Given what has been said above about how important a firewall is to computer security, the following description of how you can “plug holes” in this firewall may seem, to put it mildly, a little strange. In fact, there is nothing unusual about this, at least "behind the scenes", since in programs like Microsoft Office Outlook and iTunes are often configured with Windows Firewall to allow them access to the Internet.
All this is great, but why would the user himself need to do something like this? There are many reasons, but most of them boil down to simply the need to allow certain data to pass through the firewall. For example, if you need to perform some administrative operations on a computer on the network, the firewall on this computer must be configured so that it passes the Remote Assistance service, and if you want to activate the built-in Web server in Windows 7, then so that it allowed communication through port 80. The following are examples of exceptions that you can configure for the firewall, which are basically the three types of exceptions that Windows Firewall supports.
- Resolving an existing exception. Windows 7 comes with a list of programs and services that are often used as exceptions and that you can simply turn on and off at once.
- Adding a program as a new exception. If the desired program is not in the mentioned list, you can add it to this list yourself.
- Adding a port as a new exception. You can also specify a port as an exception, and then the firewall will allow data to be sent back and forth through this port.
Activating an existing exception
Windows Firewall offers a list of programs, services, and sometimes ports that are currently enabled as exceptions, or that are frequently enabled as such, but this computer so far it hasn't been done. He is simplest way to set up an exclusion, since it simply involves setting one or two checkboxes. The following are the steps required to set up exclusions.
- Click the Change Settings button. This will make the list of exceptions offered in the firewall available, as shown in the figure.
- Check the Home or work (private) column for the exceptions you want to enable.
- If you have connections to some public networks (like wireless access points) and you want the exclusion to work on these networks, check the box next to the required exclusion in the Public column.
- Click OK for the selected exclusions to take effect.
Adding a program as a new exception
If the desired programs or ports are not in the proposed list of exclusions, you can add them manually. The steps required for this are as follows.
- Click the Start button, type firewall in the search box, and then select Allow a program through Windows Firewall from the list of results. The Allowed Programs window appears.
- Click the Change Settings button. This will make the list of exceptions offered in the firewall available.
- Click the Allow another program button. The Add Program dialog box appears.
- If desired program is listed, click on it, and if not, click on the Browse button and find its executable file in the Browse dialog box, then select it and click on the Open button.
- Click the Add button. Windows Firewall will add the selected program to the list of exceptions.
- Check the box next to it in the Home or Work (Private) column.
- If you have connections to some public networks (like wireless access points) and you want the exclusion to work on these networks, check the box next to this program and in the Public column.
- Click the OK button for the exception to take effect.
Adding a Port as a New Exception
You cannot open a specific port on your computer using the Allowed Programs window. Instead, you must use the snap-in that comes with the MMC console called Windows Firewall in Firewall Mode. increased security". To download it, click on the Start button, enter wf .msc in the search field, press the key
On home page This snap-in provides an overview of the current firewall settings, as well as several links for configuring and obtaining background information about the equipment itself. This snap-in configures the firewall by setting policies and storing them in sin profiles. If the computer is connected to a network domain, the domain profile is used; when a computer is connected to a private network, the private profile is applied, and when the computer is connected to a public network, the public profile is applied. To change the settings for these profiles, click the Windows Firewall Properties link and then modify the required settings on the Domain Profile, Private Profile, and Public Profile tabs (although the default settings are generally suitable in most cases). The panel on the right contains the following four important subsections.
- Rules for incoming connections. This section displays a list of all defined inbound rules. In most cases, these rules are inactive. To enable a rule, click on it. right click mouse and select context menu the Enable rule command (or select it and click the Enable rule link in the Actions panel). You can also create your own rule (as we will see shortly) by right-clicking the Inbound Rules section and selecting New Rule from the context menu (or by clicking the Create Rule link in the Actions pane). This will launch the New Inbound Rule Wizard for the new inbound connection.
