TinyWall Firewall

Discussion in 'other firewalls' started by ultim, Oct 12, 2011.

  1. Guitargain

    Guitargain Registered Member

    Joined:
    Sep 8, 2014
    Posts:
    5
    Sorry if this is in the wrong place, couldn't find anywhere else to ask. I recently installed Tinywall 2.1.4 on my laptop and my home desktop. I have checked the box for pingable local machine on both. I still can't ping the desktop with the laptop when I am outside the network. I also can't remote in unless I first disable tinywall on the desktop. I can set it to autolearn and it allows it but as soon as I change it back to normal it won't work anymore. I am using dyndns and had no problems remoting in before the install and have no problems now as long as the desktop tinywall is disabled. Any ideas? Oh I have elevated the gui on both machines as well. Would also say it's a great product and fits my needs perfectly. Thanks.

    forgot to add that both machines have windows 8.1 Professional on them.
     
    Last edited: Sep 9, 2014
  2. Guitargain

    Guitargain Registered Member

    Joined:
    Sep 8, 2014
    Posts:
    5
    Would also add that I can put tinywall on autolearn on the desktop and then remote in from outside the network. Then while controlling the desktop switch tinywall back to normal operation and it immediately breaks the connection and won't allow me to remote back in.
     
  3. JayBe

    JayBe Registered Member

    Joined:
    Sep 7, 2014
    Posts:
    2
    Another problem I discovered. A program uses a "helper.exe" doing the TCP communication. In connections-mode that helper is listed with empty process-name, only process-number is shown. Seems the firewall is unable to get the name, although in ProcessExplorer it is shown. Note: It is NOT a harmful exe, but just part of an application.

    Thus unblocking should also accept empty process-names, or better improve the method to extract those names also.
     
  4. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,207
    Can't help you in that. You could try see what is blocked in connections window. I think for problems like this it would be good to be able to make some IP specific rules instead to unblock all LAN traffic. As ultim told in his reply, it is not his most immediate concern.
     
  5. Guitargain

    Guitargain Registered Member

    Joined:
    Sep 8, 2014
    Posts:
    5
    Although I like it and think it's a great product I am going to have to uninstall it if I can't figure out how to get remote desktop to work.
     
  6. Guitargain

    Guitargain Registered Member

    Joined:
    Sep 8, 2014
    Posts:
    5
    Unblocking LAN wouldn't help as I am trying to remote In from outside the LAN using a domain with DynDns. I checked the connections (thought I had already allowed what I needed to) and saw that it was blocking a process on the port that I have remote desktop configured for. I right clicked it and the dropdown gave me the option to unblock just that process or unblock that one and the others that are recommended so I clicked unblock recommended and now it works. Thanks, sometimes you want to hit yourself in the head with a hammer cause you shoulda thought of something but I appreciate your reply as it seems to be working fine now.
     
  7. notoc

    notoc Registered Member

    Joined:
    Sep 11, 2014
    Posts:
    1
    Has anyone experienced (and solved?) a situation where <Network Discovery and File Sharing> settings will revert to 'off' after having been set 'on'?

    I am having to reset these settings to 'on' each time I boot (or reboot.)

    Running Windows 8.1 Pro with TinyWall 2.1.4
     
  8. medway

    medway Registered Member

    Joined:
    Jun 28, 2014
    Posts:
    1
    notoc,

    I have this problem on windows 7 x64 and tinywall 2.1.4, so far I have not found a fix, its annoying !
     
  9. Opsapo

    Opsapo Registered Member

    Joined:
    Sep 18, 2014
    Posts:
    1
    Sorry if this is in the wrong place, couldn't find anywhere else to ask. <--

    I'm experiencing issues in a Windows Domain environment, I can't browse \\shares. I have Windows Network Discovery, explorer.exe, svchost.exe, SYSTEM and lsass.exe authorized, I've tried to use the "Autolearn" feature but still it's a no-go.

    On the command-line when running "net use server" I get

    System error 67 has occurred.
    The network name cannot be found.


