The order in which rules are applied
For connections that use rawsockets, only the global rules are checked.
For connections that do not use rawsockets, various rules are checked, depending on whether the connection is to a network address that is listed on the LAN tab or not.
If the network address is listed on the LAN tab, the following rules are checked:
- If the address has been marked as Trusted, all traffic on the connection is allowed with no further checks.
- If the address has been marked as NetBIOS, file and printer sharing on any connection that meets the following criteria is allowed:
Connection |
Port |
Range |
---|---|---|
TCP |
Remote |
137-139 or 445 |
TCP |
Local |
137-139 or 445 |
UDP |
Remote |
137 or 138 |
UDP |
Local |
137 or 138 |
If the network address is not listed on the LAN tab, other firewall rules are checked in the following order: