Windows Firewall Control (WFC) by BiniSoft.org

Discussion in 'other firewalls' started by alexandrud, May 20, 2013.

  1. iammike

    iammike Registered Member

    Joined:
    Jun 13, 2012
    Posts:
    345
    Location:
    SE Asia
    Check your Router is the 1st thing to do.

    Which router do you have ??

    Here is an example picture for a Dlink so you know what to look for.

    Advanced_LAN.jpg
     
  2. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,413
    Location:
    Romania
    Try this link: https://social.technet.microsoft.com/Search/en-US?query=Windows Firewall with Advanced Security&ac=2
    I will check if Windows Firewall API exposes something related to this. If these rules are saved in a different place, then I must investigate if I can retrieve them.
    It seems to be a problem in the Merge feature. I will fix this in the next version.
     
  3. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,796
    Location:
    .
  4. marzametal

    marzametal Registered Member

    Joined:
    Mar 19, 2014
    Posts:
    766
    I finally took your advice and started using WFC instead of W7FwAS... pwoah mate... like a kid with a new toy!
     
  5. marzametal

    marzametal Registered Member

    Joined:
    Mar 19, 2014
    Posts:
    766
    Hi...
    On Windows 7 64bit and latest version of WFC, can someone check the following please... it doesn't seem to be working on my side...

    When an alert pops up for the user to decide if outbound access is allowed or not, in the bottom right hand corner there is "< 1/1 >". I have noticed however, when more than one alert is produced (the IP address changes from original), the 1/1 stays like that. It doesn't update to 1/2 or 1/4. There is no way to navigate back and forth between alert popups.
     
  6. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,413
    Location:
    Romania
    It works correctly. It will update to 1/2, 1/3, etc only if a new notification is for a different executable file. If the connection that is blocked is for a file that is already displayed, only the fields of the existing connection are updated. If you launch a web browser which does not have an allow rule it will try to connect on several ports. It is easier to update 20x times an existing notification instead of displaying 20 different notifications for the same program.
     
  7. marzametal

    marzametal Registered Member

    Joined:
    Mar 19, 2014
    Posts:
    766
    Ahhhhhhhh... D'oh!
     
  8. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    I will give this one a try, it does look a bit complex I have to admit. But I really need an outbound firewall with alerts, TinyWall is cool, but gets on my nerves when apps need to connect out.
     
  9. Jack8

    Jack8 Registered Member

    Joined:
    Jan 5, 2015
    Posts:
    17
    small bug found: if i tick 'start automatically at user logon' the program creates on my Win 8.1 64bit machine a wrong path to the program (x86 path). Actually the programs installs correctly on the 64 bit path. The startup link in autostart is not functioning.
     
  10. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,413
    Location:
    Romania
    Can't reproduce this. I also use x64 operating system on several machines and the path is always correctly. The path is the executing location of the executable file and is retrieved through the .NET functions. Are you sure that the file that is executed is not from the Program Files (x86) location ? Which version of WFC do you use ?
     
  11. Jack8

    Jack8 Registered Member

    Joined:
    Jan 5, 2015
    Posts:
    17
    I rechecked it again and found out what happened. I just looked at my Startup-Manager Program, not in the Autostart Folder. The 'Startup Manager' changed the correct path to the wrong (x86) path. So, my apologize, it's my bug ;-)
    Thank's for answering so quickly, amazing!
     
  12. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,413
    Location:
    Romania
    Back with the investigations results.
    It is not possible. Even if Windows Firewall API accepts variables for input, and they are saved this way in Windows Registry, when retrieving them through the same API, it always returns the full paths. There is nothing that I can change on WFC side to change this behavior. WFwAS doesn't use Windows Firewall API when it gets the rules and this explains why in WFwAS the paths can contain the variables instead of the full paths.
    Already done. The next version will include this.
    Windows Firewall API doesn't return the rules created through Group Policy Editor for security purposes. These rules are supposed to be rules enforced by the network administrator which should not be modified in any way by the user. WFwAS doesn't use Windows Firewall API, and the creators of the API did not expose these rules. Unfortunately, there is no other way to retrieve them.
     
  13. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    670
    Location:
    Switzerland
    Okay, I understand. Nevertheless thank you for investigating!

    Okay, I understand. Here too: nevertheless thank you for investigating!

    Alpengreis
     
  14. lessthanmorethan

    lessthanmorethan Registered Member

    Joined:
    Jan 11, 2015
    Posts:
    1
    I registered an account here after years of intermittent unregistered reading and lurking to thank you for this program. It's the firewall app I've always wanted!

    The hard work and polish you've put into it is obvious. It works great; and $10 is a bargain.
    It's unique because it uses the windows firewall, a + for me, and it allows creating rules on-the-fly from the notifications -- something that I look for in all firewall applications but have never found before now.

    I looked at the last few pages of this thread, and the first few, and none in the middle, so please forgive me if I've missed something but I saw a user seem to decide the existing windows firewall apps were better than this and I think that's pretty silly. I think this does everything and more that tinywall does? Firewall notifier is a valiant effort, but it's still buggy and this trounces it in every way. As for Sphinx firewall control, I don't understand why it's ever recommended because it uses silly inflexible profiles that are made to apply to multiple programs. Sphinx offers no fine grained control at all and the windows firewall alone is better than it. All just my humble opinion of course.

