|
|
#1
November 18th, 2007, 06:31 PM
|
|||
|
|||
How do I reorder firewall rules?
Hi,
I would like to change the order in which the detailed firewall rules are processed. I tried drag-and-droping rules in the detailed rules view, but it doesn't work. How do I achieve this, please? Thanks, hojtsy |
|
#2
November 19th, 2007, 02:05 AM
|
|||
|
|||
|
Re: How do I reorder firewall rules?
It's not possible, always the more specific rule is applied. E.g. if you create a rule that allows communication for all programs at port 80 and then create one to block it for a specific program, the latter would superceed the general rule.
|
|
#3
November 19th, 2007, 03:03 AM
|
|||
|
|||
|
Re: How do I reorder firewall rules?
Thanks Marcos.
Which of these rules is more specific: 1) Block all port 139, independently from ip or application 2) Allow outgoing to 123.123.123.123, independently from port or application 3) Block myapp.exe, on port 1234 to any ip, both directions In particular - Can myapp.exe use port 1234 to send data to 123.123.123.123 ? - Can myapp.exe use port 139 to send data to 123.123.123.123 ? My point is that a rule can be more specific from one aspect (port, application), while being less specific from other aspect (ip, direction). |
|
#4
November 19th, 2007, 07:13 AM
|
|||
|
|||
|
Re: How do I reorder firewall rules?
1, the communication will be blocked as the rule 3 is applied to a particular application and port
2, the communication will be blocked as rule 1 blocks all communication on port 139. For the application to communicate on port 139, you'll need to create another rule for that application which will take precedence over the general rule. |
|
#5
November 19th, 2007, 08:01 AM
|
|||
|
|||
|
Re: How do I reorder firewall rules?
Thanks,
This was just meant to be an example, I try to understand the rules of precedence. From your answer it seems that if a rule is more specific regarding ports, but simultaneously less specific regarding IP address and/or direction, it still gets higher precedence, correct? What if two competing rules have the same port specification, but one is more specific regarding IP, other is more specific regarding direction? rule A: block in/out to 123.123.123.123, any app rule B: allow outgoing, any address, any app rule C: allow in/out, any address, for myapp.exe Notice that rule A is more specific regarding IP, while rule B is more specific regarding direction, and rule C is more specific regarding application. What is the precedence order of these rules? Another example where the "more specific wins" rule breaks is when two competing rules have the same level of "specificness". rule D: block port 1000-2000 rule E: allow port 1500-2500 Is port 1600 allowed or blocked? I am afraid telling "more specific rule gets applied" is not enough without exactly defining what "more specific" means. Is there a more detailed description of the precedence rules available somewhere? |
|
#6
November 30th, 2007, 08:12 AM
|
||||
|
||||
|
Re: How do I reorder firewall rules?
It seems ESET could have better built the program so that the user could move rules. I have created some rules that block some default rules that had been set to 'Allow'. I then disabled the default rules mentioned. I presume this will produce the desired result or does it not ?
Last edited by Rainwalker : November 30th, 2007 at 02:30 PM. |
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
