TinyWall Firewall

Discussion in 'other firewalls' started by ultim, Oct 12, 2011.

  1. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    By now all of you should have gotten the latest hosts file, assuming you have updates enabled in TinyWall. What is different from earlier hosts file updates, is that this time it was done automatically by my new scripts, without manual intervention. As long as this continues to work, no more outdated hosts for TinyWall users. A long-time critique answered and solved :)
     
  2. younameit

    younameit Registered Member

    Joined:
    Aug 19, 2013
    Posts:
    33
    Location:
    UK
    Hi, two questions:

    I use the FF add-on Keefox. I get the following message: "Keefox can not connect to Keepass. A firewall is probably communication on TCP port 12546". Is this caused by Tiny Wall? Learning mode seems not to help.

    I also use a mapped network drive at my university. When I use a VPN to connect to the university network, I still cannot connect to the network drive. I wonder whether this also is related to Tiny Wall.

    I'm grateful for advice on how I can fix this.
     
  3. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    I´ve checked out TinyWall, and I must say I kinda like it, you did a nice job. :)
     
  4. trott3r

    trott3r Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    1,283
    Location:
    UK
    I would agree more options are better even if it is hidden.
    Not as many firewalls are being maintained as there used to be with commodo. online armour and private firewall the ones that come to mind.
     
  5. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,207
    ultim, it is good to hear from you. It really is!

    I am still using your packet filter firewall the latest TW 2.1.4. Like you I have learned to appreciate the non popup approach of things.

    You have probably read my comments about being in somewhat in troubles with updating Flash. Same happened when I had still Java in my computer and updating it. Those updates could break the Tinywall in my computer so much so that it needed to be reinstalled.

    Unblocking connections from the window is a really nice thing, but I could not make it work with those programs. I needed to allow all outgoing to update them. Otherwise they broke my TW install and I needed to reinstall it. A big turn off as you understand I am sure. Whitelisting them by window or process did not work either.

    Also the password protection feature, I am not using it. It is not a stable option on my Windows 7 computer. The Tinywall GUI lost its control to the firewall.

    If you make those of my noticed bugs fixed I would be so happy. That about you paying to have a TW be a signed app again is not that immediate wish of mine.

    A new feature I would appreciate is to be able to IP restrict apps besides now existing protocols and ports.
     
  6. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    That is of course a major issue and it is an item on my todo-list for this upcoming release. I have had no such problems on my computer, but I also didn't try to explicitly reproduce this specific issue yet. I will know more once I try. Please stay reachable on this forum in case I have problems reproducing it.

    Did you try elevating the GUI first? User-mode GUI cannot whitelist admin-apps most of the time, so for setup applications and installers (which almost always run as admin) you generally have to elevate the TinyWall GUI. I once thought it works without elevation, but I unfortunately had to realize later that it was only due to my development setup.

    That issue is already fixed in my repository, so a fix is 100% coming in 2.1.5.

    Also already taken care of. I have already payed for the new certificate, and I got through the certification process successfully, so 2.1.5 will come with a shiny new (and valid) certificate.

    This is actually a relatively often requested feature. For now I'm putting it on hold though, as I'm focusing on fixing existing issues in 2.1.5 instead of introducing new features. After that, we'll see. It would add significant complexity to the GUI, and I'm not totally convinced that it's added benefit is that much at all. In any case, that is a discussion for post-2.1.5.
     
  7. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    TinyWall does not block local connections, so it is with all likelyhood not the problem here. This is further supported by the fact that learning mode does not help either. Some other thing must be blocking Keefox.

    This can be easily caused by TinyWall. Make sure you have the appropriate settings enabled in the management window. Otherwise if still not working, keep a look on the blocked connections in the Connections window to determine what is missing from your whitelist.
     
  8. ginzon

    ginzon Registered Member

    Joined:
    Sep 6, 2009
    Posts:
    80
    So will there be exclusion addition when host List is Active? Would like to have one such..
     
  9. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    A general question:

    After removing McAfee Internet Security Suite (which came pre-installed) I lost internet access, and the only way to get it back was by disabling the Windows Firewall. So does it block outbound connections by default? Of course I also noticed that with TinyWall´s "auto-learn" option, you can automatically make rules for apps that need outbound access. :)
     
  10. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,207
    No Karoly, I did not try that. Thank you for that advice and I will do that next time ;)
     
  11. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    No, I won't add support for that. TinyWall offers completely automatic hosts file management and protection that IMHO will suffice 99% of all users. If you need manual editing capability, I recommend you disable the hosts file management of TinyWall in its settings, and use a separate utility for managing the hosts file, of which there are plenty out there.
     
  12. Shiri

    Shiri Registered Member

    Joined:
    May 11, 2013
    Posts:
    55
    Location:
    USA
    Hi,
    I tried Tiny Wall when it first came out and it worked great, but during that time I had problems with my desktop icons and the task bar were shuffled around and some missing. I tried to fix it and started uninstalling unnecessary stuff, but still had this problem. I removed Tiny Wall at last resort and the problem stopped. This was about a year ago. So last week I installed Tiny Wall again to see if it would work ok. Well, the same thing happened, desktop icons and task bar lost and moved somewhere else. I uninstalled Tiny wall again and the icons and task bar stayed in place.
    I have Windows 7, 64bit and hope Tiny will work on my system. Have anys if Tiny Wall is causing this, maybe a bug or something? :(

    Thanks,
    Shiri
     
  13. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    Hello Shiri,

    That is most strange. TinyWall doesn't do anything with the desktop, icons or taskbar, it does not touch them in any way, not even indirectly. TinyWall only installs icons to the start menu, but even that is done over the standard functionality of Windows Installer (WiX), so no custom magic here either. And as I said, no messing around with the desktop or taskbar at all.

