July 19, 2011, 11:07 p.m.
posted by alexpi
Firewall with Windows
Yes, you can use Windows as a firewall.
You may not know it, but Windows has a very capable firewall built right in. To access it, run the Microsoft Management Console. You can do this by opening up a Run dialog, typing mmc, and clicking the OK button. After the program loads, you should see something similar to Figure.
Click on the Console menu and select the "Add/Remove Snap-in..." menu item. Next you should be presented with a dialog that has an Add button at the bottom. After clicking the Add button, you should see a dialog box with a list of available snap-ins. Scroll through the list and locate the item titled IP Security Policy Management. After you've selected this, the dialog box should look like Figure.
Now click the Add button. You'll be presented with a dialog asking whether you want the snap-in to manage the local computer or a domain. Determine whether you want to apply the filtering settings to just the local computer or the entire domain, and click the Finish button. Click the Close button in the Add Standalone Snap-in list dialog as shown in Figure. You should now see the IP Security Policies snap-in listed in the Add/Remove Snap-in dialog, as shown in Figure. Click the OK button and you'll be returned to the original Management Console window. You should now see the IP Security Policies snap-in listed in the window.
Before setting up firewall rules, you'll need to create a block action for them to use. To do this, right-click the IP Security Policies icon and select the "Manage IP filter lists and filter actions" item. After the dialog appears, click on the Manage Filter Actions tab. You should now see something similar to Figure.
If the Use Add Wizard checkbox is not checked, be sure to check it. Now click the Add button. Click the Next button after the wizard dialog opens. Then type "Block" for name of the new filter action. For the description, type "Blocks Access" or something similarly appropriate. After filling those in, click the Next button. Now click the Block radio button, and then click the Next button once again. After that, click the Finish button. You should now see the new filter action in the list that was shown in Figure. You may now click the Close button.
Now you can set up the firewall rules. Right-click the security policy icon and select the Create IP Security Policy item. This will bring up a wizard. Click the Next button and fill in the Name and Description; a good choice for both of them would be "Firewall". After filling those in, click the Next button. You should now see a checkbox labeled "Activate the default response rule". Uncheck this box and then click the Next button. After that, click the Finish button. You should now see a dialog called Firewall Properties, as shown in Figure.
To create a new filtering rule, uncheck the Use Add Wizard box and click the Add button. You should now see a dialog box that looks like Figure.
To select the IP addresses to match on, click the Add button in the IP Filter List tab. This will also let you define ports and protocols to match on. After you have selected the IP addresses and ports you want the rule to apply to, click the Filter Action tab and choose your selections from the list of actions.