Global Rules okay?

Are these three global rules enough since I really don’t know what to block? The first one is to allow uTorrent. I also have a router firewall.

http://img230.imageshack.us/img230/7692/20080205202822qk2.png

Blizziestorm,

Depends what else you are trying to do with your PC. I would think you would at least want to have a few more Allow Out rules to support connections to ports other than 30918. For example:

  1. Allow UDP Out Src Add:Any, Dest Add:(your DNS server IP’s), Src Port: 1024-4999, Dest Port: 53

(may want to make this 2 rules, 1 for each DNS server assuming your ISP has more than one)

  1. Allow TCP Out Any, Any, Src Port:1024-4999, Dest Port 80,443,8080 (the HTTP/S port set)

You’ll need these rules to support Microsoft updates and/or web browsing.

Alternatively if you want to accomplish the same thing but are not concerned about tying things to specific ports or DNS servers use:

  1. Allow TCP/UDP Out Any,Any,Any, Any

Put these rule(s) just above your Block rules.

Birdman

Blizziestorm,

Change first rule’s direction to “In” instead of “In/Out”.
Remove second rule.
That should be fine.
BTW, do not add any global rules without special reason.

goodbrazer,

Thanks for the correction on the in out thing.

As far as a special reason I would think keeping your OS patched would qualify. But then again if one is behind a router one could disable the firewall while downloading updates from MS.

Birdman

No problems, Birdman :wink:

And i mentioned this:

because application rules are to handle outgoing requests. So global outgoing rules are redundant in many cases.

Well they may indeed be somewhat redundant but I do find having restrictive outbound global rules useful. The reason for this is multiple PC users (re: teenagers) who by clicking Allow on a pop-up can easily create a new Application rule. Having the application blocked by a global rule allows me to stay in the loop regarding whether or not the connection/application should be allowed.

Birdman

Changed the first rule to In only instead of In Out. Deleted the second rule.

The block rule should cover blocking the rest right? Birdman, the two rules aren’t necessarily needed?

Thanks everyone.

Yep.