Firewall rules?

May 20, 2008
12,169
133
Syracuse, NY, USA
Does TCC, TCMD, IDE, and UPDATER really need all the firewall rules ... need any at all? I've had all the v19 firewall rules disabled for many months, and everything works. All the JPSoft rules are inbound rules, and AFAIK know, inbound rules protect ports on which some app is listening, and (again AFAIK) none of the JP EXEs do any listening.
 
May 20, 2008
12,169
133
Syracuse, NY, USA
The firewall rules are there because a lot of corporate systems block inbound & outbound traffic by default.
It doesn't make sense to me. Inbound firewall rules block UNSOLICITED inbound connections. The firewall doesn't even bother with incoming connections on ports with no listeners. Installing TCMD makes no outbound rules. Do you (anyone) have an example, even a hypothetical one, in which JPSoft firewall rules make a difference?
 

rconn

Administrator
Staff member
May 14, 2008
12,556
167
There are a few TCC commands that take incoming connections.

A few years ago, we didn't have any firewall rules, and we had many, many complaints from people that ftp / http / smtp / etc. didn't work. Since adding the rules, we've had only one complaint (yours) that you didn't need them.

I'd rather have one person complaining they don't need something, than hundreds complaining that they do.
 
May 20, 2008
12,169
133
Syracuse, NY, USA
There are a few TCC commands that take incoming connections.

A few years ago, we didn't have any firewall rules, and we had many, many complaints from people that ftp / http / smtp / etc. didn't work. Since adding the rules, we've had only one complaint (yours) that you didn't need them.

I'd rather have one person complaining they don't need something, than hundreds complaining that they do.
I just want to understand it. What takes incoming connections (besides active FTP, which doesn't work anyway)?
 
May 26, 2008
550
6
Agreed, the inbound rules should be completely unnecessary unless TCMD processes are listening for new, unsolicited connections.

Even if the Windows firewall is configured to "block all" incoming connections, it does NOT apply to return traffic for a session initiated by a process on the machine. Windows has a stateful firewall.

And if a corporation actually used Group Policies to lock down the firewall to not allow exceptions, it wouldn't matter anyway if the installer tried to add rules. They would not have any effect as the GPO would override them.


On my system these custom rules only apply to the "Domain" profile, is that what others see?