Winsock Firewall Users¡¯ guide



I.     How to start and stop FireWall service. 1

1. How to start FireWall 1

2. How to stop FireWall 1

II.        Rule editor. 2

1. Format of FireWall rules. 3

a. IP rule format 3

b. Application rule format 3

2. FireWall Rule editor 4

a. Edit IP rule. 4

b. Edit application rule. 5

III.      Setting security level. 5

IV.      Log utility. 6

V.        Shared folder utility. 9

VI.      Port scan utility. 10




I.                   How to start and stop Firewall service

You can start Firewall service from the main window of PC protection application. Once running, you can see the furthest left button. This button is always used to start or stop Firewall service.

1. How to start Firewall

When it is labeled as ¡®Start¡¯, that means that Firewall is not started and you runs it by clicking this button.          










2. How to stop Firewall

Once successfully starting Firewall, the button will changed its label into ¡®Stop¡¯ so that you can know that FW is running. Therefore, you can stop it by clicking the button.




II.                Rule editor

Rule Editor is included in option dialog. Option dialog can be display from main window by choosing ¡®Option¡¯ button.
































There are five tabs in option dialog. The First one displays Rule List including lists two type of rule, one for IP rules and the other for Application rules.


1. Format of Firewall rules

a. IP rule format

     In the list for IP rules, you can see 3 columns. The first column tells us the range of IP. The second is about port range. the third is type of transfer protocol which is TCP or UDP. The last one indicates the permission the rule has. If permission is ¡®Allow¡¯ that means interactions with that range of IP with port range are allowed. Inversely, if it is ¡®Deny¡¯ the interactions are not permitted.

b. Application rule format

     The application rules have only two parameters. One is full path of application. The other is permission. If the permission is allowed, that means user can use the application for networking acts. Nevertheless, if permission is denied user cannot use the application for networking purposes. The default values for both rule types depend on security level. That will be more detailed in the part of setting security level for FireWall.

























In the tab dialog of rules, there are two buttons, the ¡®Delete¡¯ button and the ¡®Add¡¯, its label tells us its functions. By choosing ¡®Delete¡¯ button, you will delete one selected rule, and clicking ¡®Add¡¯ button will link you to ¡®Rule Editor¡¯ dialog.



2. Firewall Rule editor

       By pressing Add rule button, a rule editor dialog will appear as the following figure.




























a. Edit IP rule

In IP rule dialog tab, there are 3 kinds of information need to be fulfilled.

+IP range.

There are 3 options for IP range,

-Single IP, User can input a single IP address

-Range IP, User can input two IP for a IP range

-All IP address, it correspond to the a IP range from []

+Port range.

A Port range is fulfilled the same as a IP range. There are 3 options.

-Single Port

-Port range

-All Port, corresponding to port range [0, 6635]

+ Permission

By choosing one of two radio button, user will set the permission for the rule ¡®Deny¡¯ or ¡®Allow¡¯.


After finishing edit a new rule, Press ¡®Add¡¯ to add your new Rule to rule Set or Press ¡®Cancel¡¯ to dismiss your acts.


b. Edit application rule

Selecting application tab links you to application rule editor dialog as following.





























To make a application rule, Firstly, You fulfill the path of the application by editing manually, or by clicking folder browser button. Secondly, selecting the permission for the rule. Lastly, choosing Add button to add and apply new rule. You can click ¡®Cancel button¡¯ to dismiss the process.


III.             Setting security level

     The second tab of the option dialog is used for setting Firewall security level. There are three levels of security.


Security level



By default, at high level of security, All possible IP rules or Application Rules have ¡®deny¡¯ permission except those rules defined by users.


Rules with common ports such as HTTP, FPT, SMTP etc, have the ¡®Allow¡¯ permission. Except those defined by users.

Low level

By default, All possible IP rules and application rules have ¡®Allow¡¯ permission, except those ones specified by users.



After selecting the desired level, Press ¡®Apply¡¯ button to apply new security level, Users can also undo his acts by clicking ¡®Undo¡¯ button.






















IV.              Log utility

     The third tab of the option dialog brings about users the advantages of a log utility. In here, users can see the log information or add new both IP and Application rule to Firewall.

One line of log information contains items described in following table.





Time of log line


Direction of data flow IN-data flow comes from a remove computer to the local machine or OUT-data flow goes out from local computer.


The permission that permits this networking interaction is permitted or not.


Remove IP address


Name of remove machine


Port of remove machine

Application Path

Path of the local application that interacts with the remove machine.

Bytes sent

Bytes sent by local machine

Bytes received

Bytes received by local machine

Socket number.

Socket IP of networking connection




By default, the items of time, IP, Port always appear for all line of log, the rest of items are optional. Users can display or hide it by the popup menu in the log list control.
























Users also can add new Firewall rules from the log-view-window. By right-clicking the log list control, a popup menu will display with two menu items for adding new rules. Once clicking ¡®Add IP rule¡¯ or ¡®Application rule¡¯, the corresponding value of log item will be fulfilled to rule editor window automatically as following figures.



















































































V.                 Shared folder utility

The fourth tab in the option dialog is for shared folder utility. This utility brings users the advantages of viewing list, stopping sharing, displaying property and going to the specific shared folder.

When this shared folder page becomes active, users can see the list of currently shared folders in the local computer. Selecting one folder to activate other functions of this utility, choosing ¡®Stop¡¯ button to stop sharing the selected folder, choosing ¡®Open¡¯ to exploit the folder and choosing ¡®Property¡¯ button to see the folder¡¯s property.



















VI.              Port scan utility

The last tab-page in the dialog option is for port-scan-utility. The purpose of this utility is to check whether a port is in use or not, by which users can check some strange ports used in their computer to foresee or avoid unauthorized accesses. There are three buttons in this tab-page. ¡®Default¡¯ buttons helps scan only default ports. Similarly, ¡®Backdoor¡¯ button helps scan only backdoor port, the rest button, ¡°All port¡± helps scan both the types of ports.






















(C) 2003-2004, DDT&LTH -,

Support This Project Logo