Windows 7 firewall configuration

Discussion in 'other firewalls' started by geohei, Mar 16, 2013.

Thread Status:
Not open for further replies.
  1. geohei

    geohei Registered Member

    Joined:
    Jan 25, 2007
    Posts:
    41
    Hi.

    Windows 7 firewall configuration is not as easy as I expected.

    I have a particular scenario. I'd like to block a certain application from sending outbound traffic, but only one specific port.

    My Network is "Private".
    I use IPv4 and IPv6 (Computer, router and provider support it).
    At the moment, I have the Windows 7 Firewall default settings selected (didn't touch after after fresh install of Windows 7)

    How can I do this (step by step)?
    Or ... is there any guide how to achieve this?

    Many thanks,
     
    Last edited: Mar 18, 2013
  2. Wroll

    Wroll Registered Member

    Joined:
    Nov 29, 2011
    Posts:
    549
    Location:
    Italy
    Start Menu (windows key on your keyboard) -> search & select "Firewall with advanced security" -> select Outbound rules -> New Rule -> Custom -> do what you need from there

    One thing I don't know (and I don't want to boot right now to find out) is if global outbound rule outrules the application rules.
     
  3. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,983
    Location:
    Canada
  4. geohei

    geohei Registered Member

    Joined:
    Jan 25, 2007
    Posts:
    41
    @Wroll

    Thanks. I know where to find the basic tools to create new rules.
    I'd like to create a new rule blocking a specific app on a specific IP/port.

    @wat0114

    I was tumbling over this thread already. The "problem" is, that it starts off by blocking all outbound traffic (for a specific profile - "Private" in my case). By doing so, the system starts not working properly anymore since default is to allow all outbound traffic. Network onnections are lost, Windows Update doesn't work anymore; even a simple ping becomes impossible. ...

    Also ... let's assume I leave the profile to allow outbound traffic, then I block all outbound traffic for a certain app, the Event Viewer logs only rule creation and possible modifications. I don't see in pfirewall.log which app generated the "DROP" entry. So ... I can't assign a certain "DROP" entry to an app. This is necessary to see which IP/port the app uses in order to block it.
     
  5. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,983
    Location:
    Canada
    The following will work on Pro or higher versions of Win 7 so the logs will display what you're looking for...

    http://technet.microsoft.com/en-us/library/cc754714(WS.10).aspx
     
  6. geohei

    geohei Registered Member

    Joined:
    Jan 25, 2007
    Posts:
    41
    Last edited: Mar 19, 2013
  7. AlexC

    AlexC Registered Member

    Joined:
    Apr 4, 2009
    Posts:
    1,280
    I used it for a while... here´s a simple tutorial.
    https://docs.google.com/document/d/17hMHcXpu82IJqd1doa5QykGIVaZLZD1k56qO511zqUE/edit?pli=1

    The error you´re getting is probably because of the checkmark in the prompt , you have to untick.
     
  8. geohei

    geohei Registered Member

    Joined:
    Jan 25, 2007
    Posts:
    41
  9. AlexC

    AlexC Registered Member

    Joined:
    Apr 4, 2009
    Posts:
    1,280
    Sorry for my poor English...

    In the prompt that ask you if you want to allow or deny a connection, there´s usually a check mark in "service". According to my experience, you have to untick it, or else you got the error: "The corresponding rule has not been created".
     
Loading...
Thread Status:
Not open for further replies.