Net Rules ? -- Blocking Ports 135 137 138 139 445 500

Should they be blocked “Source ports any” to “Destination Ports 135 137 138 139 445 500” or should it be the other way “Source ports 135 137 138 139 445 500” to “Destination ports any”. or both? I’m looking at some rules that I had from 2.4 to move to 3.0 and for some reason I couldn’t get this straight. Thx

Should be source ports any to destination ports on your machine for blocking inbound connections. Many users add a “block everything in” as a global rule, either via stealth port wizard or on their own in the application rules, then add the exceptions in front of it if something new is added or is logged as not working right.