I want to create a firewall rule that allows a game executable to have lan access so I can play a lan game with my kid over my home network while blocking internet access.
I am using windows firewall on windows 10 1803.
I am not certain how familiar are you with firewall rules, but Windows Firewall Control makes it easy:
Windows Firewall Control
Maybe that will help you...
Try Here
Block App Internet Access
Firewall rules are always vague and unclear to me. What would help is someone telling me exactly what to put in each box.
Does "remote" mean everything but my LAN PC's and router?
Does Local mean "only" my router and pc's?
If I make an allow rule and choose only LAN under interface type, does it block everything else?
My PC's have fixed ip's, if I make an allow rule and put the ip of the other pc in it, does it block everything but that ip?
My LAN is 3 pc's and a printer with fixed ips, 2 hard wired 2 wifi (the printer is wifi) and DHCP for the game console and mobiles devices all hooked to my Cisco EA2700 and it hooks to my modem.
PS This is just a random allow rule I selected for a screenshot.
That is incorrect.
The link provided does exactly what you want or have described in you OP...
The post is detailed to the letter on "How to Block a Program from Accessing the Internet in Windows 10" and considers all connections LAN, WLAN and WAN.
You will need to setup a rule to the specific application you want to block access to.
As Cr00zng States, this is completed through the firewall if you know your way around.
Firewall rules are not complex, but the way they described is confusing. My explanation may be just as confusing...
Remote = anything outside of the system at hand, including other systems within the same LAN.
Local = the local network, including other PCs, printers switches, routers, etc., within the same subnet
Interface type LAN = the interface where the firewall rule will be applied to
You do have a broadband router (Cisco), that's good and having your system software firewall isn't that important. Unless you'd want to control application access, both in and outbound.
In my view, local LAN based in and outbound access should be allowed. At least, that's what I do. The WFC rule is to fold for this purpose, since the bidirectional access (in and outbound for your system) requires two rules:
You can allow all programs, that will allow all programs to access the local subnet. Alternatively you can browse to the program that you'd want to allow access through the firewall.
The "LocalSubnet" is not in the dropdown menu, select "Custom Address" and type in "LocalSubnet". Create two of this rules, one for the "Inbound" the "Outbound" access. Alternatively, you could just select "No Filtering" in the "Profiles" tab for testing purposes:
@Cr00zng
So, I created both an inbound and outbound rule as you described for "Borderlands2.exe" but when I start the game, I still get a popup from WFC telling me "borderlands2.exe" is trying to access the internet.
This is were I get confused. I have two rules to allow LAN but they don't to block internet. I make the block rule (click block on this popup) and it overrides the allow rules. If I unplug my modem, and disable this block rule, the lan games work fine.
Last edited by Sqrly; 04 Feb 2019 at 16:40.
According to the faq at Frequently asked questions
How to stop entirely the notifications for a specific program ?
Let's say that you have a program for which you have defined an allow rule with a very specific IP range that you want to allow. When this program connects to a different IP you don't want to see a new notification because you wanted to allow just that specific IP range and that's all. To disable the unwanted notifications for a program, add a new exception in the notifications exceptions list available in the Notifications tab.
You have already set the allow rules for the specific ip range (ie the LocalSubnet). So, what if you deleted the "Block" rule which may have been set when you clicked the Block this program and then adding "borderlands2.exe" to the Notifications Exceptions list as per the above faq so there are no more popups ?
Quote
