No popups, but the Connections window has been extended to show (and whitelist) blocked applications.
But if the firewall is active in the connection window will only appear already allowed apps. This is why a log or something like that with apps blocked is needed, and it would be nice if with a right click you can allow the app with some kind of pre-customized rules
That is exactly what I'm talking about. It is already implemented in v2. It is part of the connections window, and it shows you (optionally, but it remembers) blocked apps from the past two minutes.
I hereby, gladly and humbly, announce the first test release of TinyWall v2. The focus this time was to introduce desired new features and correct some of the design defects of the previous versions. I hope you'll like all the various changes and as you will see, there are quite many. But first, a few notes about this release: This is a testing release, intended to find bugs and collect feedback. Even though I tried to make it a very reasonable release, please be prepared to meet some rough edges. Also, please report them back. The documentation has not been updated yet, so the FAQ's and the website's content still apply only to version 1 of TinyWall. If you have any questions, feel free to ask in this forum and I'll answer with the best of my knowledge. This testing release installs a "DevelTool" icon in the Start Menu. Please disregard it unless I tell you not to. If you have any applications that you would like to be included in TinyWall's autorecognition database, feel free to make a request and I'll do my best. You will find instructions in a later post about how you can help to include new software. (For example, I am explicitly looking forward to include MS Outlook, so if you have one, any version, let me know.) Until the final v2 is released, there is no guarantee that you will be able to keep your settings between upcoming releases. So, I guess it is time for the release notes ... Drums-dadadada-da-da-dadadada... (Oh, and I'll make some further comments on the way ) Offer user to whitelist additional files that belong to the same application Okay, this is a feature that required rewriting Intimidatingly Large Amounts of Code (ILAC). But it was totally worth it. Previously, TinyWall only knew about executables, but it could not tell if two executables were related (if one needed the other to work properly). Version 2 of TinyWall also knows about "applications", not just executables. Each application is a collection of executables in the eyes of TinyWall, and TinyWall will tell and offer you to automatically whitelist other executables if needed. Here is an example: In version 1, users whitelisted (only) firefox.exe and wondered, why they still can't play videos from the web. What they didn't know is that Firefox executes its plugins in a separate executable, plugin-container.exe. So to play online media, they also needed to whitelist this file. Of course if you didn't know this, you were out of luck and blamed TinyWall (or used the autodetection feature which has found both files). TinyWall v2 is much better at this. If you try to whitelist firefox.exe, TinyWall will tell you that it is not enough, and will even offer to automatically unblock all the other needed files for you! Now isn't that cool? Domain blocklist support Implemented by installing a custom hosts file, this feature will keep you safe from many malicious websites and increase your browsing speed by blocking trackers and ads. This feature is disabled by default, needs to be turned on explicitly. It can be easily switched on and off from the tray menu. TinyWall will keep the hosts file updated to ensure you always get the latest protection. (Currently the MVPS hosts file is used.) Hosts file protection A common web-related attack by malicious code is redirecting the user to fake sites to phish data or install further bad code. TinyWall will lock the hosts file to ensure its protection and prevent malicious redirection using the hosts file. (Needs to be turned on manually, but turns on automatically with the domain blocklist feature.) Mouse picking of windows with higher privileges In v1 when TinyWall's controller was not running elevated, it was impossible to whitelist another application that is running with Admin rights by mouse picking (by window). You either needed to use a different method or you needed to elevate TinyWall too. TinyWall v2 allows you to whitelist by window such applications without having to elevate TinyWall itself. Saving of settings without breaking existing connections This was an odd issue with TinyWall v1. I was actually surprised that no one reported it, even though I knew about it from day one. Unfortunately, this was more than just a bug, it was a real "design defect" that required rewriting ILAC (Intimidatingly Large Amounts of Code, remember?) to fix. The phenomenon was that when clicking Apply in the Manage window, TinyWall would break all existing TCP connections on the local computer. Interrupted downloads and whatnot were the results in other software. Anyway, this is all past now, since it is properly solved. New updater system This might sound less exciting than it actually is, but don't be mistaken. The new system will download compressed updates so they are faster, and it also allows TinyWall to update not just the installation as a whole, but also data components separately. For example, there is no need anymore to bump TinyWall's version and release a new installer just to update the database of applications. This also means you will get painless, nagless and installess updates in many cases. As already explained, it also allows the hosts file to be updated separately, you won't even notice. Traffic rate monitor This is a slick little feature in the form of a tray menu entry that will always tell you current total download and upload rate of your computer. Connections window shows blocked applications This is something that many of you have been asking for. The Connections window will now optionally show you what the firewall has blocked recently, and a right-click menu allows you to either unblock or close processes. Even multiple at once. The only trick is that the Connections window has to be open to record blocked applications (it won't show you blocked apps from before opening the window). This might sound a bit quirky and I easily could have gotten rid of this requirement, but unfortunately I have a (IMHO) very good reason to do things this way. If you're interested why, I can explain it in a post after this one (it's out of scope for a changelog). Lightning-fast search for some recognized applications TinyWall now has a way to rapidly detect some installed applications without having to search through the hard drive. When the installer ends with the "Automatically unblock applications" checkbox selected, you will notice that the application finder window won't pop up like in v1. Is it broken? No! TinyWall simply loads and you will find many applications already whitelisted! It just happens so fast that I decided there is no need to show a progress window, because you won't notice it anyway. You can still launch the old application finder from Manage, and it will find some additional apps for you: Unfortunately the rapid finder is not able to find every single app TinyWall