W
Wincek
Guest
Hi,
I've problem with advanced firewall configuration in Vista. I've created
batch file for configuration:
--reset firewall
netsh advfirewall set currentprofile state off
netsh advfirewall set currentprofile state on
--delete all rules
netsh advfirewall firewall delete rule name=all
--change firwall policy to block all inbound and block all outband
netsh advfirewall set allprofiles firewallpolicy
blockinboundalways,blockoutbound
--allow Ping
netsh advfirewall firewall add rule name="OUT_ALLOW__PING" profile=any
protocol=ICMPV4 dir=out action=allow
--allow DNS request
netsh advfirewall firewall add rule name="OUT_ALLOW__DNS" profile=any
protocol=UDP localport=any remoteport=53 dir=out action=allow
--and outgoing HTTP
netsh advfirewall firewall add rule name="OUT_ALLOW__TCP_HTTP" profile=any
protocol=TCP localip=any localport=any remoteip=any remoteport=80,443,8080
dir=out action=allow
.... in this configuration any application have permision to access to the
Internet, but if I change last rule to:
--and outgoing HTTP
netsh advfirewall firewall add rule name="OUT_ALLOW__TCP_HTTP" profile=any
protocol=TCP localip=any localport=any remoteip=any remoteport=80,443,8080
dir=out program="C:\Program Files\Internet Explorer\iexplore.exe"
action=allow
if I restrict to one program e.g. IEXPLORE or FIREFOX by add parametr
program="[path]" to declaration, these program's don't connect to the
Internet
Does anybody find solution for this problem??
[Sorry for my English its not very weel]
Please help
I've problem with advanced firewall configuration in Vista. I've created
batch file for configuration:
--reset firewall
netsh advfirewall set currentprofile state off
netsh advfirewall set currentprofile state on
--delete all rules
netsh advfirewall firewall delete rule name=all
--change firwall policy to block all inbound and block all outband
netsh advfirewall set allprofiles firewallpolicy
blockinboundalways,blockoutbound
--allow Ping
netsh advfirewall firewall add rule name="OUT_ALLOW__PING" profile=any
protocol=ICMPV4 dir=out action=allow
--allow DNS request
netsh advfirewall firewall add rule name="OUT_ALLOW__DNS" profile=any
protocol=UDP localport=any remoteport=53 dir=out action=allow
--and outgoing HTTP
netsh advfirewall firewall add rule name="OUT_ALLOW__TCP_HTTP" profile=any
protocol=TCP localip=any localport=any remoteip=any remoteport=80,443,8080
dir=out action=allow
.... in this configuration any application have permision to access to the
Internet, but if I change last rule to:
--and outgoing HTTP
netsh advfirewall firewall add rule name="OUT_ALLOW__TCP_HTTP" profile=any
protocol=TCP localip=any localport=any remoteip=any remoteport=80,443,8080
dir=out program="C:\Program Files\Internet Explorer\iexplore.exe"
action=allow
if I restrict to one program e.g. IEXPLORE or FIREFOX by add parametr
program="[path]" to declaration, these program's don't connect to the
Internet
Does anybody find solution for this problem??
[Sorry for my English its not very weel]
Please help
