I am interested in using WinDivert for capturing some outbound packets. I also have some firewall rules defined on my machine (I defined them with New-NetFirewallRule command.
Could you please help me to figure out: what will be applied to an IP outgoing packet first: firewall Block rule (and the packet will be dropped) or WinDivert driver (and the packet will be diverted to my application)? According to my experience, firewall is being applied first. Is there a way to change that? Eventually, I would like to capture the packet that will be blocked by the firewall otherwise.
I am interested in using WinDivert for capturing some outbound packets. I also have some firewall rules defined on my machine (I defined them with
New-NetFirewallRulecommand.Could you please help me to figure out: what will be applied to an IP outgoing packet first: firewall
Blockrule (and the packet will be dropped) or WinDivert driver (and the packet will be diverted to my application)? According to my experience, firewall is being applied first. Is there a way to change that? Eventually, I would like to capture the packet that will be blocked by the firewall otherwise.