ICMP logging settings in Windows Firewall

If your computer is connected to a network, network policy settings might prevent you from completing these steps.

To find ICMP and logging settings, open Windows Firewall with Advanced Security:

1. Click to open Windows Firewall.

2. In the left pane, click advanced settings. If you are prompted for an administrator

password or confirmation, type the password or provide confirmation.

3. In the Windows Firewall with Advanced Security dialog box, in the left pane, click Monitoring.

To change logging settings:

1. In the Windows Firewall with Advanced Security dialog box, in the left pane, click Windows Firewall with Advanced Security on Local Computer.

2. In the middle pane, click Windows Firewall properties.

3. Click the Domain Profile tab, and then, under Logging, click Customize.

4. In the dialog box that appears, change the settings you want to change, and then click OK.

You can specify ICMP settings by creating inbound or outbound rules using the ICMPv4 or ICMPv6 protocol.

Open a port in Windows Firewall

If Windows Firewall is blocking a program and you want to allow that program to communicate through the firewall, you can usually do that by selecting the program in the list of allowed programs (also called the exceptions list) in Windows Firewall. To learn how to do this, see Allow a program to communicate through Windows Firewall.

However, if the program isn't listed, you might need to open a port. For example, to play a multiplayer game with friends online, you might need to open a port for the game so that the firewall allows the game information to reach your computer. A port stays open all the time, so be sure to close ports that you don't need open anymore.

1. Click to open Windows Firewall.

2. In the left pane, click Advanced settings. If you are prompted for an administrator password or confirmation, type the password or provide confirmation.

3. In the Windows Firewall with Advanced Security dialog box, in the left pane, click Inbound Rules, and then, in the right pane, click New Rule.

4. Follow the instructions in the New Inbound Rule wizard.

Risks of allowing programs through a firewall

When you add a program to the list of allowed programs in a firewall, or when you open a firewall port, you allow a particular program to send information to or from your computer through the firewall. Allowing a program to communicate through a firewall (sometimes called unblocking) is like punching a hole in the firewall.

Each time you open a port or allow a program to communicate through a firewall, your computer becomes a bit less secure. The more allowed programs or open ports your firewall has, the more opportunities there are for hackers or malicious software to use one of those openings to spread a worm, access your files, or use your computer to spread malicious software to others.

It's generally safer to add a program to the list of allowed programs than to open a port. If you open a port, it stays open until you close it, whether or not a program is using it. If you add a program to the list of allowed programs, the "hole" is open only when needed for a particular communication.


To help decrease your security risk:

1. Only allow a program or open a port when you really need to, and remove programs from the list of allowed programs or close ports that you no longer need.

2. Never allow a program that you don't recognize to communicate through the firewall.