I want to create a windows firewall rule that allow outbound tracert.exe connections. But when i:
go in the 'windows firewall with advanced security' panel
block all outboud connections
create a rule to allow outbound connections for cmd.exe, and tracert.exe, allowing all protocols
open command prompt and digit:
c:\Users\Administrator>tracert xx.xx.xx.xx
it doesn't work, the windows firewall still block it.
P.S. When, in the firewall windows, i allow all outbound connections, tracert works well.
P.P.S. In past i also noticed that depending of some Windows o.s., if i set the rule with a path '%SystemRoot%\System32...' it doesn't works, and the rule MUST set as 'c:\Windows\System32...' to work well. But it's not my case, as i tried both the combinations, applying two rules, one for cmd.exe and one for TRACERT.EXE. And doesn't work in both ways.
P.P.P.S. I have some outbound rules about some .exe that allow the outbound connections (when all outbound connection that don't match a rule are blocked) and that programs works well.
...It seems to me that, when TRACERT.EXE it's launched from cmd.exe console, could be launched also another .exe, or could works throught a svchost.exe...
(i tried also executing it through sysinterinals tcpview.exe, but no tcp or udp connections are visible, so it seems protocol ICMP should be used)
Please, is there anyone that know what could be the cause of this behaviour?
Thank you.
ICMPv4
, then verify that all ICMP types are selected under ICMP Settings > Customize. Try enabling the prebuilt rule named "Core Networking Diagnostics - ICMP Echo Request (ICMPv4-Out)". I see all the ICMP rules defineSYSTEM
as the application, so maybe you cannot specify a single .exe