Strange windows firewall behaviour with file and printer sharing.

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Hi friends,

I have 2 computers with IP 192.168.2.169 and 192.168.2.150 with subnet mask
255.255.255.0 connected by means of a router. Both running windows xp sp2
fully updated.

Without windows firewall file and printer sharing works fine.
Windows firewall enabled with file and printer sharing scope "any computer
(including those on the internet)" also works.

If I change the scope to "my network (subnet only)" it does not work any
more !!

Why is this ?

I put logging on the destination computer on and the following is logged. (I
do not understand why the destination computer IP adress is equal
192.168.2.255 instead of 192.168.2.150)

#Version: 1.5
#Software: Microsoft Windows Firewall
#Time Format: Local
#Fields: date time action protocol src-ip dst-ip src-port dst-port size
tcpflags tcpsyn tcpack tcpwin icmptype icmpcode info path

2005-12-08 21:13:39 DROP UDP 192.168.2.169 192.168.2.255 138 138 244 - - - -
- - - RECEIVE
2005-12-08 21:13:47 DROP UDP 192.168.2.169 192.168.2.255 138 138 246 - - - -
- - - RECEIVE
2005-12-08 21:14:09 DROP UDP 192.168.2.169 192.168.2.255 137 137 78 - - - -
- - - RECEIVE
2005-12-08 21:14:09 DROP UDP 192.168.2.169 192.168.2.255 137 137 78 - - - -
- - - RECEIVE
 
The IP address ending in .255 are broadcasts that are meant to be received
by any computer on the network versus unicast which is sent to a specific IP
address. Broadcasts are normal and the ones you see are for netbios name
resolution and netbios browse list maintenance which is how the list of
computers you see in My Network Places is built and maintained in a behind
the scenes operation that involves browse masters and such. However they
should not be stopped by your firewall if file and print sharing is enabled
for your network/subnet. You might try going to use the option to restore
defaults in the advanced tab and then reconfigure your exception for file
and print sharing to see if that helps. You can also use the command netsh
firewall show state verbose = enable to see detailed command line info about
your Windows Firewall configuration. --- Steve
 
Thanks Steven,

I think I leave it like this because I also share an internet connection via
this computer and it took me some time to get it working.
 
Back
Top