Solution to program failure caused by Win SP2 Firewall

After Microsoft Windows XP Service Pack 2 (SP2) is installed, some applications may not run on the updated operating system. this is because Windows Firewall is enabled by default and does not block unauthorized external connections. this article discusses how to create a firewall exception and allow an application to continue running by adding it to the exception list.

To improve the security performance of Windows XP SP2-based computers, Windows Firewall shields unauthorized external connections. But sometimes we still need to establish an exception rule to allow some inbound connections. For example, in the following cases:

Online multiplayer games over the Internet;

To receive files from instant messaging software;

After Windows XP SP2 is installed, the client application may fail to receive data from the server. The following are some examples:

FTP client;

Streaming media M playback software;

NEW email notification from the email client;

Similarly, applications running on Windows XP SP2 server may fail to respond to client requests. The following are some examples:

Web servers, such as IIS;

Remote Desktop;

File Sharing;

By default, Windows XP SP2 uses the following interactive components to implement this exception rule:

Windows Firewall Security reminder

Sometimes, when Windows Firewall shields an application from running, a Windows Firewall Security reminder dialog box appears. This dialog box contains the following information:

... To help protect your computer, Windows Firewall has blocked this program from grouping unsolicited information from the Internet or a network

This reminder information shows the program name and the developer of the program. This dialog box contains three options:

Unblock the program

Keep blocking this program

Keep blocking this program, but ask me again later

The following describes how to use this dialog box to allow the program to run.

Allow program running

Some programs must receive information from the network in order to run normally. This information enters the computer through the inbound port. To allow this information to enter Windows Firewall, you must open the correct inbound port on your computer. You can use any of the following methods to allow normal operation of a program by communicating with the program before SP2 is installed:

Allow programs to run through security reminders

In the security reminder dialog box, select Unblock this program.

Click OK.

Allow programs to run through Windows Firewall settings

If you do not select Unblock the program in the security reminder dialog box, the program will be disabled. You can configure Windows Firewall to achieve the same purpose:

Click Start, Run, enter wscui. cpl in the open input box, and click OK.

Click Windows Firewall

In the Windows Firewall dialog box, select the exception tab, and then select add program

In the add program dialog box, select a program in the list or browse to select a program

If you are not sure the specific name of the program to be set, refer

After selecting the program, OK
　　
In the exception list, make sure that the selection box before the program item you selected is selected.

Note: If you do not want to use this program as an exception in the future, you only need to clear the selection box of this program item.

Adding a program to the exception list has the following benefits:

You do not need to know which port the program uses (in contrast, when you want to enable the port, you must know the port number used by the program, this will be detailed later)

The port used by the program in the exception list is opened only when a connection is received.

Confirm and open the port

If the program cannot run normally after it is added to the exception list, or the program name cannot be determined when the exception program is selected, you can open the port manually. Before opening the port manually, you must first determine which ports are used by the program. The reliable method for determining the port used by a program is, of course, to contact the program development or support vendor for the required information. However, this method is not so convenient in most cases, and sometimes the list of ports used by the program is unavailable, you can use Netstat.exe to determine these ports.

Use Netstat.exe to determine the port

To use Netstate.exe to determine the port used by the program, follow these steps:

Run the problematic program and try to use its network function. For example, for a media player, open an audio stream. For a Web server, start the Web service;

Click Start, Run, Enter cmd, and click OK;

Get listener port list-enter the following command in the command prompt line and press Enter:

Netstat-ano> etstat.txt

Get the process identifier to determine the running process-enter the following command in the command prompt line and press Enter:

Tasklist> tasklist.txt

Note: If the problematic program runs as a service, add the/svc switch to the input command to obtain the service loaded in each process:

Tasklist/svc> tasklist.txt

Open Tasklist.txt, locate the problem program to be diagnosed, and write down the process identifier of the process;

Open Netstat.txt, write down all entries associated with the process identifier, and write down the communication protocol (TCP or UDP) used );

The port number used by this process will affect how to solve this problem:

If a process uses a port greater than 1024, these port numbers may not be changed;

If the port number is smaller than 1024, this program may use a port range. Therefore, simply opening some separate ports may not solve this problem;

Use Windows Firewall to manually open a port

To determine the exact port number, contact the program development or support vendor to obtain the required information or view the user documentation. After determining the port to be opened, follow these steps:

Click Start, Run, enter wscui. cpl, and OK;

Select Windows Firewall;

Select the exception tab and click Add port;

In the add Port dialog box, enter the port number to be opened in the port number column and select the TCP or UDP type;

Enter the port name and click OK. For example, enter GamePort;

To display or set the port exception range, click Change range, and then confirm;

On the "exceptions" tab, check that the new service has been listed. Open this port, select the selection box before the service, and click OK.