World of Warcraft patcher?

I’m getting tons of these:

Date/Time :2006-11-20 22:57:56
Severity :Medium
Reporter :Network Monitor
Description: Inbound Policy Violation (Access Denied, IP = 192.168.0.4, Port = 3724)
Protocol: TCP Incoming
Source: 24.65.96.9:63677
Destination: 192.168.0.4:3724
TCP Flags: SYN
Reason: Network Control Rule ID = 6

I have the port forwarded from my router, and have defined the following rule:

Allow Protocol = TCP/UDP In/Out where SourceIP=Any, Dest=Any, SourcePort=Any, DestPort=3724.

Still get the blocks. I’ve also tried switching to SourcePort=3724, DestPort=Any (thinking I maybe misunderstood something in the setup) and still get the same error.

The rule it is choking on it rule 6 – the default Block & Log IP In/Out where IPPROTO IS ANY.

Any ideas?

Make sure yo have moved your newly created custom rule ABOVE the rule that is blocking it. CPF reads and interprets the rules from rule ZERO downwards. If your rule was after the BLOCK ALL rule, it would never get triggered. There are UP and DOWN arrows at the top of the Network Monitor window. Click once on your custom rule and then click the UP arrow to move it up a slot.

Can you please post back here and let everyone know if this fixes your problem.

Cheers,
Ewen :slight_smile:

I would like to add to Panic’s response.
Have you restarted the firewall after you have set the network rule?
Try to even reboot the PC if necessary.
Sometimes it just wont work if you don’t reboot…
To be sure, also move your rule to the top of the list.
You could set the rule like this since you seem to have a internal IP and probably have a trusted zone.
You do have a trusted zone, don’t you?
There is a default TCP or UDP Out/any/any/any, so just set IN on your rule.
Allow Protocol = TCP, In where SourceIP=Any, Dest.IP=zone, SourcePort=Any, DestPort=3724.

No, I didn’t have a trusted zone until just now. I assume the trusted zone rules go at the top of the rules list as not to invalidate all the other rules?

They go to the top of the list by them self, and the rules are read from the top to the bottom as usual. The last rule at the bottom should be the default block rule. That means that if there is no rule that allow a connection, starting at the top and going down, it should be stopped at the last block rule.