Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Monday, February 11, 2019 12:43 PM
Hi
What is DNS Server Forward Rule in Win10 firewall? I had about 20-30 rules. Deleted them all and booted my pc. 2 new turned up automatically.
All replies (10)
Monday, February 11, 2019 4:01 PM
Hi,
Thanks for posting in Microsoft TechNet Forum.
Windows itself creates many firewall rules. Generally you delete those and create your own. It may depends on your progams including those from Windows Store. Create a backup of Windows Firewall rules and delete those rules which you don’t want. If you see any issue just reset all rules from backup.
Best regards,
Hurry
Please remember to mark the reply as an answer if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected]
Wednesday, February 13, 2019 11:54 AM
Hi,
How things are going there on this issue?
Please let me know if you would like further assistance.
Best regards,
Hurry
Please remember to mark the reply as an answer if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected]
Wednesday, February 13, 2019 12:41 PM
Well I still dont understand why several inbound DNS Server Forward rules are created automatically.
All I can see is that it is both udp and tcp and port 53 from ANY
Here is an example:
DNS Server Forward Rule - TCP - 41185906-FD41-408D-920B-51F091ABFECD - 0
What does the numbers tell me? And is it possible to track or stop this behaviour? Or is it a must have feature of win10?
Wednesday, February 13, 2019 4:36 PM
Hi,
Thank you for your feedback.
That's how it's formatted: DNS Server Forward Rule - TCP/UDP- (long string of numbers and letters), they all point to port 53. Would you like to track or stop which behaviour?
Best regards,
Hurry
Please remember to mark the reply as an answer if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected]
Friday, February 15, 2019 1:06 PM
Hi,
Is there anything else I can do to help you on this issue?
Please feel free to contact me if you have any questions.
Best regards,
Hurry
Please remember to mark the reply as an answer if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected]
Saturday, March 23, 2019 6:00 AM | 1 vote
I would like a more detailed explanation about what programs are creating these firewall rules. How can I track them down to decide if I want to delete the rules? I have about 20 each of tcp and upd ports that allow any connection through port 53, and all described as "DNS Server Forward Rule - TCP - ########-####-####-####-############ - #" with hex numbers that don't give any detail about what they are for. The option to just back them up and delete them to see what happens is not an acceptable methodology unless my system has been hacked - which is a concern for sure. Please advise with some references to details. And as always, Thank you in advance for your time!
~gw
Monday, May 13, 2019 6:36 AM
I also have these. I delete them and they reappear. I certainly have no clue what program is creating these. And the feedback from Microsoft in here is without technical dept.
I would certainly design some cryptical inbound rules if I were a cracker.
Friday, June 21, 2019 2:15 PM
Well I still dont understand why several inbound DNS Server Forward rules are created automatically.
All I can see is that it is both udp and tcp and port 53 from ANY
Here is an example:
DNS Server Forward Rule - TCP - 41185906-FD41-408D-920B-51F091ABFECD - 0
What does the numbers tell me? And is it possible to track or stop this behaviour? Or is it a must have feature of win10?
I have exactly the same behaviour on Windows 10 1903, but it could also be related to build 1809. If someone finally get information about this please post-it. This behaviour is very strange and useless since the rules are all for the same settings except the name of the rules….
Only Strong must survive
Tuesday, January 28, 2020 4:42 PM
Could it be related to Hyper-V? I have the same issue, and I'm running Hyper-V guests.
Friday, February 21, 2020 5:05 PM
It must to be related to Hyper-V.
I have just checked two Windows 10 (1809) hosts with Hyper-V feature installed, and both have tons of those rules :(.
And You get a new couple of rules (TCP + UDP) on each host restart.
I guess it is related to the fact that on each restart the Hyper-V "default switch" is deleted and then re-created.
Take a look at EventLog in:
eventvwr.msc > Application and Services Logs > Microsoft > Windows > Hyper-V-VmSwitch > Operational
You will definitely find events with that numerical ID from a Firewall rule name. As well as tons of records about deletion and creation of 'default switch'.