Firewall - System rules
Manage these settings from: ☰ Menu ▸ Settings ▸ Protection ▸ Firewall ▸ System Rules
System rules are a range of Firewall rules that control network traffic for the most common connection types related to specific system capabilites. Configuration changes on the System rules screen directly impact the rules configured in Packet rules. If you change a system rule, the change may affect multiple packet rules.
Note: we recommend you only make alterations to system rules if you have advanced knowledge of firewall concepts or for troubleshooting purposes. Firewall is already configured to provide the appropriate firewall protection in most cases.
Manage system rules
Select Enabled or Disabled to allow or block the corresponding traffic. If a rule is set to Not configured, Firewall does not control the traffic according to a predefined connection type, but still applies the rules defined in Application Rules, which control traffic according to individual rules for programs or services.
Enabling these rules has the following effects:
- Allow Windows File and Printer sharing: authorizes other PCs in the network to access shared folders and printers on your PC.
- Allow remote desktop connections to this computer: authorizes other PCs in the network to remotely access and control your PC when the Remote Desktop service is enabled.
- Allow incoming ping and trace requests (ICMP): authorizes incoming Internet Control Message Protocol messages. ICMP is typically used by system tools, such as ping or tracert commands, or for diagnostic and control purposes when troubleshooting connectivity issues.
- Allow outgoing ping and trace requests (ICMP): authorizes outgoing Internet Control Message Protocol messages. ICMP is typically used by system tools, such as ping or tracert commands, or for diagnostic and control purposes when troubleshooting connectivity issues.
- Allow IGMP traffic: authorizes multicast communication using the Internet Group Management Protocol, which is required by some media streaming services for more efficient use of resources during activities such as video streaming and gaming.
- Allow multicast traffic: authorizes applications and services for media streaming when distributing content to groups of multiple recipients in a single transmission, which is necessary for activities such as video-conferencing.
- Allow DNS: authorizes communication with Domain Name Servers, which enables your PC to recognize the IP addresses of the websites you visit.
- Allow DHCP: authorizes communication using the Dynamic Host Configuration Protocol to automatically provide network PCs and devices with IP addresses and other related configuration information, such as the subnet mask and default gateway.
- Allow VPN connections via PPTP: authorizes connections to Virtual Private Networks based on the Point-to-Point Tunneling Protocol. This protocol is known to present numerous security risks.
- Allow VPN connections via L2TP-IPSec: authorizes connections to Virtual Private Networks based on a more secure combination of the Layer 2 Tunneling Protocol and Internet Protocol Security, when compared to the older Point-to-Point Tunneling Protocol.
- Allow stealth mode for public networks: prevents attackers from uncovering information about your PC and running services when your Firewall is in Public mode, which is the Network profile you should set when you are connected to a public network, such as in a cafe or at an airport.
After making any changes, click OK to save your settings and exit the System rules screen.
Troubleshoot issues
If you are unable to make a shared folder or printer accessible to other PCs in the network, follow these steps from the System rules screen:
- Ensure that the Allow Windows File and Printer sharing rule is set to Enabled.
- Click OK.
If the issue persists, follow these steps:
- Switch the Allow Windows File and Printer sharing rule to Not Configured.
- Click OK, then reopen the System rules screen.
- Switch the Allow Windows File and Printer sharing rule back to Enabled.
- Click OK, then restart your PC.