The settings you're talking about will appear to let you create service specific rules but they won't actually do anything unless the service has an SID set to restricted or unrestricted. Many have their SID set to none. Read the discussion I had about this with the developer of Windows Firewall Control here. Then scroll down the same page to the post by syrinx. Those posts contain very important info for anyone using Windows Firewall.