IPv4 broadcast problem

On Windows before 8 I can receive messages addressed to 255.255.255.255 and to addresses like 192.168.100.255. On Windows 8 the specific types of broadcast are received, but the limited broadcast address of 255.255.255.255 doesn't arrive. Is this a "feature" of Windows 8? Or perhaps something that has to be configured?

I'm not sure what you are trying to do but if you need to connect to different subnets you can set that up by going into IPv4 properties>General tab, then set to static IP's by choosing "Use the Following IP address" then advanced button to the advanced TCP/IP settings then fill in the different subnets, IP's, DNS servers and other info there.

Hi Chev. What I'm actually doing is checking if a firewall can be configured to allow or block certain addresses. BOOTP and DHCP use the 255.255.255.255 address, I'm not sure what else does. I want to know if I can specifically allow or block such traffic by address.

I do have more information since yesterday. It now appears that an incoming message to 192.168.100.255 (the static subnet I'm using to test) arrives as is, but one to 255.255.255.255 arrives with the destination address changed. So far I don't know what to, but that might not be important

Another update. My previous verdict was incorrect. A more accurate one is that a firewall rule with two addresses only implements the first address. This is for inbound traffic. For some reason it appears to work correctly for outbound.

The documentation on composing firewall rules says that clauses are combined with AND. Then it says that in Windows 7 consecutive clauses with the same field code are combined with OR. I'm assuming this means "Windows 7 and onwards".

Call me a newb, but I am very interested in your idea. For as far as I know clients should always have a subnet of 255.255.255.0 or more (255.255.0.0 or 255.0.0.0). Clients/servers/devices cannot communicate with each other when they're not in the same subnet.

So what are you trying to do, why and what is your plan?

I started off testing how the WFP deals with broadcast addresses, and then it generalised to multiple addresses.

A possible scenario is a network with lots of clients and several servers. It would make sense to create a firewall rule to block all traffic, then a higher priority rule to allow traffic to the servers.

The use of broadcast addresses might be more abstruse, but when we switch on IPv6 we will be using multiple addresses. We might want to accept traffic on certain addresses and not on others.

Whitelisting is always more secure than blacklisting, so that's a good idea. To be honest, I have no idea how we are going to handle our network with IPv6. I think we'll still be using ipv4 with NAT and an external IPv6 adress. This is unnecessary, but it is a whole lot easier. Thanks to Teredo we can easily translate ipv6 traffic to ipv4.