    Anyway, nice job!

    I do have a recommendation, which, again, might have already been covered in the middle pages of this thread (sorry).
    I really like the custom rule dialog from the notifications. It's the biggest feature for me. I'd really like a middle ground option that wouldn't pester me about every port, but wouldn't really let applications surprise me in their actions either. What I really mean is I want an option to allow ports within x of the currently blocked port. By default it could be set to something big like 500. So basically if a multiplayer game wants to access port 5000, and I click yes or yes+500 or something, I would implicitly be allowing port 5001, 5002, etc. But If it suddenly wanted to access port 6667 (IRC), it would prompt me about it. This ia a real example from a game I regularly play. It connects you to an IRC server of it's own will. It's not malicious, just strange design that I disagree with.

    I think the reason we like a firewall is basically to watch and block this sort of behavior. But particularly with games, installers, etc we want to allow a broad, but not unlimited amount of access and also don't want a large amount of popups/notifications. So an option to literally allow a broad range of access makes sense to me.

    I'd be interested in everyones thoughts on this.
     
  15. marzametal

    marzametal Registered Member

    Joined:
    Mar 19, 2014
    Posts:
    766
    In W7FwAS you can create port open and port closed rules, so whenever an application triggers a port (5000) mentioned in a port rule, all corresponding ports are open or closed as well (5001-5500). I am not sure how to create a port rule in WFC though... maybe I can, if I choose "all programs" from the dropdown instead of "this program".
     
  16. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,413
    Location:
    Romania
    You can define for a rule a port range like 5000-5500, or even multiple ports or ranges, something like: 80,5000-5500,6667,6800-6900. If you want these to apply to all programs (like marzametal said), just define the rule for All Programs instead of a specific file. I am afraid that I do not understand exactly your request. The notification system, as long as it is enable, will display a new notification when a blocked connection does not match an existing rule. To stop multiple notifications for the same program you can extend the existing rules to allow more connections and be less restrictive or you can disable the notifications.
     
  17. pling_man

    pling_man Registered Member

    Joined:
    Feb 11, 2010
    Posts:
    599
    Location:
    UK
    Looks like there is an issue using WFC (4.2.1.0) with the latest NET framework update (just delivered through windows update on windows 8.1).

    An error occurs when you first launch the GUI after the update. Sorry but I couldn't get a screen dump.
     
  18. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,413
    Location:
    Romania
    I know about it. I am working on a solution. The problem is that when showing a window for the first time, it takes several seconds to display it and if the user presses multiple times on the icon, it will generate that error. I can handle the error, but the window will still be displayed with delay when showing it for the first time. This happens when .NET Framework 4.5.2 is installed and with any version of WFC. It works fine with version 4.5 installed, but not with 4.5.2.

    Update. I tried a clean install of .NET 4.5.2 on a clean system and also an update of .NET 4.5.2 over .NET 4.5. The same result, the window.Show() method works very slow. The only solution is to use .NET 4.5. Maybe this is a marketing thing to make developers to target the software on .NET 4.5.2.
     
    Last edited: Jan 14, 2015
  19. pling_man

    pling_man Registered Member

    Joined:
    Feb 11, 2010
    Posts:
    599
    Location:
    UK
    Is there a way to make it use .NET 4.5 once one has updated to .NET 4.5.2 ?

    Edit. I tried adding support for ASP.NET 4.5 "Advanced Services" through the control panel. Then changed my mind and removed this again. However, since doing that I haven't had the error again (after rebooting). Not sure if this has fixed anything or if this problem is intermittent.
     
    Last edited: Jan 14, 2015
  20. Charyb

    Charyb Registered Member

    Joined:
    Jan 16, 2013
    Posts:
    679
    I was just getting ready to report this error. I uninstalled WFC4 and was going to reinstall because I wasn't sure what the problem was.
     

    Attached Files:

  21. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,413
    Location:
    Romania
    No. Anyway, WFC is targeted to use NET 4.0 assemblies from the framework, but it seems that .NET 4.5.2 overwrites some files from version 4.0.
    To avoid this error, when using .NET 4.5.2, after you press on the system tray icon, just wait for the Main Panel to show up. This happens only if the user presses multiple times on the system tray icon without waiting for the Main Panel to be displayed. The next version will handle this scenario. Until .NET 4.5.2, everything was fine.
     
  22. Broadway

    Broadway Registered Member

    Joined:
    Aug 16, 2011
    Posts:
    211
    I just want to let you know that I'm running WFC .NET 4.5.2 on Windows 7 64bit - without issues.
    But I must admit that I never hit the system tray icon more than once. :)
     
  23. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,796
    Location:
    .
  24. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,413
    Location:
    Romania
    Tried this morning this solution https://support.microsoft.com/kb/2570538/en-us but without any improvement. The script that you uploaded, does basically the same steps as described on the Microsoft website.
     
  25. pling_man

    pling_man Registered Member

    Joined:
    Feb 11, 2010
    Posts:
    599
    Location:
    UK
    I think I sometimes double click instead of single click. This brings up the error the first time I do this.

    Some of my other tray icons (Sandboxie, MBAM) require a double click, which is the reason for my confusion.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.