Windows XP Professional, Windows 2003 and Windows 2000 supports TCP/IP filtering. TCP/IP filtering allows you to specify exactly which types of incoming IP traffic are processed as the destination for each IP interface. This feature is designed to isolate the traffic being processed by Internet and intranet clients in the absence of other TCP/IP filtering provided by IPSec, the Routing and Remote Access service, or other TCP/IP applications or services. TCP/IP filtering is disabled by default. Because, it operates in the Kernel mode, it performs better than any other mechanism. TCP/IP filtering applies to only traffic that's been sent to one of the assigned IP addresses on an interface. TCP/IP filtering can be enabled and disabled for all adapters by selecting a single check box.
This helps troubleshoot connectivity problems that might be related to filtering. Filters that are too restrictive might unnecessarily limit connectivity options. For example, if you decide to allow only specific types of UDP traffic and do not include RIP (UDP port 520), then the RIP Listener service does not function.
A packet is accepted for processing if it meets one of the following criteria:
The destination TCP port matches the list of TCP ports. By default, all TCP ports are permitted.
The destination UDP port matches the list of UDP ports. By default, all UDP ports are permitted.
The IP protocol matches the list of IP protocols. By default, all IP protocols are permitted.
It is an ICMP packet.
To configure TCP/IP filtering in Windows XP,
1. In Control Panel (default view), click Network and Internet Connections.
2. Click Network Connections.
3. In Network Connections, right-click the local area connection you want to modify, and then click Properties.
4. On the General tab, click Internet Protocol (TCP/IP) in the list of components, and then click Properties.
5. Click Advanced.
6. Click the Options tab, click TCP/IP filtering, and then click Properties.
7. In the TCP/IP Filtering dialog box, select the Enable TCP/IP Filtering check box and then add the numbers of all TCP and UDP ports and all IP protocols for which you want filtering enabled.
8. Click OK
In Windows 2000 ,
1. In Control Panel, open the Network And Dial-Up Connections folder, right-click the network interface, and choose Properties.
2. Click TCP/IP, choose Properties, and click Advanced.
3. On the Options tab, select TCP/IP Filter, and click Properties.
4. In the TCP/IP Filtering dialog box, select Enable TCP/IP Filtering.
5. In the TCP Ports, UDP Ports, and IP Protocols sections, add the ports that you want to allow, and click OK.
6. Close all dialog boxes.