Firewall rules?

vefatica · Jul 23, 2016

Does TCC, TCMD, IDE, and UPDATER really need all the firewall rules ... need any at all? I've had all the v19 firewall rules disabled for many months, and everything works. All the JPSoft rules are inbound rules, and AFAIK know, inbound rules protect ports on which some app is listening, and (again AFAIK) none of the JP EXEs do any listening.

rconn · Jul 23, 2016

The firewall rules are there because a lot of corporate systems block inbound & outbound traffic by default.

vefatica · Jul 23, 2016

rconn said:
The firewall rules are there because a lot of corporate systems block inbound & outbound traffic by default.

It doesn't make sense to me. Inbound firewall rules block UNSOLICITED inbound connections. The firewall doesn't even bother with incoming connections on ports with no listeners. Installing TCMD makes no outbound rules. Do you (anyone) have an example, even a hypothetical one, in which JPSoft firewall rules make a difference?

rconn · Jul 23, 2016

There are a few TCC commands that take incoming connections.

A few years ago, we didn't have any firewall rules, and we had many, many complaints from people that ftp / http / smtp / etc. didn't work. Since adding the rules, we've had only one complaint (yours) that you didn't need them.

I'd rather have one person complaining they don't need something, than hundreds complaining that they do.

vefatica · Jul 23, 2016

rconn said:
There are a few TCC commands that take incoming connections.

A few years ago, we didn't have any firewall rules, and we had many, many complaints from people that ftp / http / smtp / etc. didn't work. Since adding the rules, we've had only one complaint (yours) that you didn't need them.

I'd rather have one person complaining they don't need something, than hundreds complaining that they do.

I just want to understand it. What takes incoming connections (besides active FTP, which doesn't work anyway)?

drwtsn32 · Jul 25, 2016

Agreed, the inbound rules should be completely unnecessary unless TCMD processes are listening for new, unsolicited connections.

Even if the Windows firewall is configured to "block all" incoming connections, it does NOT apply to return traffic for a session initiated by a process on the machine. Windows has a stateful firewall.

And if a corporation actually used Group Policies to lock down the firewall to not allow exceptions, it wouldn't matter anyway if the installer tried to add rules. They would not have any effect as the GPO would override them.

On my system these custom rules only apply to the "Domain" profile, is that what others see?

drwtsn32 · Jul 25, 2016

And interesting, the rules aren't even enabled on my system. No green check boxes next to them.

Search

Search

Firewall rules?

vefatica

rconn

Administrator

vefatica

rconn

Administrator

vefatica

drwtsn32

drwtsn32

Similar threads