A
Arne Helldahl
Hello,
I currently experience some oddity with Windows Firewall in Windows XP.
My scenario:
- I use a router to connect to the internet via ADSL (the router, of
course, brings its own firewall which is enabled)
- I also have "Windows Firewall" set to "enabled" (globally)
- BUT:
In the Windows Firewall tab where you can selectively disable/enable the
Windows Firewall for individual connections/network adapters I have the
Windows Firewall DISABLED (unchecked!) for a specific connection (my LAN
connection). Since I am behind my router, there is already the router
firewall and no real need for the Windows Firewall.
(I have the Windows Firewall ENABLED for direct PPP connections which do
not use the router but just a normal modem)
Okay, hope, this is all clear and easy to understand (When I dial in via
a PPP connection, the Windows Firewall should be enabled, when I (like
most of the time) use the LAN connection and the router to connect to
the internet, the Windows Firewall should be disabled <- no check mark
for the LAN connection, just the global check mark on the first page of
the firewall settings enabling the Firewall globally).
What I do not understand, is:
Occasionally, I get Windows Firewall alert pop-ups telling me "windows
firewall has blocked some features of this program" and asking me if I
would like to block them, allow them or to be asked later again.
Why is this happening!?
Please, remember:
My LAN connection has no checkmark (is unchecked), which means that the
Windows Firewall should be disabled for this one specific connection!
By contrast, there are other times where the Windows Firewall respects
my setting (the missing checkmark for the LAN adapter):
When I have an ssh server running on my computer and also have a router
setting to grant access to port 22 on my computer I can connect to my
home PC without a Windows Firewall alert popping up! - If the Firewall
were not disabled for the LAN connection, I would, in fact, be unable to
connect to port 22 or I would need a rule to allow access to port 22.
So, there is no doubt that my setting is all right, I have the Windows
Firewall globally enabled BUT disabled for the LAN adapter.
Can anybody explain why the Firewall still _sometimes_ (for some
programs, not for sshd) thinks it has anything to allow/forbid even if I
have unchecked the specific adapter which I currently use (LAN adapter)?
And how could I find out WHAT features the Windows Firewall is going to
block (I have logging turned on but do not find anything of interest in
the log file).
By the way, one such program that triggers such an alert (unless there
is a specific firewall rule) is "qtracker" (a game server browser).
Every time I launch the program I get that alert pop-up though the LAN
adapter has no checkmark to enable Firewall settings for this specific
adapter.
Sorry for the lengthy explanation, hopefully, someone can help me here
Arne
I currently experience some oddity with Windows Firewall in Windows XP.
My scenario:
- I use a router to connect to the internet via ADSL (the router, of
course, brings its own firewall which is enabled)
- I also have "Windows Firewall" set to "enabled" (globally)
- BUT:
In the Windows Firewall tab where you can selectively disable/enable the
Windows Firewall for individual connections/network adapters I have the
Windows Firewall DISABLED (unchecked!) for a specific connection (my LAN
connection). Since I am behind my router, there is already the router
firewall and no real need for the Windows Firewall.
(I have the Windows Firewall ENABLED for direct PPP connections which do
not use the router but just a normal modem)
Okay, hope, this is all clear and easy to understand (When I dial in via
a PPP connection, the Windows Firewall should be enabled, when I (like
most of the time) use the LAN connection and the router to connect to
the internet, the Windows Firewall should be disabled <- no check mark
for the LAN connection, just the global check mark on the first page of
the firewall settings enabling the Firewall globally).
What I do not understand, is:
Occasionally, I get Windows Firewall alert pop-ups telling me "windows
firewall has blocked some features of this program" and asking me if I
would like to block them, allow them or to be asked later again.
Why is this happening!?
Please, remember:
My LAN connection has no checkmark (is unchecked), which means that the
Windows Firewall should be disabled for this one specific connection!
By contrast, there are other times where the Windows Firewall respects
my setting (the missing checkmark for the LAN adapter):
When I have an ssh server running on my computer and also have a router
setting to grant access to port 22 on my computer I can connect to my
home PC without a Windows Firewall alert popping up! - If the Firewall
were not disabled for the LAN connection, I would, in fact, be unable to
connect to port 22 or I would need a rule to allow access to port 22.
So, there is no doubt that my setting is all right, I have the Windows
Firewall globally enabled BUT disabled for the LAN adapter.
Can anybody explain why the Firewall still _sometimes_ (for some
programs, not for sshd) thinks it has anything to allow/forbid even if I
have unchecked the specific adapter which I currently use (LAN adapter)?
And how could I find out WHAT features the Windows Firewall is going to
block (I have logging turned on but do not find anything of interest in
the log file).
By the way, one such program that triggers such an alert (unless there
is a specific firewall rule) is "qtracker" (a game server browser).
Every time I launch the program I get that alert pop-up though the LAN
adapter has no checkmark to enable Firewall settings for this specific
adapter.
Sorry for the lengthy explanation, hopefully, someone can help me here
Arne