    I must say I have no ide how TinyWall can be the cause. I have also never heard of this problem from any other user, even though TinyWall had over 220k downloads. Really strange. Sorry, but unless some idea hits my mind what could possibly cause this, I cannot help.

    And to be honest, even though I believe you that you experienced these problems while TinyWall was installed, I am still doubting it is TinyWall's fault. Maybe some weird desktop management software? Infected computer? I don't know...
     
  14. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    Btw, news from this past weekend, code changes for 2.1.5 done, all that's left is to update the database. That's gonna take a couple of days. One way you can help me make it better is to fire up the "Dev Helper" tool, and using its first tab, send me profiles in PM of the most common online apps. You know, Outlook, browsers, Dropbox, p2p clients, your AV's updater, Winscp and stuff. I will do the same, but obviously I do not have the capacity to do that for every single version that is currently in circulation.
     
  15. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Last edited by a moderator: Aug 18, 2014
  16. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,207
    Yes, all connections are blocked by default, except what are allowed by Application Exceptions and Special exceptions. I made a list of the default exceptions:
    http://www.saunalahti.fi/~jarmos3/TinyWall_rules.jpg
    There exist some default Application Exceptions that are not in that rule list, like maybe a browser rule etc.

    There are special exceptions ready made for special needs like File and Printer sharing and some other things you can choose.
    You will definitely need to make your own rules for the AV, browser used etc. and learn to save the ruleset/settings to a file as a backup just in case you need to reinstall TW.

    Easy or temporary solution is to change TinyWall mode to 'Allow outgoing' to have all work as in the Windows firewall default setting.
     
    Last edited: Aug 19, 2014
  17. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,207
    The version number 2.1.5 is a famous one as it is the last functioning version of the legendary Kerio firewall from XP times :) My favorite tinkerers firewall until yours. As kerio 2.1.5 did not have any application rules, they are not my fave of you to add as default. So I am not going to help you in that request, sorry to say. There is that pleasant feeling for me to get an app working that was blocked by a firewall by myself. I do understand you want TinyWall 2.1.5 be more beginner/user friendly of course.
     
    Last edited: Aug 19, 2014
  18. Shiri

    Shiri Registered Member

    Joined:
    May 11, 2013
    Posts:
    55
    Location:
    USA


    Thanks for the reply, I'll reinstall it and see what happens. Could be a coincidence and my mind ;)


    Shiri









    :)
     
  19. Shiri

    Shiri Registered Member

    Joined:
    May 11, 2013
    Posts:
    55
    Location:
    USA

    1. IMG_0841.JPG

    Here's a screen shot what Tiny Wall's setting is and Windows firewall is (Avira uses WIN 7 firewall).

    Left screen is what Tiny Wall setting is - "Do not notify when Windows firewall blocks a new program"

    Right screen shows what Windows 7 setting is - "Notify me when a new app is blocked"


    Is this ok, seems to contradict each other.

    :confused: Maybe I'm wrong, but just checking. The settings are default......



    Shiri
     
  20. clubhouse1

    clubhouse1 Registered Member

    Joined:
    Sep 26, 2013
    Posts:
    1,124
    Location:
    UK
    Unless I'm mistaken doesn't tinywall assist in adding a total block rule....ie....Its blocks in and outbound?
     
    Last edited: Aug 19, 2014
  21. Nekomaou

    Nekomaou Registered Member

    Joined:
    Aug 19, 2014
    Posts:
    5
    Can't wait for the new version! :) Tinywall is the best thing since white sliced bread.
     
  22. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    OK so you´re saying that Windows Firewall blocks all apps from outbound access? That sounds very weird to me. :)
     
  23. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,207
    To rasheed187:

    I once made my Sygate firewall guide to normal people interested in their security (not existing anymore because of isp change and it becoming extinct). Little did I know that this forum was visited not just my type of guys. Naive as hell I was, just wanting to help others. I became a hacking target of some dutch nazi type of guy.

    I have read your posts, if you are not one then sorry my angriness. You ask this and that software about code injection, registry protection etc stuff.

    To others:
    Windows firewall is just a packet filter firewall. What you allow depends. If a VPN program, then a single port can allow all the protocols to your computer. Or something like a bad program like in leaktests. I am not some expert in piggy pack things.

    Tinywall offers to me what is the best controller of WF. What was in my jpg pic link is what TW allows as default as a system. The rules from Windows firewall are replaced by those. TW 2.14 allows also some applications that people use normally, like browsers. Without the need to add them. As a default install if I remember right.

    To Shiri:
    I experienced some strange things from the latest MS update regarding TW. I can't remember what they were and handled them in my way. Reinstalled it. But no more say about that.
     
    Last edited: Aug 22, 2014
  24. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    @ Jarmo P

    I don´t really understand what you mean, but I think my question confused you a bit, let´s leave it that. :)
     
  25. JayBe

    JayBe Registered Member

    Joined:
    Sep 7, 2014
    Posts:
    2
    I just started using TW 2.1.4 and found a problem:

    "unblock LAN traffic" is enabled,
    but sending to 255.255.255.255 UDP is blocked
    This is used to initiate CAPI in Fritzbox.
    The only work around is to put each app into the whitelist

    Doesn't this broadcast-adr count as LAN traffic?
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.