Could someone explain this a little deeper if possible? I’m currently very confused because I constantly setup my application rules only for them to be ignored completely with the firewall only following global rules.
For example, I’m trying to open a port for Soulseek. Since I’ve grown not to like selecting “allow all” access all the time, I wanted to set the rules for the application specifically so that ONLY the ports and IP’s utilized would be allowed and not just everything under the sun. I’m however running into to trouble because there’s a global rule for “Block and log IP in from IP any to IP any where protocol is any.” It’s overpowering the application rule and effectively blocking all ports that I know I configured open for the program under application rules.
Basically you need to set up a Global rule which allows traffic past to the port/s for which it is required. Global rules are read top down.
For example say you have program A which needs to accept connections on a certain port (TCP-5555 for example). You set up your application rule for Program A so that you have a rule:-
Allow TCP IN (your description) Source Address=Any(you can set the IP/Range if you wan`t/know them)/Destination Address=Your IP/Source Port=Any/Destination Port=5555
This rule will allow the program to accept connection on port 5555
But this doesn`t take into account the fact that when receiving a connection from another computer Global Rules is the first thing that is hit. Therefore you must also make a Global Rule allowing traffic to pass to port 5555 which Program A is set up to receive connections on.
Therefore you must make a Global rule the same as the rule above and place it above any Block rule.
So we should end up with Program A receiving a request from another computer. The other computer sends the data to port 5555, the Global rules are read top down, okay the top rule says Allow TCP through if it`s destined for Port 5555 so the data is allowed to pass.
Now Program A which is listening on port 5555 recieves the data and acts accordingly.