    Any help? Thanks in advance.
     
  10. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    "when I am outside the network"?

    To me, this suggests you have a problem with your router setup, not with TinyWall. You have to add proper port forwarding to your router in this case to make remote desktop work. And you can completely forget about pinging your machine, unless you add it as DMZ host, which I STRONGLY discourage.
     
  11. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    As for the reports about File and Printer Sharing getting "disabled": I know about this issue, unfortunately it is not something that I am able to correct right now. There are some good news though at the end of this post.

    Strictly speaking, this is a design deficiency in Windows itself, not TinyWall. What happens is that Window's File and Printer Sharing (FaPS) checks for specific firewall rules that it has created, instead of checking for actual network access. TinyWall disables all pre-programmed network rules in Windows, and adds its own versions, this is to make it compatible with all editions and languages of Windows. TinyWall also *correctly* allows communication for FaPS. However since FaPS checks for the specific rules pre-programmed by Microsoft (which are not there anymore), it tells the user it is disabled even though it is not, meaning it could access the network if it actually tried.

    When you enable FaPS in Windows, it creates Window Firewall rules for itself, and even though they are immediately reverted by TinyWall, FaPS keeps assuming they still exist because it just created them, which is why it works. But time after time (for example after reboots, but actually on other occasions too) it checks again for the rules, and when it cannot find them, it tells you again that it is disabled, even though nothing has changed, nobody has disabled it, and it could really work if it only tried.

    There are of course ways to get around this idiocity of Windows, but TinyWall just doesn't work that way in its current version. Getting around it would at least require re-implementing a significant portion of TinyWall in C++ (TinyWall is written in C#), and possibly also installing kernel drivers. I cannot tell you more details as I am bound by a Microsoft NDA.

    The good news is, if all you want to do is access a network drive, all this doesn't concern you. First, make sure you have File and Printer Sharing enabled in TinyWall. Then, instead of trying to browse the local network, map your remote folder/drive to a local drive letter (enable it to reconnect every time you log on, http://support2.microsoft.com/kb/308582). This will work flawlessly and comfortably, and in fact is also proof that TinyWall enables file sharing correctly. Other computers can also access shares on your PC, of course.
     
  12. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    Nice catch! I'll try to fix this.
     
  13. Guitargain

    Guitargain Registered Member

    Joined:
    Sep 8, 2014
    Posts:
    5
    the port forwards were done and still couldn't connect with remote desktop. Before I installed tinywall I could ping the machine from outside the network without the desktop being in the DMZ. Thanks for answering.
     
  14. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    In general, TinyWall or not, pinging a computer from outside the network is not possible, unless the PC has a public IP too (not just the router), which - to say it diplomatically - is highly unlikely in any home setup. Since you claim you could do it without TinyWall, I suspect there are other factors at play here, which need to be sorted out (or made clear) first, for me to be able to offer any help.
     
  15. peters4000

    peters4000 Registered Member

    Joined:
    Jun 30, 2012
    Posts:
    26
    Location:
    GB
    Hi ultim
    Just to confirm my "host" file automatically updated today, many thanks for a great program

    Peter
     
  16. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    Hi All, I'm checking in again to announce the release of TinyWall 2.1.5! As usual it took long, but as a kind of compensation, there are a whole bunch of fixes to remediate most issues, and even some new features. Here is a detailed list of changes, and as usual, let me know if anything's wrong.

