XP SP2 firewall scope and custom list

[Guest]

I am puzzled by a strange behavior when trying to add a port and specifiy a
custom list.

I opened port UDP 2967 on an XP SP2 machine, but I wanted to restrict
traffic to only one machine in my LAN (the console hosting the program
requiring port 2967). So, I changed the scope to "Custom List" and type the
IP/subnet mask of this console, for example 192.168.1.10/255.255.255.0.

After closing all windows and waiting a few seconds, I verified the settings
and the cutom list was changed to 192.168.1.0/255.255.255.0!

Also, several Programs and services were added (automatically?) to the
default list: most notably FTP, Windows Messenger and Internet Explorer.

Thanks for your comments

 

[Stephen Cartwright [MSFT]]

For the host address you can omit the mask as the system will add the mask
for you, it will be 255.255.255.255.
You can also add it yourself of course.
The mask data you entered is for the subnet so the address is changed to
reflect that hence the 10 being changed to a 0.

Do you have the notifications box unchecked under the exceptions tab?
If checked then on the first instance of the programs requiring to listen on
the network you would get a dialogue window informing you of this and for
directions from you whether to allow, block or inform later. If you click
allow then the programs will be added to the exceptions list and you wont be
asked about them again [providing they remain on the exceptions list].

There is a better group to post firewall issues on
microsoft.public.windows.networking.firewall

Hope this helps