1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Firewall rules?

Discussion in 'Support' started by vefatica, Jul 23, 2016.

  1. vefatica

    Joined:
    May 20, 2008
    Messages:
    7,939
    Likes Received:
    30
    Does TCC, TCMD, IDE, and UPDATER really need all the firewall rules ... need any at all? I've had all the v19 firewall rules disabled for many months, and everything works. All the JPSoft rules are inbound rules, and AFAIK know, inbound rules protect ports on which some app is listening, and (again AFAIK) none of the JP EXEs do any listening.
     
  2. rconn

    rconn Administrator
    Staff Member

    Joined:
    May 14, 2008
    Messages:
    9,855
    Likes Received:
    83
    The firewall rules are there because a lot of corporate systems block inbound & outbound traffic by default.
     
  3. vefatica

    Joined:
    May 20, 2008
    Messages:
    7,939
    Likes Received:
    30
    It doesn't make sense to me. Inbound firewall rules block UNSOLICITED inbound connections. The firewall doesn't even bother with incoming connections on ports with no listeners. Installing TCMD makes no outbound rules. Do you (anyone) have an example, even a hypothetical one, in which JPSoft firewall rules make a difference?
     
  4. rconn

    rconn Administrator
    Staff Member

    Joined:
    May 14, 2008
    Messages:
    9,855
    Likes Received:
    83
    There are a few TCC commands that take incoming connections.

    A few years ago, we didn't have any firewall rules, and we had many, many complaints from people that ftp / http / smtp / etc. didn't work. Since adding the rules, we've had only one complaint (yours) that you didn't need them.

    I'd rather have one person complaining they don't need something, than hundreds complaining that they do.
     
  5. vefatica

    Joined:
    May 20, 2008
    Messages:
    7,939
    Likes Received:
    30
    I just want to understand it. What takes incoming connections (besides active FTP, which doesn't work anyway)?
     
  6. Rod Savard

    Joined:
    May 26, 2008
    Messages:
    481
    Likes Received:
    3
    Agreed, the inbound rules should be completely unnecessary unless TCMD processes are listening for new, unsolicited connections.

    Even if the Windows firewall is configured to "block all" incoming connections, it does NOT apply to return traffic for a session initiated by a process on the machine. Windows has a stateful firewall.

    And if a corporation actually used Group Policies to lock down the firewall to not allow exceptions, it wouldn't matter anyway if the installer tried to add rules. They would not have any effect as the GPO would override them.


    On my system these custom rules only apply to the "Domain" profile, is that what others see?
     
  7. Rod Savard

    Joined:
    May 26, 2008
    Messages:
    481
    Likes Received:
    3
    And interesting, the rules aren't even enabled on my system. No green check boxes next to them.
     

Share This Page