- Rules for outgoing connection. This section displays a list of all defined outbound rules. As in the case of incoming connections, here you can either include an existing rule or create your own. It is important to note that in this section any rule can also be configured. To do this, double-click on it to display its property sheet and specify which program should be affected by it, allow or deny connections, configure computer and user authorization, change ports and protocols, and specify types of interfaces and services.
- Connection security rules. This section is for creating and managing authentication rules that are responsible for the restrictions and requirements that should apply to connections to remote computers. Right-clicking this section and selecting New Rule from the context menu (or clicking the New Rule link in the Actions pane) launches the New Secure Connection Rule Wizard tool.
- Observation. This section displays active firewall settings. For example, the Firewall subsection displays active rules for incoming and outgoing connections, and the Connection Security Rules subsection displays active authentication rules.
Following are the steps to add a port as a new exception in Windows Firewall with Advanced Security.
- Click the Inbound Rules section.
- Click the Create Rule link in the Actions pane to launch the New Inbound Rule Wizard.
- Select Switch For Port and click the Next button. The Protocol and Ports dialog box appears.
- Specify the data protocol to which this rule should apply by selecting either the TCP protocol radio button or the UDP protocol radio button. (If you're unsure, TCP is the better choice.)
- Select the Defined local ports radio button and in the text box opposite it, enter the port that you want to configure as an exception.
- Click the Next button. The Action dialog box appears.
- Select the Allow the connection radio button, and then click the Next button. The Profile dialog box will appear.
- Check the box next to each of the profiles that should be affected this rule(i.e. next to Domain, Private, and Public) and click the Next button. The Name dialog box appears.
- Enter the desired name for the exclusion in the Name text box. This is the name that will be displayed on the Exceptions tab, so it's best to be as descriptive as possible (for example, Port 80 for a web server).
- Click the Done button for the exception to take effect.
(2
votes, average: 4,50
out of 5)
Windows Firewall allows you to configure firewall exceptions depending on the program. This is the difference from Windows Vista, where the firewall allowed you to configure exceptions based on the port address.
You can still create rules based on the port address using WFAS. You can also allow specific Windows 7 components, such as Windows Virtual PC, to work through the firewall. The rules for a component are available when it is activated using the Programs And Features item, which is located in the control panel.
Firewall Exceptions
To add a rule for a feature or program, click the Allow A Program Or Feature Through Windows Firewall command in the Windows Firewall section of Control Panel. The dialog box displays a list of installed this moment components and programs for which rules have been created, as well as profiles in which the rules related to these programs and components are activated.
To change the settings on this page, you must click the Change Settings button. Only users who are members of the local Administrators group or users who have been delegated the appropriate authority can change Windows Firewall settings.
If the program you want to create the rule for does not exist, click the Allow Another Program button. The Add A Program dialog box opens. If the program you want to create a rule for is not listed, click the Browse button to add it. Use the Network Location Types button to specify the network profiles in which the rule should be active.
It is advisable to additionally protect your computer from attacks by using Windows Firewall. This built-in operating system A firewall protects by restricting the types of information transmitted. By enforcing the appropriate restrictions, you can reduce the chances of unauthorized persons infiltrating the system.
Windows Firewall is a piece of software or hardware that inspects data incoming over the Internet or a network and, depending on the firewall settings, blocks or allows it to pass to your computer.
Windows Firewall can help prevent hackers or malware from infiltrating software(such as worms) to your computer through a network or the Internet. The firewall also helps prevent sending malware to other computers.
With the help of a firewall, you can block incoming connections and thereby completely protect yourself from all kinds of attacks. You can also deny access to a single program or a whole class of programs. So, by blocking the 80th port, you will block the work of essentially any browser, since this port is used by browsers to receive web pages.
In most cases, the firewall settings should suit all users. And you don't have to set it up either. Except at startup new program specify in which networks it is allowed to work, and in which it is not. The screenshot below shows that µTorrent (torrent client) is running for the first time and the firewall is asking what to do with it.
By default, it is assumed that you want to allow the program to run only on private networks, such as your home or work network. And in public networks, for example, in a free Wi-Fi zone in some public place, the program will not be able to access the Internet. You need to allow the program to work in public networks, otherwise your programs will not work in public networks, for example (in a library or cafe).
