deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-20 09:17:25 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Update filter-origin-documentation.md

Browse Source
This commit is contained in:
Benny Shilpa 2020-12-17 11:09:43 +05:30 committed by GitHub
parent eb5100641f
commit 70d8ac4817
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
windows/security/threat-protection/windows-firewall/filter-origin-documentation.md
View File

@ -55,7 +55,7 @@ The next section describes the improvements made to audits 5157 and 5152, and ho
The two new fields added to the audit 5157 and 5152 events are `Filter Origin` and `Interface Index`.
The `Filter Origin` field helps identify the cause of the drop. Packet drops from firewall are explicitly dropped by default block filters created by the Windows Firewall service or a firewall rule which may be created by users, policies, services, apps, etc.
The `Filter Origin` field helps identify the cause of the drop. Packet drops from firewall are explicitly dropped by default block filters created by the Windows Firewall service or a firewall rule that may be created by users, policies, services, apps, etc.
`Filter Origin` specifies either the rule ID (a unique identifier of a Firewall rule) or the name of one of the default block filters.
@ -100,7 +100,7 @@ Network drop events from the AppContainer loopback block filter origin occur whe
To enable localhost loopback in a local debugging environment, see [Communicating with localhost](https://docs.microsoft.com/windows/iot-core/develop-your-app/loopback).
To enable localhost loopback for a published app which requires loopback access to communicate with another UWP or packaged win32 app, see [uap4:LoopbackAccessRules](https://docs.microsoft.com/uwp/schemas/appxpackage/uapmanifestschema/element-uap4-loopbackaccessrules).
To enable localhost loopback for a published app that requires loopback access to communicate with another UWP or packaged win32 app, see [uap4:LoopbackAccessRules](https://docs.microsoft.com/uwp/schemas/appxpackage/uapmanifestschema/element-uap4-loopbackaccessrules).
**Boottime default**
@ -130,7 +130,7 @@ Network packet drops from query user default block filters occur when there is n
1. Create an inbound firewall rule to allow the packet for this application. This will allow the packet to bypass any query user default block filters.
2. Delete any block query user rules which may have been auto generated by the firewall service.
2. Delete any block query user rules that may have been auto generated by the firewall service.
To generate a list of all the query user block rules, you can run the following PowerShell command:
@ -161,7 +161,7 @@ To disable stealth-mode, see [Disable stealth mode in Windows](https://docs.micr
**UWP default**
Network drops from Universal Windows Platform (UWP) default inbound/outbound block filters are often caused by the UWP app not being configured correctly (i.e. the UWP app is missing the correct capability tokens or loopback is not enabled) or the private range is configured incorrectly.
Network drops from Universal Windows Platform (UWP) default inbound/outbound block filters are often caused by the UWP app not being configured correctly (that is, the UWP app is missing the correct capability tokens or loopback is not enabled) or the private range is configured incorrectly.
For more information on how to debug drops caused by UWP default block filters, see [Troubleshooting UWP App Connectivity Issues](https://docs.microsoft.com/windows/security/threat-protection/windows-firewall/troubleshooting-uwp-firewall).