is it true, that, if I write a rule to block INBOUND traffic for an application, then this rule will not be skipped by the stateful inspection, e.g. the reply to ALLOWED OUTBOUND traffic (same port and ip) will be blocked ?
So, that would mean, stateful inspection skipps only network monitor rules ?
Stateful Inspection is related to network monitor. Application monitor is simple. Just a basic request-reply keeping.
Yet, application monitor wont block replies too. But you dont have a chance to reorder application rules to observe the various behaviors. So to better understand stateful inspection, i recommend playing with network monitor rules.