Sometimes you can automatically click a button Allow forgot to check the box Public networks. In this case, you will have to configure firewall rules in order for the program to work properly.
In order to access the Windows Firewall settings, press the keyboard shortcut + R, in the dialog box that appears Run enter firewall.cpl and press key Enter↵
A window will open Windows Firewall which shows that the computer is currently only connected to a private network.
To configure settings Windows Firewall, in the left part of the window, click Turn Windows Firewall on or off
A window will open Customize settings, in which you can choose for which networks it will be enabled and for which it will be disabled. By default, the firewall is enabled for both private and public networks.
Don't disable your firewall! This can only be done before installing another vendor's firewall so that there is no conflict between two programs of the same class.
In order to access additional settings Windows Firewall, select command Extra options on the panel on the left.
A window will open in which you will see additional parameters - a summary of them.
The most important thing in additional options firewall is rules. Rules can be created for both incoming and outgoing connections. By default, all incoming connections that do not match the rules that allow these connections are denied. But with outgoing connections, the situation is different - they are allowed if no deny rules are created for them.
Go to section Rules for incoming connections. In it you will find all the rules - both general for incoming connections, and rules for separately created programs.
Double click on any of the rules. The screenshot below shows the rule for µTorrent. You can disable µTorrent by selecting Block connection
Create a new rule
Consider a small example - creating a new rule. Let's say we need to block access to the Web. That is, so that no browser can display a web page, but mail, Skype and other Internet programs work. This can be achieved in only one way - by blocking the 80th port (more precisely, outgoing connection to the 80th port).
In the window Windows Firewall with Advanced Security Choose a section Rules for outgoing connection
In the next window on the right side of the panel Actions select a team Create Rule
In the opened window New Outbound Rule Wizard you need to select the rule type. If we wanted to ban a specific program, such as Chrome, we would choose the For program rule. And since you need to disable all browsers, you should create a rule for the port, select the type of rule For port and press the button Further
In the next window, you need to select an action, in our case Block connection, press the button Further
Then you need to determine for which profiles the rule should work. All three profiles must be selected, otherwise the rule will work in some networks and not in others.
In the next window, enter a name for the rule and its description (optional), and click the button Ready
The created rule is shown in the screenshot below.
Now let's test the rule in action. Open any browser and try to access any site. You will see an error message.
Return to the advanced options window.
Double-click on the rule we created and in the window that opens Properties: block http check the box Allow connection and press the button OK
Now refresh the page in the browser - it will open.
■ To make it easier for you to write various kinds of rules, the table below lists some of the standard TCP/UDP ports.
Standard TCP/UDP ports
| Port number, protocol | What is used for |
|---|---|
| 20 TCP | FTP (File Transfer Protocol), data |
| 21, TCP | FTP (File Transfer Protocol) Commands |
| 22 TCP | SSH (Secure Shell) |
| 23, TCP(Modify) | telnet |
| 25, TCP/UDP | SMTP (Simple Mail Transfer Protocol), sending mail |
| 37, TCP/UDP | Time Synchronization Protocol |
| 53, TCP/UDP | DNS (Domain Name System), domain name system |
| 80, TCP/UDP | HTTP (Hyper Text Transfer Protocol) |
| 109, 110, TCP/UDP | POP2 and POP3 protocols are used to receive mail |
| 143, TCP/UDP | Receiving and managing mail, IMAP protocol |
| 220, TCP/UDP | IMAP (Interactive Mail Access Protocol), version 3 |
| 443, TCP | Secure HTTP (HTTPS) |
| 465,TCP/UDP | Secure SMTP |
| 989, 990, TCP/UDP | Secure FTP |
| 992, TCP/UDP | Secure Telnet (over SSL/TLS) |
| 1194, TCP/UDP | openvpn |
| 1234, TCP/UDP | VLC media player, streaming video, IPTV |
| 1214, TCP | Kazaa (file sharing network client) |
| 5190 TCP | ICQ and AOL Instant Messenger |
| 6881-6887 TCP/UDP | Torrent client ports |
| 6889-6890 TCP/UDP | Another set of ports for Torrent clients |
In fact, there are many more ports than presented in the table. Some of them are appointed officially, some - unofficially. With the official ones, everything is clear - they can only be used for clearly defined actions. Not so easy with informal ones. Today they can be used by one program, tomorrow by another.
