I am attempting to block all internet traffic except for chrome. I have found many articles outlining how to do this using windows firewall. I followed the instructions but it just blocks everything (chrome won't work). I set outgoing connections in all profiles to BLOCK. This blocks everything. Then I created an outgoing rule specifying my chrome executable. Eventhough this rule is created, it still blocks everything, I even confirmed this in my log. I'm not sure what I am missing. To be clear, I'm trying to setup a "Deny All except ...." configuration where all traffic (in or out) is blocked except for what is specified in rules.
Asked
Active
Viewed 5,748 times
3 Answers
2
Block all outgoing traffic:
With Windows Firewall Control Panel: Open Control Panel > System and Security > Windows Firewall. Click on "Windows Firewall Properties". Set all the "Outbound connections" to "Block" (default is to allow). Do this for all profiles by selecting the tabs. The click "Apply" button below to apply that Firewall state.
With Command Prompt: Run this command as administrator:
netsh advfirewall set allprofiles firewallpolicy blockinbound,blockoutbound
Allow System and Chrome: The above setting blocks all connections including from System and DNS Host service. Allow System and Chrome with the following commands as administrator. Let the path of Chrome executable file is "E:\Chrome\chrome.exe". Replace that with your own.
netsh advfirewall firewall add rule Name=System Program=System Action=allow Dir=Out netsh advfirewall firewall add rule Name=Chrome Program="E:\Chrome\chrome.exe" Action=allow Dir=OutDelete DNS Cache service: As the above Firewall State block DNS service, applications can not send DNS request. So by deleting DNS cache service you allow all apps to send/receive DNS packets independently. First backup the registry
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache"from Registry Editor. Now delete the DNS Cache service with the following commands as administrator.sc.exe stop "Dnscache" sc.exe delete "Dnscache" reg.exe delete "HKLM\SYSTEM\CurrentControlSet\Services\Dnscache" /F
Now restart PC to effect the changes. See this Netsh AdvFirewall Firewall Commands for further readings.
Biswapriyo
- 11,584
2
I played around with the settings and got it to work. By using the GUI to setup the rule, it creates the rule as "%USERPROFILE%\AppData\Local\Google\Chrome SxS\Application\chrome.exe" but if I create the rule with the absolute "c:\users .... path, it works. I did not have to do anything with the DNS however I did not do anything with the existing default outgoing rules so maybe its in there already
I guess there is a bug with the GUI
eng3
- 267
0
You're using the wrong tool; windows firewall has many, many flaws in how it handles things, including not having order of precedence based rules.
Try the Comodo firewall instead; that is a solid, free application based Windows software firewall with good GUI tools and defaults for configuring it, and should easily be able to do what you want.