knows about, but it is still very good. Increased startup performance I've gone to great lengths to decrease the startup times of both the service and of the GUI application. I've done crazy things like separating CPU-bound tasks from IO-bound tasks and executing them in parallel. I have a fast machine, but compared to the old version, even I can tell the difference. Better support for Windows Networking, Remote Desktop and Remote Assistance This is the only feature that I regret I cannot do better. The focus is on the word "Better". It is now at least possible to use these Windows features with TinyWall, but after each start Windows might ask you to redo some of its settings. In my own defence, it really is not my fault but some freaky Microsoft design decision. It is again out of scope but ask and I'll tell you more. Remember the last used firewall mode This is small-ish change, but nevertheless handy. TinyWall now saves the firewall mode between reboots (with the exception of the Disabled mode, which will not be remembered). Binaries are signed by a digital certificate I spent some money to buy a digital certificate usable for code-signing. (The previous donations helped a lot, but I still needed to throw in some money of my own because they weren't quite enough.) As a result, Windows will no longer tell you that TinyWall comes from an "unknown publisher". A digital certificate will assure users that my person has been checked, that I exist and it will identify all software releases coming from me. It means that as long as Windows is telling you that TinyWall has been published by "Károly Pados", you can be sure that 1) the TinyWall you have downloaded really is from me and is not some scam and 2) that it has not been modified by others, not been infected with a virus after its release, not been compromised and so on. I have long asked you people to trust my good intentions, in the sense that I am not making some trojan here, and the acquired digital certificate is to show that I really mean it. Localizability TinyWall v2 can be localized into other languages than English. All the UI and messages shown by the controller (except profile names) can be translated into other languages and TinyWall will pick the right language based on the current Windows version. I am not yet releasing the resource files for translators because this is only a beta and some text will likely change, but as soon as v2 reaches maturity I'll be ready, because TinyWall already supports it. Wow! That was a lot of new features! There are also some fixes worth mentioning: Fix: Controller issues with password lock Fix: Don't lose settings in a virtual machine anymore Fix: Custom ports were not applied to services ... and some other things I've forgot to take notes of The testing version TinyWall v2 can be downloaded from TinyWall's own website (see the bottom of the download page). Looking forward for everyone's feedback. p.s.: Can I copyright ILAC?
Good additions. I do really have competition on this. For the feature named "Offer user to whitelist additional files that belong to the same application", do you have a few predefined programs or you do search recursively in the folder/subfolders to find another exe files ?
Hi, I have predefined programs. Picking up any file I find would be not only dangerous but would also result in thousands of firewall rules, possibly slowing down the system. But I am working on an auto-learn feature for v2, though I am unsure if it will make it into the next beta. There are still some practical issues to solve before I am ready to release it.
One small problem system tray icon stays the same in all modes (does not change color). Very strange, got the icon to change to Orange (block all) then switched back to normal mode and it is still Orange even as a type this. It showing and saying Block all, but I am connected.
Thanks for spotting. Fixed. The actual firewall mode always changed correctly, only the icon and some text in the UI did not update to the new status.
I've tried it on vm, icon doesn't change. About connections tinywall makes connections on remote adress. What about ? Looking for updates ? For blocked applications is it hard to show full path ? Can we start to translate in other language ?
It is only the icon and some text, but the mode change is working correctly. I have fixed it in in the source code, will be in the next release. Yes, updates. The remote address for the updates is 83.169.4.50 (same as tinywall.pados.hu). It shouldn't do that very often, once every two days if I remember correctly. Thank you for the suggestion, I will change it to show the full path. Is it okay if I show it in the tooltip of the list item? There will still be a small number of new features, it would be better to wait with translation until only minor fixes are left. I will give you files to translate, please don't start extracting strings from the executable yourself.
I will wait for translation no problem About the path i think it will be nice. I'll try it in the next release
Just want to say I really appreciate all the time and effort you've put into this app and I really like it. I suspect the above is responsible for a significant increase in memory usage from the tray app. Would it be possible to make disabling it an option?
It is definetely not caused by the traffic monitor. Note that TinyWall consumes less RAM than reported by the Task Manager, but I'll see what I can do about it. It was long ago since I last looked at RAM usage, so there might be somehting I can do. But no promises. If you are concerned over memory usage, please read this.
If enabled, traffic from/to your LAN will not be filtered by the firewall. You can use this to unrestrict communication on your local network while still being protected from the internet. It is not related to #225. Even if this option is disabled, you can still communicate on your LAN by unblocking the right applications. But if this option is enabled, you do not need to unblock anything for the LAN to work. TinyWall v1 also had this same option, but it was located in the Mode submenu.
What about Network Selection Home, Work & Public through TinyWall? Is this included in this version? If no, then are you planning to add it?
#225 mentions Windows "homenet group". If I am right and the post's author meant the network browser (possibly, browsing the workgroup in specific), then it already impoved in v2, and it will be even better in the next beta because it will fully support Windows Network Discovery. But as I mentioned in the release notes, there might a bad interaction with Windows' behavior, we'll need more tests to figure this out exactly. I'd be very pleased if people on this forum could help test this with the next beta, because my computer networking setup is very limited here.
Tinywall service stops and starts every two seconds. This is on Vista 64. The services that Tinywall depend on appear to be running. Managed to uninstall and install V1 Tinywall to get the internet back.
DNS blocking is not working correctly in v2. If I uncheck DNS client in "Special Exceptions" (v2) I can connect to VPN (IPSec), in v 1.03 I cannot. 1.03 is doing the job of DNS blocking, not Version2. Also can't stand the icon not showing the right mode. Looks like version2 will be excellent, after the bugs are worked out.
