Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Thursday, May 21, 2020 9:34 AM
I have created firewall and included few range of ports/programs but those are not getting blocked.
The port is still listening after running netstat -a command and able to launch the application.
Please help me with the blocking of the ports or complete application
All replies (6)
Thursday, May 21, 2020 7:21 PM
The port is still listening after running netstat -a command and able to launch the application.
Firewall rules will not prevent a process from listening on a port. It will still show up in netstat. Launch the application from where? A remote machine? The same machine where the listening process is running?
Please help me with the blocking of the ports or complete application
Start by reviewing this link for instructions. https://www.howtogeek.com/112564/how-to-create-advanced-firewall-rules-in-the-windows-firewall/
We can't help you if don't provide any details of the rule that you created. Screen snapshots would be a good start. Explain what you defined and why.
My favorite question is "what's the real problem?". IE, why do you think that a firewall rule is the solution to whatever problem that you face? Explain the problem.
Friday, May 22, 2020 7:40 AM
Firewall rules will not prevent a process from listening on a port. It will still show up in netstat. Launch the application from where? A remote machine? The same machine where the listening process is running?
I have launched the application from remote machine.
We can't help you if don't provide any details of the rule that you created. Screen snapshots would be a good start. Explain what you defined and why.
Below is the rule details:(I am not able to update the screenshot)
PS C:\Users\Administrator> Get-NetFirewallRule -DisplayName 'CMC'
Name : {7180EE4E-2A6F-4335-A14A-33AF4D16BC1F}
DisplayName : CMC
Description :
DisplayGroup :
Group :
Enabled : True
Profile : Any
Platform : {}
Direction : Inbound
Action : Block
EdgeTraversalPolicy : Block
LooseSourceMapping : False
LocalOnlyMapping : False
Owner :
PrimaryStatus : OK
Status : The rule was parsed successfully from the store. (65536)
EnforcementStatus : NotApplicable
PolicyStoreSource : PersistentStore
PolicyStoreSourceType : Local
My favorite question is "what's the real problem?". IE, why do you think that a firewall rule is the solution to whatever problem that you face? Explain the problem.
I have the below requirements for my company and I need to setup the firewall.
Need to set the Firewall at Windows system level
I have turned on firewall.
Need open the required ports and its dependencies for all functionality to work after enabling the firewall
For this I am trying to block all the ports and trying to test whether the dependencies functionalities are working or not. Let me know how to block incoming and outgoing connections for that by using Firewall.
Wanted to know the overall impact of blocking the firewall.
Friday, May 22, 2020 3:23 PM
I added ports 8080 and 8081 to my IIS bindings on Win10 Home laptop. On another machine I was not able to connect to those ports. So if you are able to connect then there must be an existing rule that allows the connection. I would expect that the install process for this application would add that rule. Do you see any rules for the app like these for Firefox?
I defined a rule that blocks port 8080. Using these Powershell commands I could see what rule used it. Try this with your app's port.
Get-NetFirewallPortFilter | Where-Object -Property Localport -eq 8080 | Get-NetFirewallRule
PS C:\WINDOWS\system32> Get-NetFirewallPortFilter | Where-Object -Property Localport -eq 8080 | Get-NetFirewallRule
Name : {CE25FD75-B0F2-40E6-A4D4-EF220F882A50}
DisplayName : Block8080
Description :
DisplayGroup :
Group :
Enabled : True
Profile : Any
Platform : {}
Direction : Inbound
Action : Block
EdgeTraversalPolicy : Block
LooseSourceMapping : False
LocalOnlyMapping : False
Owner :
PrimaryStatus : OK
Status : The rule was parsed successfully from the store. (65536)
EnforcementStatus : NotApplicable
PolicyStoreSource : PersistentStore
PolicyStoreSourceType : Local
To get more information about my Block8080 rule, I ran these PS commands.
cls
Get-NetFirewallRule -DisplayName Block8080
"Port Filter___________________________________"
Get-NetFirewallRule -DisplayName Block8080 | Get-NetFirewallPortFilter
"Address Filter________________________________"
Get-NetFirewallRule -DisplayName Block8080 | Get-NetFirewallAddressFilter
"Application Filter____________________________"
Get-NetFirewallRule -DisplayName Block8080 | Get-NetFirewallApplicationFilter
Monday, May 25, 2020 2:46 AM
Hi,
Just want to confirm the current situations.
Please feel free to let us know if you need further assistance.
Best Regards,
Candy
Please remember to mark the replies as an answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected]
Tuesday, May 26, 2020 2:11 PM
Thanks for the update.
I have tried and it worked, but got some same problem.
First I have created the inbound rule to allow the connection only for RDP 3389 port, later I have created another inbound rule for blocking the connections for all ports. But the previous rule was not applied "The RDP port also included in the blocking rule". Please suggest how to avoid over ride here.
Tuesday, May 26, 2020 5:14 PM
Block rules have priority over allow rules. So if you have a rule that allows 3389 and another rule that blocks all ports, then all ports will be blocked. The rule that blocks all ports must use a range that does not include 3389.
