Welcome
Welcome to vistafirewallcontrol

You are currently viewing our boards as a guest, which gives you limited access to view most discussions and access our other features. By joining our free community, you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content, and access many other special features. In addition, registered members also see less advertisements. Registration is fast, simple, and absolutely free, so please, join our community today!

VFC vs. Windows FW: which rules take precedence?

VFC vs. Windows FW: which rules take precedence?

Postby xor » Mon Jul 20, 2009 7:44 am

Hi,

could you shed some light on how VFC rules relate to Windows 7/Vista firewall rules:

1. If the Windows FW rule set allows a certain network packet to pass but VFC is configured to deny it, will the package get through or will it be dropped? What if it is the other way around: VFC is set to allow a network packet, Windows FW is set to drop it?

2. Also, you mentioned that VFC initially "grabs" the Windows FW configuration. What exactly does that mean? Does it copy the Windows FW rules? That does not seems to make sense if the Windows FW is running along with VFC anyway. What happens with more complicated Windows FW rules that can not be handled by VFC (like lower layer packets)? How are these imported into VFC?


Cheers,
XOR
xor
 
Posts: 4
Joined: Mon Jul 20, 2009 7:31 am

Re: VFC vs. Windows FW: which rules take precedence?

Postby VistaFirewallControl » Mon Jul 20, 2009 3:01 pm

1. If the Windows FW rule set allows a certain network packet to pass but VFC is configured to deny it, will the package get through or will it be dropped? What if it is the other way around: VFC is set to allow a network packet, Windows FW is set to drop it?


Block operation has higher priority. So any decision to block at any level/sublevel is final and immediate.
Permit operation has lower priority. As the result to permit a packet the packet must be allowed at all levels/sublevels.

http://msdn.microsoft.com/en-us/library/aa364008(VS.85).aspx

2. Also, you mentioned that VFC initially "grabs" the Windows FW configuration. What exactly does that mean? Does it copy the Windows FW rules? That does not seems to make sense if the Windows FW is running along with VFC anyway.


VFC does not grab initial settings form WindowsFirewall anymore. Now VFC starts from empty application list and detects applications on its own.
Previously VFC scanned WindowsFirewall for preconfigured application list only and created “enabling” placeholders just to reflect the initial WindowsFirewall state.
No rules were copied/imported from WindowsFirewall, only application names were used.
VistaFirewallControl
Site Admin
 
Posts: 1479
Joined: Fri Mar 27, 2009 11:25 am

Re: VFC vs. Windows FW: which rules take precedence?

Postby xor » Tue Jul 21, 2009 8:40 am

Thanks for the explanations!
xor
 
Posts: 4
Joined: Mon Jul 20, 2009 7:31 am


Return to Free vs. Plus -- VFC vs. Windows built-in firewall

Who is online

Users browsing this forum: No registered users and 0 guests

cron
suspicion-preferred