Trust No Program

Block Port


BlockPort is a sandbox setting in Sandboxie Ini. It specifies IP port numbers which will be blocked for outgoing communications.

Usage:

   .
   .
   .
   [DefaultBox]
   BlockPort=137-139,445
   BlockPort=*,80,8080

The port numbers listed above are associated with the SMB/CIFS network file sharing subsystem.

The primary purpose of this setting is to block outgoing communications on SMB/CIFS ports, in order to prevent a rogue sandboxed program from accessing files through the SMB/CIFS subsystem, rather than by issuing direct requests to the local system.

The setting can be specified repeatedly over multiple lines and the effects will accumulate. Port ranges may be specified as shown in the first example. The second example shows negated use: Block all ports except those specified following the asterisk (star) character.

This setting is not configurable through Sandboxie Control, except to enable or disable a pre-defined list of default blocked ports:

Sandbox Settings > Applications > Miscellaneous > Default list of blocked TCP/IP ports

Note that this setting will prevent programs such as smbclient from properly running under Sandboxie. In case this is required, the setting can be turned off.

Jump to
Sandboxie Ini
setting:


Global Settings:

ByteOrderMark

AlertProcess

ForceDisableSeconds
ForceDisableAdminOnly

EditAdminOnly
EditPassword
MonitorAdminOnly

ActivationPrompt


Sandbox Settings:

Enabled

FileRootPath
IpcRootPath
KeyRootPath

AutoDelete
NeverDelete
DeleteCommand

AutoRecover
AutoRecoverIgnore
RecoverFolder

AutoExec

BoxNameTitle
BorderColor
Description

CopyLimitKb
CopyLimitSilent

ForceFolder
ForceProcess
LingerProcess
LeaderProcess

NotifyInternetAccessDenied
NotifyStartRunAccessDenied

BlockDrivers
BlockFakeInput
BlockPassword
BlockSysParam
BlockWinHooks

BlockPort

DropAdminRights

OpenFilePath
OpenPipePath
ReadFilePath
WriteFilePath
ClosedFilePath

OpenKeyPath
ReadKeyPath
WriteKeyPath
ClosedKeyPath

OpenIpcPath
ClosedIpcPath

OpenWinClass
OpenClsid
OpenProtectedStorage
OpenCredentials

InjectDll
InjectDll64

ProcessLimit1
ProcessLimit2


See also:

Expandable Variables Shell Folders Program Name Prefix Deprecated Settings

Top

Sandboxie is Copyright © 2004-2017 by Sandboxie Holdings, LLC.  All rights reserved.
Sandboxie.com | Contact Author
This site has been viewed 765,478,358 times since June 2004