If I have Windows Firewall turned off and open some websockets to an outside machine (wss), if I then turn on Windows Firewall, would custom inbound and outbound rules blocking TCP on all ports to the outside machine's IP address immediately stop the websocket traffic, or would it only prevent new connections?
Asked
Active
Viewed 5,442 times
1 Answers
1
A new rule must have immediate effect because the Windows 10 Firewall does Packet Filtering, and has always done so since Windows XP.
Wikipedia defines Packet Filtering as:
Packet filters act by inspecting packets transferred between computers. When a packet does not match the packet filter's set of filtering rules, the packet filter either drops (silently discards) the packet, or rejects the packet (discards it and generates an Internet Control Message Protocol notification for the sender) else it is allowed to pass.
The firewall will not in effect disconnect the sockets themselves, but will rather block all messages, which may under the right conditions also cause their disconnection sooner or later.
Logic also dictates that allowing illegal packets to come into the computer would be a security hole that no firewall can allow.
harrymc
- 498,455