Blocking ongoing UDP conversations RRS feed

  • Question

  • I'm working on software that is supposed to add banning functionality around an existing piece of closed-source game server software. To find a way to do this I started by manually adding blocking rules (for a port in both directions) to Windows advanced firewall to see if it would interrupt ongoing UDP conversations.

    Apparently it does not. After adding the rules new conversations cannot be started, but ongoing conversations continue without problems.

    If I understand correctly, the ongoing conversation should have been interrupted because the addition of a rule would trigger reauthorization. I have confirmed that the mentioned policy change event (5447) occurs and that my filters are at the FWPM_LAYER_ALE_AUTH_RECV_ACCEPT_V4 layer. So why doesn't the communication stop?

    This happens for both windows 7 and windows 10.

    • Edited by Griffon27 Sunday, November 11, 2018 4:25 PM
    Thursday, November 8, 2018 9:05 PM