The new netsh in Vista is simly updated with a new section for outbound filtering.  I took some time and made a few example rules for those struggling with the syntax.  The rules below are linked here (Vista-Outbound-Firewall-Rules.bat.txt (1.23 KB)).

Pretty nice.  Finding some processes trying to access the internet such as Windows Error Reporting.  More a pain to translate the event log entries generated then anything.


netsh advfirewall firewall add rule name="IE (TCP)" dir=out program="c:\program files\internet explorer\iexplore.exe" protocol=TCP localip=any localport=any remoteip=any remoteport=80,443 action=allow
netsh advfirewall firewall add rule name="IE (UDP)" dir=out program="c:\program files\internet explorer\iexplore.exe" protocol=UDP localip=any localport=any remoteip=any remoteport=80,443 action=allow


netsh advfirewall firewall add rule name="Firefox (TCP)" dir=out program="C:\Program Files\Mozilla Firefox\firefox.exe" protocol=TCP localip=any localport=any remoteip=any remoteport=80,443 action=allow
netsh advfirewall firewall add rule name="Firefox (UDP)" dir=out program="C:\Program Files\Mozilla Firefox\firefox.exe" protocol=UDP localip=any localport=any remoteip=any remoteport=80,443 action=allow


netsh advfirewall firewall add rule name="Windows Messenger (TCP)" dir=out program="c:\program files\msn messenger\msnmsgr.exe" protocol=TCP localip=any localport=any remoteip=any remoteport=80,443,1863 action=allow
netsh advfirewall firewall add rule name="Windows Messenger (UDP)" dir=out program="c:\program files\msn messenger\msnmsgr.exe" protocol=UDP localip=any localport=any remoteip=any remoteport=80,443,1863 action=allow