[Question] What's the difference between the blocklist setting "Disable" and "Block"?

[schibunaki]

Hi, I'm sorry if this is a question that got answered somewhere, but I couldn't find an answer anywhere.

In the Menu Bar under Blocklist and then any of the 3 (for example Microsoft applications), there are 3 options for each, Disable, Allow and Block. Allow is self explanatory and Block is too I think, but what does Disable do? Can you explain in detail what they do or point me to a source where I can read what they exactly do and what the difference is?

---

App version: 3.7.8 Windows version: Windows 10 Pro 22H2

[henrypp]

it do as is, disable - do nothing, block - it block it, what not undestand?

[schibunaki]

@henrypp I'm sorry for being dumb. I do not understand. Block means it blocks network requests? And disable does... what? Also blocks the requests?

[ghost]

it do as is, disable - do nothing, block - it block it, what not undestand?

What is the difference between "Disable" and "Allow". Disable = do nothing, Allow = also means do nothing because it is allowed by default.

[Ehab-d]

What is the difference between "Disable" and "Allow". Disable = do nothing, Allow = also means do nothing because it is allowed by default.

Honestly, this is one of the unclear things. If it were my problem all my friends wouldn't have trouble understanding it.

[secured2k]

Guessing - there probably is a language barrier.

Disable - Don't use the list/feature.

Example: Microsoft Update. If Allowed, anything can reach those IPs. If Blocked, nothing can reach those IPs. If Disabled, your default policy and user rules specify what is blocked or allowed.

Keep in mind it is a best practice for a firewall to deny by default, not everyone is set up this way.

Edited: Changed "Blocked, no apps..." to "Blocked, nothing" Changed "Disabled, your rules..." to "Disabled, your default policy and user rules..."

[schibunaki]

Guessing - there probably is a language barrier.

Disable - Don't use the list/feature.

Example: Microsoft Update. If Allowed, anything can reach those IPs. If Blocked, no apps can reach those IPs. If Disabled, your rules specify what is blocked or allowed.

Keep in mind it is a best practice for a firewall to deny by default, not everyone is set up this way.

Thank you very much! This is actually helpful. So by "your rules" you mean all the rules under the "User Rules" tab, right? So if I don't have any custom rules, Disable has exactly the same effect as Block, correct?

[secured2k]

Correct, "your rules" = "User Rules." Disabling has the same effect as not having those rules. The action depends on whether your firewall settings are set to block or allow by default.

I can't say using disable would be the same as block because the "block *** connections for all" can be toggled, which means the default policy can be changed from block to allow.

Furthermore, you can observe the Block/Allow/Disable rules in the "Blocklist" tab. For example, here is the MS Spying/Telemetry.

Blocked:

Allowed:

Disable: (note rules are not checked, so default actions are applied)

[Ehab-d]

@secured2k Thanks for the detailed answer.

[secured2k]

I thought about my last answer and wanted to clarify that "your rules" are not just "User rules," but ALL other rules made (app rules, system rules, user rules, etc.)

Simplewall allows for global rules (when no app is selected, they are applied to everything). You can also pick an app and apply no rules, but it is "enabled" for network access; if allowed, the app should have no restrictions.

The blocklist takes priority. For example, IP 40.126.41.96 is in the "Spy" Blocklist. I have a rule that allows pings (ICMPv4). My default policy is to block unmatched connections.

If the blocklist rule is "Disabled", I can ping the IP (because of my allow rule). However, if I remove my allow ICMPv4 rule, I cannot ping the IP (because of my default deny rule). If the blocklist rule is "Allowed", I can ping the IP regardless of my ICMPv4 rule. All apps can reach that IP. If the blocklist rule is "Block", I cannot ping the IP regardless of my ICMPv4 rule. All apps cannot reach that IP.