Firewall Rules to allow Windows Update

[legaCyPowers 0]

As a privacy measure, i block mostly of Windows 10 connections related to microsoft(in an attempt to prevent telemetry being sent without consent), however if i have my firewall turned on my updates don't download, they get stuck at downloading at 0%, anyone can assist me with the hosts and proccesses that are involved in Microsoft Update so i can create a rule that allow the update to work properly?

doing some research i came across this list

windowsupdate.microsoft.com
*.windowsupdate.microsoft.com
*.update.microsoft.com
*.update.microsoft.com
*.windowsupdate.com
download.windowsupdate.com
download.microsoft.com
*.download.windowsupdate.com
wustat.windows.com
ntservicepack.microsoft.com
go.microsoft.com

But the firewall rules editor don't seem to allow either hosts or wildcards.

BTW i'm using ESET Internet Security 13.2.18.0

[Marcos 5,070]

Firewalls in general work with IP addresses, not with hostnames. Since IP addresses may change in time, I would not recommend creating firewall rules to restrict communication of the OS with Microsoft's servers.

[legaCyPowers 0]

1 hour ago, Marcos said:

Firewalls in general work with IP addresses, not with hostnames. Since IP addresses may change in time, I would not recommend creating firewall rules to restrict communication of the OS with Microsoft's servers.

So you're saying that you don't know the services nor the IP addresses that Windows Update uses?
That's a stablished fact, i will block by hosts and firewall every single connection that i don't want to happen, that is the whole purpose of a firewall, however my problem is that i need to whitelist Windows Update, because downloading windows updates is something that i want to happen, i don't trust Microsoft, so the only thing that i want from them is just Windows Updates since i'm stuck with the spyware called Windows 10(since the IDE that i use for development of my commercial applications only works on Windows, and some games on my steam library too) , on my laptop that i don't have to use Windows i'm happy with my linux installation.

But again, i need to know which services i need to allow on the rules, i would be happy if the following answers actually answers my question, since i didn't asked if anyone recommend blocking microsoft connections, i asked which services and ip addresses are used for Windows Update, thank you very much.

[legaCyPowers 0]

Nevermind, i figured out on my own, i think that allowing DoSVC and WUAUSERV did the trick

[SlashRose 25]

If you don't trust Windows, why are you using it?

[Nightowl 202]

On 9/10/2020 at 12:09 AM, legaCyPowers said:

So you're saying that you don't know the services nor the IP addresses that Windows Update uses?
That's a stablished fact, i will block by hosts and firewall every single connection that i don't want to happen, that is the whole purpose of a firewall, however my problem is that i need to whitelist Windows Update, because downloading windows updates is something that i want to happen, i don't trust Microsoft, so the only thing that i want from them is just Windows Updates since i'm stuck with the spyware called Windows 10(since the IDE that i use for development of my commercial applications only works on Windows, and some games on my steam library too) , on my laptop that i don't have to use Windows i'm happy with my linux installation.

But again, i need to know which services i need to allow on the rules, i would be happy if the following answers actually answers my question, since i didn't asked if anyone recommend blocking microsoft connections, i asked which services and ip addresses are used for Windows Update, thank you very much.

Probably that will help you without Firewall blocking

https://www.oo-software.com/en/shutup10