Blocking local access

In the log it continue shows a new event coming up, about a Inbound Policy Violation.

Either “Access Denied, IP=, Port=7345” or “Access Denied, IP=, Port=nbname(137)”.

I am not in a network, is just the local address given to my PC by my router, the PC’s aren’t connected in any way to each other. Is it normal this keeps getting blocked, or did I ■■■■■ a Network Rule? Because I don’t see my own PC checking itself as a big threat.

UDP 137 are normally used for Windows File Share. Do you see your own IP as destination or source?

Destination (IP:Port) is and has all different sources, it claims to be blocked by the Network Monitor Rule ID 1. Which is Block and Log all IP IN/Out Any Any.

The other is Destination (IP:port) only from as source, it’s also blocked by that same rule.

Is it proper for me to block both IP and IMCP in the rules? (ICMP hasn’t given a lot of log troubles yet)

Block and Log all IP IN/Out Any Any pretty much covers anything passing through your firewall. Be it inbound or outbound. I’m surprised you’re able to get anything through at all, which leads me to think Application Control Rules overrides Network Control Rules.
You shouldn’t be seeing these messages in your log unless your computer is looking for file shares, or your router is forwarding these requests. Is your computer a laptop and is it normally in a Windows Domain environment?

Well the first rule of the Network Control Rules (ID 0) is Allow TCP/UDP IN/OUT Any Any. The second (ID 1) is Block IP IN/OUT Any Any. The third (ID 2) is Block ICMP IN/OUT Any Any.

The IP Block and Report rule is actually default.

Can you post an image of your Network Monitor rules. The rules, as you mentioned above, don’t seem to be in the default order. Have you changed the order of the Network Monitor rules?

This is the image.

The only thing I actually changed is removing the “Allow UP GRE” rule and the Allowed ICMP rules.

[attachment deleted by admin]