Reminder to self for Windows Firewall: Block rules take precedence over Allow rules (see * below as actually it is even more complex); [WayBack] Firewall Rule Properties Page: General Tab has
Firewall rules are evaluated in the following order:
- Allow if secure with Override block rules selected in the Customize Allow if Secure Settings dialog box.
- Block the connection.
- Allow the connection.
- Default profile behavior (allow or block as specified on the applicable Profile tab of the Windows Firewall with Advanced Security Properties dialog box).
Within each category, rules are evaluated from the most specific to the least specific. A rule that specifies four criteria is selected over a rule that specifies only three criteria.
Which means that this will block TCP port 1024 traffic to bar.exe:
The Block rules are inserted by Windows if you click “Cancel” on a dialog like this (note the lowercase path, despite the application being at C:\Program Files (x86)\Foo\Bar.exe
):