Hy, I am trying to block the HTTP Port set, by going to Global rules and set a rule that blocks TCP and UDP for any address on ports set in HTTP Port Set (80, 8080 etc)
I place that rule at Top on Global rules, but when i go to browser and enter any url it opens normaly
How can i block a port set?
Where in the rule did you fill in the http ports? Source, destination or both?
I placed the port for both, source and destination.
What’s the use of blocking http ports?
As far as browsing is concerned, it is outbound (and you forgot port 443): global rules apply first, and next individual rules.
If you wanted to block inbound (tcp in), individual rules have the priority over global rules, and you should therefore check that no individual rule infirms your global one.
Speaking of outbound tcp and udp, i just made the (working) test:
you forgot that the logic is boolean, i.e. no situation matches to BOTH source and dest port 80 (and/or 8080): the rule does not match and is thus not applied.
Your rule should be written: Block, tcp or udp, out, adress source and dest any, port source any, port dest 80.
Now, it works.
Write if you want to a second rule, tcp or udp, in, this time the source is port 80, but it won’t work if opposite individual rule, and blocks downloading whatever from internet even when it works.
I believe it to be better to write separate individual rules for tcp/udp in if needed (a good example is scvhost and system, dest ports 135-139 as to deny rpc and netbios).
Thanks, I’ll try your suggestions :-TU