Adding the selected application to the Windows Firewall exception list is a standard procedure on computers running Windows. Performing this operation implies that you have administrator access to system resources.
Instruction
To perform the procedure for adding the selected program to the Windows firewall exclusion list in the XP version, call the main system menu by clicking the "Start" button and go to the "Settings" item. Expand the "Control Panel" link and go to the "Windows Firewall" tab. Select the "Exceptions" tab of the dialog box that opens and click the "Add Program" button.
Highlight desired application in the list (when the program is displayed) and confirm the selected action by pressing the OK button. Use the "Browse" button if the required application is not in the list and specify the path to the executable file of the selected program. Use the "Open" command and save the changes made by clicking the OK button (for Windows XP).
Call the OS main menu Windows versions 7, by clicking the "Start" button, and go to the "Control Panel" item. Expand the System and Security link and expand the Windows Firewall node. Select the section "Allow programs to run through Windows Firewall" and open the link "Allow another program ..." Select the desired application in the directory or use the "Browse" button to specify the path to the executable file of the selected program. Save your changes by clicking OK (for Windows 7).
An alternative method to follow the same procedure is to use the netsh command with the firewall context to change the Windows Firewall settings. Please note that in some cases the "General" tab may be inactive. This means that changes to firewall settings are not allowed. group policy or there are not enough user rights to perform such an operation. It should also be remembered that the firewall program in Windows Server 2003 is not enabled by default.
A system utility that was created by Microsoft to protect personal computer from malicious network programs or unwanted traffic from the Internet, which could somehow damage the installed operating system.
However, as time has shown, given function or a utility that does not work quite the way users expected. For example, when installing some network program, it refuses to work, and sometimes it doesn’t even start, and all this is thanks to the firewall. Tunngle is the last thing I tried to set up recently. Namely, after installation, the program did not want to work in any way for the reason that it was not found network adapter, rummaging through the forum of this application, I was recommended Add the program to the Windows Firewall exception list. You will not believe, but as soon as I did it, everything worked.
The same sometimes occurs with various online games when the firewall simply does not allow to connect to the server, thereby frustrating the user. Usually it is the same with games, it is enough to add the executable file to the Windows firewall exceptions and everything starts to work like clockwork.
Of course, you can just disable the firewall completely, but what if you can't do it for some reason? It is for such cases that there is a list of exceptions. Therefore, let's take a closer look at how to add programs to windows firewall exceptions on all new systems and on Windows XP.
Adding to the firewall exception list on Windows 10 (7, 8)
So, regardless of which system you use, the initial action, of course, will be to enter the control panel.
If you are using Windows 10, you can do it this way: right-click on the " Start” and in the menu that appears, select the item “ Control Panel».
Now, focusing on the left sidebar, go to the options " Allowing Applications to Interact with Firewall...».
We will be transferred to the next, main step, where you need to click first " Change settings", and then " Allow another app».
Using the button " Review”, we find the launch file of the program that we want to put in the Windows firewall exceptions.
After selecting the application, press " Add».
Next, in the list of allowed programs and components, opposite the added file, check the boxes for " Private" And " public network ". And of course, to complete, do not forget to click again " OK».
Adding an Application to a Firewall Exception on Windows XP
So, through the start, go to the control panel, and there in "".
By opening the bookmark Exceptions» by clicking on the button « Add program».
As always, to save the settings, click on all windows " OK».
I repeat, just in case, once again, that the first option is suitable for all new systems from seven to ten. Perhaps in some places will change the name of some parameters, but there is nothing to worry about, since they still remain in the same places. Well, for everything else, you have a comment form in which you can leave a question that concerns you and get an answer to it in the future.
How to add a program to the firewall exception list in Windows 10
Loading...