Printable View
I have been running windows 7 on my system and I have found that when I am turning the firewall off and when I telnet into my computer then the port stays open, but when I turn it on and then try to open the port by making an inbound rule and after that when I telnet, then the ports remain closed, so here I just wanted to know that if it is possible to get windows firewall to open one port and not all of them? Is there anyone who has got some idea about this and can help me with the same?
As far as I am aware when we turn on the firewall and after that when we make an exception for the port than it works but then I just wanted to know that how have you have connected your computer remotely, I mean that have you used any kind of exception or some third party software for the same.
Even I think that it should work, anyways if it is not working for you then I think that you should better try out the network monitor isoftware n order to trace out the network, just try it out and then see if it is helping or not, you can get the network monitor from the below link:
I have tried using the Comodo Firewall and it also lets me go through when I try to telnet the port but then I don’t know why the Firewall is blocking the port, I don’t know what is the reason behind the same, I also wanted to add that in my case I am using RDP in order to connect to the local network and then telneting in to my computer, you can just check out the Firewall setup that I am using, just see if you are able to find out what is wrong:
http://i41.tinypic.com/n21ziv.png
If this is your inbound Rule then I dint think that there is anything wrong with it, I will also suggest you to check out if there is any existing block for the communication in the firewall,I am saying so because if there are more than one block and have the allow rule then the Block rule gets precedence and not the allow rule, just use the below commands in order to trace the firewall filter and find out that which firewall filter is actually dropping the packets, these command will help you to find out the events in security log, just check them out:
- auditpol /set /subcategory:"Filtering Platform Connection" /success:enable /failure:enable
- once you are done with your experiments, you can turn off the tracing using below command:
- auditpol /set /subcategory:"Filtering Platform Connection" /success: disable /failure: disable
I wanted to share that there is no inbound block rule for port 1234 in my case and the command that you have mentioned above did not helped me to find out anything rather I got some errors from which one said "A required privilege is not held by the client." And I don’t know what this means, it appears as if the firewall has been broken in my system, do you have an idea about this error?? Any further help for the same will be appreciated.
I think that you should try out enabling the Firewall logging so just make sure that you are having the admin rights and then follow the below steps:
- Just click on the Windows Firewall Properties after that for the Domain, Private, Public types proceed with the below steps
- First click on the tab that will be corresponding to the network location type and after that just click on the Customize which will be under the Logging
- “%windir%\system32\logfiles\firewall\pfirewall.log” is the default path for the log, if you are willing to change it then you can just clear the not configured check box and after that just enter the location or browse the same
- After that just select the file size and then to login set the below options:
- Change Log dropped packets to Yes in order to make a log entry when the Firewall drops an incoming packet
- Change Log successful connections to Yes in order to make a log entry when the Firewall allows an inbound connection
After that just click on ok and then you are done.
I have done the same and now I am getting zero logging, I thought that I would have got something in the log but then I have not got anything, just wanted to know if it is appearing to be normal:
http://i41.tinypic.com/119s8x4.png
I think that you have not enabled logging for all three profiles (domain, private and public) and I think that’s the reason for no logging, if you have not then try it out and then let me know what you get:
http://i41.tinypic.com/119s8x4.png
Hey I have just now tested the same on machine that is having windows 7 installation and I have found that it is allowing to port traffic on 1234 and it does not even need the firewall rule. When I am restoring my primary PC windows firewall to defaults then it stops me from telneting till I disable the firewall, I don’t know why the firewall is blocking it, what should I do know? Is there anything that I can try out?
Just share the below logs from the server so I can have a better idea of the issue that you are facing:
• Netmon capture
• Firewall Log
• Firewall Rules