Hi, I’m trying to block all inbound connections except for one application.
Is there a way to achieve that.
I tried these steps.
Firewall Tasks → Stealth Ports - > Block incoming connections - which added a global to block all inbound
Settings → Firewall → Application rules → Treat as allowed application
But inbound is still blocked for that app. It works when I turn off firewall.
Any help would be appreciated. Thanks
You need to create an allow global rule once you know what port(s) are needed by the application.
I see, so global rules are processed first then the app rules for inbound connections
Now I got a even weirder issue.
My objective is to only allow inbound only for one app and block rest
So I “Allowed” all inbound in global rules.
Setup two rules in App rules…
Rule#1 - Allow inbound for “my app”
Rule#2 - Block inbound for all applications
But…
Inbound connections are working for all applications. Although they should be blocked by app rule#2.
Am I missing something?
Attaching Screenshots
My expectation is only Deluged should be allowed inbound connections and blocked for all other apps.
But inbound connections are working for all apps.
Please remind that when apps on your computer initiate outbound connections then the corresponding inbound connections belonging to those outbound connections is always granted by CFW. Only inbound connections initiated from outside your computer can be blocked.
Yes I’m aware of outbound and inbound connections.
I’m only trying to block connections that don’t originate from my computer.
Thats not how your supposed to do it that’s why, I said you need to create a global rule to allow only the necessary port/ports that you want the application to accept incoming connections from with the global rules. For example, if you want an application to accept incoming connections on TCP port 80, then you would create a global rule to allow incoming with protocol tcp and destination port 80. Application rules are mainly used to control outgoing connections, while global rules are for setting up incoming connections.
Thanks for the suggestion. What you are saying is, Allow inbound connections for particular listen ports, rather than for apps.
I’m just curious though. In the previous screenshot I posted, I don’t see anything fundamentally wrong with my rules setup. But why are the incoming connections still getting through for all apps rather than just the one app.
I kind of had same question a while ago here Firewall traffic rules processing order.
From that thread I didn’t get a clear view or answer on how inbound connections are being processed either.
Yes.
I'm just curious though. In the previous screenshot I posted, I don't see anything fundamentally wrong with my rules setup. But why are the incoming connections still getting through for all apps rather than just the one app.Even though that is not the correct way, I don't believe other applications have active incoming connections, assuming those are the only rules defined in both the application and global rules. When I did the same, I get blocked firewall events for MS Edge as it listens for incoming connections and the same when I launch qbittorrent.
