Managing firewall rules

Whenever data is transmitted over the Internet, certain protocols are used.

The general rules allow you to configure the protocols over which traffic is allowed. By default, general rules are not displayed when you open Firewall.

To edit the rules, follow these steps:

1. Open theBitdefender window.

2. Access the Protection panel.

3. Click the Firewall module.

4. In the Firewall window, select the Rules tab.

5. Check the Show general rules box in the left-lower corner of the window.

The default rules are displayed. To edit the priority of a rule, click the corresponding arrow in the Permission column and select Allow or Deny.

DNS over UDP / TCP

Allow or deny DNS over UDP and TCP.

By default, this type of connection is allowed.

Incoming ICMP / ICMPv6

Allow or deny ICMP / ICMPv6 messages.

ICMP messages are often used by hackers to carry out attacks against computer networks. By default, this type of connection is denied.

Sending E-mails

Allow or deny sending e-mails over SMTP.

By default, this type of connection is allowed.

Web Browsing HTTP

Allow or deny HTTP web browsing.

By default, this type of connection is allowed.

Firewall 128

Incoming Remote Desktop Connections

Allow or deny other computers' access over Remote Desktop Connections.

By default, this type of connection is allowed.

Windows Explorer traffic on HTTP / FTP

Allow or deny HTTP and FTP traffic from Windows Explorer.

By default, this type of connection is denied.

22.2.2. Application rules

To view and manage the firewall rules controlling applications' access to network resources and the Internet, follow these steps:

1. Open theBitdefender window.

2. Access the Protection panel.

3. Click the Firewall module.

4. In the Firewall window, select the Rules tab.

You can see the programs (processes) for which firewall rules have been created in the table. To see the rules created for a specific application, simply double-click it.

For each rule the following information is displayed:

●Name - the name of the process the rules applies to.

●Network Types - the process and the network adapter types the rule applies to. Rules are automatically created to filter network or Internet access through any adapter. By default, the rules apply to any network. You can manually create rules or edit existing rules to filter an application's network or Internet access through a specific adapter (for example, a wireless network adapter).

●Protocol - the IP protocol the rule applies to. By default, the rules apply to any protocol.

●Permission - whether the application is allowed or denied access to the network or Internet under the specified circumstances.

To manage the rules, use the buttons above the table:

●Add rule - opens a window where you can create a new rule.

Firewall 129

●Remove rule - deletes the selected rule.

●Reset rules - opens a window where you can choose to remove the current set of rules and restore the default ones.

Adding / editing application rules

To add or edit an application rule, click the Add rule button above the table or click a current rule. A new window will appear. Proceed as follows:

●Program Path. Click Browse and select the application the rule applies to.

●Local Address. Specify the local IP address and port the rule applies to.

If you have more than one network adapter, you can clear the Any check box and type a specific IP address.

●Remote Address. Specify the remote IP address and port the rule applies to. To filter traffic between your computer and a specific computer, clear the Any check box and type its IP address.

●IP version. Select from the menu the IP version (IPv4, IPv6 or any) the rule applies to.

●Direction. Select from the menu the traffic direction the rule applies to.

Description Direction

The rule applies only for the outgoing traffic.

Outbound

The rule applies only for the incoming traffic.

Inbound

The rule applies in both directions.

Both

Click the More options link for other actions:

●Protocol. Select from the menu the IP protocol the rule applies to.

●If you want the rule to apply to all protocols, select Any.

●If you want the rule to apply to TCP, select TCP.

●If you want the rule to apply to UDP, select UDP.

●If you want the rule to apply to a specific protocol, type the number assigned to the protocol you want to filter in the blank edit field.

Firewall 130

Note

IP protocol numbers are assigned by the Internet Assigned Numbers Authority (IANA). You can find the complete list of assigned IP protocol numbers athttp://www.iana.org/assignments/protocol-numbers.

●Events. Depending on the selected protocol, choose the network events the rule applies to. The following events may be taken into account:

Description Event

Preliminary exchange of standard messages used by connection-oriented protocols (such as TCP) to establish a Connect

connection. With connection-oriented protocols, data traffic between two computers occurs only after a connection is established.

Flow of data between two computers.

Traffic

State in which an application monitors the network awaiting to establish a connection or to receive information from a peer application.

Listen

●Network Type. Select the type of network the rule applies to. You can change the type by opening the Network Type drop-down menu and selecting one of the available types from the list.

Description Network Type

Disable the firewall for the respective adapter.

Trusted

Allow all traffic between your computer and computers in the local network.

Home/Office

All traffic is filtered.

Public

Completely block network and Internet traffic through the respective adapter.

Untrusted

●Permission. Select one of the available permissions:

Firewall 131

Description Permission

The specified application will be allowed network / Internet access under the specified circumstances.

Allow

The specified application will be denied network / Internet access under the specified circumstances.

Deny