Gee, Microsoft, you could have made filtering network traffic just a little bit more usable. All you had to do was write a log file, or at least give us the option to log what you're doing.
So I'm applying their so-called IP filters to a host before we deploy it. And, unlike some idiots out there in InternetLand, I use a default DENY rule. So, I add one of those. Then I add the exceptions to the "naff off" rule. And then I apply the filter.
And that doesn't work, because now everything is denied. I suppose that's better than having everything allowed, but it's more than a little annoying. Now I have to leave my chair!
The rudimentary firewall in Windows 2000 applies the rules in an somewhat dynamic fashion. In other words, it's unpredictable. If you permit traffic first, and only then deny it, then things work. Maybe. Who knows? It doesn't log anything.
5:09:45 PM # Google It!
categories: Dear Microsoft, Security, System Administration