaster is configured to be started before the network and name resolution. This means that the protection is started before the network connectivity is enabled:
Before=nss-lookup.target network.target
Future Improvement: After we have implemented direct support for systemd, we will be able to use the WantedBy configuration option, which will make systemd properly wait until the Portmaster has fully started before continuing with other services, mitigating any possibility of race conditions.