I see some FAQs here say to move certain rules above some of the default allow rules rather than just above the block all rule. Why is this?
Regarding Network Monitor
There’s an order of priority with the top having the highest and the bottom rule having the lowest.
If you created a new rule and it’s at the very bottom, that rule is useless if the rule above it is blocking all connections.
I got that, but my question was why some say to move some rules over the default ALLOW rules.
Sorry. I misread your question. However, my answer still doesn’t change because of the rule ordering. Depending on the specific situation, it may relate to this reasoning or for troubleshooting purposes. If you can link me to some thread or examples maybe I can explain more.
I can’t seem to find it, but as I recall, it said something like the rule had to be placed above the ICMP in rules. Which confuses me, as looking at mine, I don’t see anything about the default allow rules that would end up blocking anything.
Hmm…Well, the default network rules do actually block ICMP host unreachables. That I know for a fact because I p2p and have allowed them. I do seem to recall that when defining trusted zones (like if you have a router/networked computers) that they usually have to be the first rules.
I’m looking at mine, and as far as it goes, I don’t have any block rules except the block all at the bottom. In addition, I added a port and a zone and they are both at the bottom. I’ve never had a problem with any programs or with networking. Are you sure there’s a specific block by default for ICMP host unreachable?
I am 2000% positive because by default there is no allow rule for it. In your case if there’s no other block rule then it doesn’t matter order your place the allow rules. Type 3 (icmp unreachable) has several codes and there is no rule to allow it. If the default rules did then some port scanning sites would indicate your computer is not “stealth” with an exclamation mark claiming you’re unsafe.