I will use utorrent in this example. In version 2, I had to create a rule allowing traffic on the port I had it set to use. In this version it asked to listen on that port and then created a rule allowing IP in, but what the alert said was it wanted to listen on a specific port, should that then not have made a rule about that port?
Was the alert a firewall alert or a Defense+ alert? This will determine where the created policy resides.
Ewen 
The rule is in network security policy.
Here’s a screenshot of the alert and the resulting rule.
Wouldn’t allowing that alert make more sense to make the rule
Allow TCP in from IP Any to IP Any where source port is any and destination port is 4357
rather than the allow IP in one that it makes?
[attachment deleted by admin]
That’s caused by your Firewall Alert Level Setting.
[attachment deleted by admin]
Ah ok, I now have it on high which says an alert for every port. I assume now that if I answer the alert, it will only add the rule for that port?
On very high level it gives alerts on every ip on every port on every protocol on every direction (it’s an overkill :o)
I have it on high, not very high, but when I get paranoid, I might try very high.