    2.1.5 - Maintenance release (12.10.2014.)
    - Support for Window Update in Windows 8.1
    - Add support for whitelisting executables on remote network shares
    - Increase service robustness by dry-run testing new rules before save
    - Allow selecting multiple processes when initiated over tray menu
    - Add uninstallation protection
    - Fix: Service crashes if backup of hosts cannot be found
    - Fix: If local network traffic is allowed, local broadcasts are still blocked
    - Fix: Connections window crashes if endpoint IP cannot be determined
    - Fix: Under some circumstances, controller commits new settings even if rejected by service
    - Fix: Wrong error message is shown if user tries to change mode while locked
    - Fix: Tray shows out-of-date lock status after service locks due to timeout
    - Fix: Tray GUI needs restart after service locks due to timeout
    - Fix: Service crash after merging a wildcard and a non-wildcard port rule
    - Fix: Hosts file not automatically updating
    - Preliminary Italian translation and other localization updates
    - Updated application database
     
  17. Circuit

    Circuit Registered Member

    Joined:
    Oct 7, 2014
    Posts:
    939
    Location:
    Land o fruits and nuts, and more crime.
    Thank you for the update!
    Trying it out now.
    - Fix: Hosts file not automatically updating.
    Working now.

    Love this firewall, thanks for putting in so much effort.
    Thought it was going by the wayside for awhile. Glad to see it is still in progress.
     
    Last edited: Oct 12, 2014
  18. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,207
    Thank you Karoly for the update to your beautiful firewall (controller).

    I did as you adviced in the http://tinywall.pados.hu/download.php to first exporting my existing rules from 2.1.4. Then I uninstalled the TW 2.14 and installed TinyWall 2.1.5. Quite likely i could have also been able to install on top, but I preferred the uninstall. Then I imported the rules.

    There was some glitch on my system that when I installed on admin account, shutted down my computer and then went to my user account on Win 7, i needed to import the rules again. Nothing much worth to mention but maybe if some other experiences the same I thought it worth to mention.

    All seems working fine.
     
  19. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    Hi Jarmo,

    Yes you could have simply installed on top of 2.1.4. That note on the download page is only for people who are upgrading from 2.0.x.
     
  20. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    Jarmo, please let me know if your previous problems have been resolved with 2.1.5. Things like allowing Flash (elevate TinyWall when needed), password protection, and any other things you had problems with.
     
  21. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,207
    I had to check about password protection and I think my post in this was what it was to me: https://www.wilderssecurity.com/threads/beta-testing-tinywall.309739/page-31#post-2280428 , post 760.
    So now I enabled password protection and selected 'Lock' from the tray options. Checked that all is password protected. Then according to my post above I 'Unlock'ed the protection. And I am now waiting and will post to here if I see any problems.

    Ultim, when the next Flash update becomes available, I will keep TinyWall in Normal protection mode and try to unblock the flash updater from connections window. And will see if it works. It used to make TW loose it's rules or force me to reinstall it. Java update was as drastic and perhaps Chrome update too.

    I don't have Java anymore on my system except as a separate not normally running version in the BlueJ Java. And possibly also Matlab and some other programs use their own version of Java that is not system wide.

    With Elevate before the flash update, it could have been also that the 2.1.4 worked. If I remember right. I never tried that before you mentioned it quite recently. I think you intended that the updating should now work without elevating. We will see and I will be doing the updating under standard user account, not the admin one in windows 7. Unblocking from the Connections window.

    EDIT: I have now tested the password protection and what I have seen it works! The GUI is not loosing the control to the actual firewall anymore. I consider this a big fix, congratulations. Not that hackers maybe can be so easily do with their stuff things like changing the TinyWall rules/settings without it, but it sure is nice that an existing feature is fixed :) My TinyWall is from now on password protected.
     
    Last edited: Oct 15, 2014
  22. badsector

    badsector Registered Member

    Joined:
    Oct 7, 2014
    Posts:
    51
    I found some bugs and i don't know where to report them... so I'll just put them here....

     
  23. siketa

    siketa Registered Member

    Joined:
    Oct 25, 2012
    Posts:
    2,718
    Location:
    Gaia
    On every start of Windows7 I get UAC popup to allow TW to start.
    It is annoying...can something be done about it?
     
  24. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,207
    AppGuard does not need any setting for TinyWall, so it is not it causing that to your system. I don't know any about the other program you have on your signature. Sometimes security programs may conflict.
     
  25. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    He is talking about UAC, not AppGuard.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.