summaryrefslogtreecommitdiffhomepage
path: root/windows
diff options
context:
space:
mode:
Diffstat (limited to 'windows')
-rw-r--r--windows/winfw/src/winfw/rules/blockall.cpp14
-rw-r--r--windows/winfw/src/winfw/rules/permitloopback.cpp18
2 files changed, 16 insertions, 16 deletions
diff --git a/windows/winfw/src/winfw/rules/blockall.cpp b/windows/winfw/src/winfw/rules/blockall.cpp
index ff8ba5a065..54f35e5f1d 100644
--- a/windows/winfw/src/winfw/rules/blockall.cpp
+++ b/windows/winfw/src/winfw/rules/blockall.cpp
@@ -33,12 +33,13 @@ bool BlockAll::apply(IObjectInstaller &objectInstaller)
}
//
- // #2 block outbound connections, ipv6
+ // #2 block inbound connections, ipv4
//
filterBuilder
- .key(MullvadGuids::FilterBlockAll_Outbound_Ipv6())
- .layer(FWPM_LAYER_ALE_AUTH_CONNECT_V6);
+ .key(MullvadGuids::FilterBlockAll_Inbound_Ipv4())
+ .name(L"Block all inbound connections")
+ .layer(FWPM_LAYER_ALE_AUTH_RECV_ACCEPT_V4);
if (false == objectInstaller.addFilter(filterBuilder, nullConditionBuilder))
{
@@ -46,13 +47,12 @@ bool BlockAll::apply(IObjectInstaller &objectInstaller)
}
//
- // #3 block inbound connections, ipv4
+ // #3 block outbound connections, ipv6
//
filterBuilder
- .key(MullvadGuids::FilterBlockAll_Inbound_Ipv4())
- .name(L"Block all inbound connections")
- .layer(FWPM_LAYER_ALE_AUTH_RECV_ACCEPT_V4);
+ .key(MullvadGuids::FilterBlockAll_Outbound_Ipv6())
+ .layer(FWPM_LAYER_ALE_AUTH_CONNECT_V6);
if (false == objectInstaller.addFilter(filterBuilder, nullConditionBuilder))
{
diff --git a/windows/winfw/src/winfw/rules/permitloopback.cpp b/windows/winfw/src/winfw/rules/permitloopback.cpp
index f98fe4f756..990d732881 100644
--- a/windows/winfw/src/winfw/rules/permitloopback.cpp
+++ b/windows/winfw/src/winfw/rules/permitloopback.cpp
@@ -40,15 +40,16 @@ bool PermitLoopback::apply(IObjectInstaller &objectInstaller)
}
//
- // #2 permit outbound connections, ipv6
+ // #2 permit inbound connections, ipv4
//
filterBuilder
- .key(MullvadGuids::FilterPermitLoopback_Outbound_Ipv6())
- .layer(FWPM_LAYER_ALE_AUTH_CONNECT_V6);
+ .key(MullvadGuids::FilterPermitLoopback_Inbound_Ipv4())
+ .name(L"Permit inbound connections on loopback")
+ .layer(FWPM_LAYER_ALE_AUTH_RECV_ACCEPT_V4);
{
- wfp::ConditionBuilder conditionBuilder(FWPM_LAYER_ALE_AUTH_CONNECT_V6);
+ wfp::ConditionBuilder conditionBuilder(FWPM_LAYER_ALE_AUTH_RECV_ACCEPT_V4);
conditionBuilder.add_condition(std::make_unique<ConditionLoopback>());
@@ -59,16 +60,15 @@ bool PermitLoopback::apply(IObjectInstaller &objectInstaller)
}
//
- // #3 permit inbound connections, ipv4
+ // #3 permit outbound connections, ipv6
//
filterBuilder
- .key(MullvadGuids::FilterPermitLoopback_Inbound_Ipv4())
- .name(L"Permit inbound connections on loopback")
- .layer(FWPM_LAYER_ALE_AUTH_RECV_ACCEPT_V4);
+ .key(MullvadGuids::FilterPermitLoopback_Outbound_Ipv6())
+ .layer(FWPM_LAYER_ALE_AUTH_CONNECT_V6);
{
- wfp::ConditionBuilder conditionBuilder(FWPM_LAYER_ALE_AUTH_RECV_ACCEPT_V4);
+ wfp::ConditionBuilder conditionBuilder(FWPM_LAYER_ALE_AUTH_CONNECT_V6);
conditionBuilder.add_condition(std::make_unique<ConditionLoopback>());
Copyright © 2025 - 2026 Wayne Cole. WTFPL. Attribution appreciated. No warranty. Not liable for bodily damages.