ICF in Windows XP SP1 and Windows Server 2003 blocks unsolicited inbound unicast, multicast, and broadcast traffic (329928)

INTRODUCTION

The Internet Connection Firewall (ICF) feature in the original release version of Windows XP examines only inbound unicast traffic. Starting with Windows XP Service Pack 1 (SP1) and Windows Server 2003, ICF examines and drops (blocks) unsolicited inbound unicast, multicast, and broadcast traffic.

Note In Windows XP Service Pack 2 (SP2), ICF is named Windows Firewall (WF).

MORE INFORMATION

Unicast traffic is transmitted between a single sender and a single receiver on the network. Broadcast traffic is transmitted to all devices on the network. Multicast traffic is transmitted to all devices on the network that request it. For example, multicast traffic is transmitted to a running program or service that is "listening" for multicast traffic.

Starting with Windows XP SP1, ICF/WF blocks all inbound unicast, multicast, and broadcast traffic. Windows XP Tablet PC Edition and Windows XP Media Center Edition include SP1.

If you want to permit broadcast or multicast traffic through the firewall, you must manually open the appropriate ports. When you open a port, all kinds of traffic are permitted through that port. For example, if you open TCP port 80, inbound unicast, broadcast, and multicast traffic on that port and protocol are permitted.

For additional information about how to manually open ports, click the following article number to view the article in the Microsoft Knowledge Base:

308127 How to manually open ports in Internet Connection Firewall in Windows XP

For additional information about ICF in Windows XP, click the following article number to view the article in the Microsoft Knowledge Base:

320855 Description of the Windows XP Internet Connection Firewall