Global vs Application rules

[Guest]

[catscratch]

Global Rule: "Allow IP IN/OUT from IN [LAN] to In [LAN]  Where Protocol Is ANY"

Isn't that allowing anything from defined LAN ips to my computer ? How come port 445 request is not processed from an ip in LAN because i have set System not to get anything from any ip ?

If something matches a global, it shouldnt look to application rules right ?

I simply want "System" not to get anything from internet but everything from LAN.

[Quill]

For something to work correctly it requires both global and application rules.

Outside ---> global rule ---> application rule ---> connection
Connection ---> application rule ---> global rule --- outside

Both have to allow or it won't happen

[Matty_R]

You will need to create an "Application Rule" for "System" or alternatively use the "Stealth Ports Wizard" to trust the LAN IP`s and it will create application rules for system and global rules.

Matt

[LovethatHIPHOP]

For something to work correctly it requires both global and application rules.

Outside ---> global rule ---> application rule ---> connection
Connection ---> application rule ---> global rule --- outside

Both have to allow or it won't happen

Could someone explain this a little deeper if possible? I'm currently very confused because I constantly setup my application rules only for them to be ignored completely with the firewall only following global rules.

For example, I'm trying to open a port for Soulseek. Since I've grown not to like selecting "allow all" access all the time, I wanted to set the rules for the application specifically so that ONLY the ports and IP's utilized would be allowed and not just everything under the sun. I'm however running into to trouble because there's a global rule for "Block and log IP in from IP any to IP any where protocol is any." It's overpowering the application rule and effectively blocking all ports that I know I configured open for the program under application rules.

[Matty_R]

Basically you need to set up a Global rule which allows traffic past to the port/s for which it is required. Global rules are read top down.

For example say you have program A which needs to accept connections on a certain port (TCP-5555 for example). You set up your application rule for Program A so that you have a rule:-

Allow TCP IN (your description) Source Address=Any(you can set the IP/Range if you wan`t/know them)/Destination Address=Your IP/Source Port=Any/Destination Port=5555

This rule will allow the program to accept connection on port 5555

But this doesn`t take into account the fact that when receiving a connection from another computer Global Rules is the first thing that is hit. Therefore you must also make a Global Rule allowing traffic to pass to port 5555 which Program A is set up to receive connections on.

Therefore you must make a Global rule the same as the rule above and place it above any Block rule.

So we should end up with Program A receiving a request from another computer. The other computer sends the data to port 5555, the Global rules are read top down, okay the top rule says Allow TCP through if it`s destined for Port 5555 so the data is allowed to pass.
Now Program A which is listening on port 5555 recieves the data and acts accordingly.

Hope this helps a tad,
Matt
 

[Tags:]