Windows Firewall Control (WFC) by BiniSoft.org

Discussion in 'other firewalls' started by alexandrud, May 20, 2013.

  1. marzametal

    marzametal Registered Member

    Joined:
    Mar 19, 2014
    Posts:
    766
    @Spishak462 do you have any security software that has settings for "email scanning"? Also, what version of MailWasher? Would you happen to know if the requirements for MailWasher include .NET Framework?

    ------
    EDIT: Following copied from MailWasher site - FAQ...
    What are the minimum requirements to run MailWasher Pro?

    Answer:
    Windows XP, Windows Vista or Windows 7 with .NET 4
    1GB of RAM, 64Mb of disk space recommended, and an Internet connection.
    ------
    Just a guess here, it might be a .NET issue, since WFC was upgraded to .NET 4.5.2... it could be a clash between the two 4.x.x releases. What .NET version do you have installed at the moment? Do your issues exist if you just use W7F without WFC (eg: don't load WFC at startup or uninstall)?
     
    Last edited: Jun 13, 2015
  2. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    670
    Location:
    Switzerland
    @Spishak462

    Have you defined remote IP(s) for those rules? Remote IPs can change, even within ONE destination (can have IP ranges, added new IPs or whatever).

    However: it seems, your rules are not fit enough. I recommend (for a first test):

    1. If you have many rules for the same purpose, merge those rules (with WFC function or manually) for easier handling.

    2. Leave the field Remote IP BLANK for the related allow rules (means all IPs allowed), unless it's absolute necessary, that you have defined IP(s). If you MUST have defined IPs, then you should check, WHICH IPs or even range(s) are necessary (with WHOIS service or so) - but you should know: they can nevertheless change in future ...

    3. Check also the protocol and location for correct setting. Also important (I know this from my windows 7 machine): (right) after PC wakeup, it seems, it's possible, that the location is not yet identified or so (then (at least with default setting here). This means: if your "normal" location is private and your rules are set for private, it's possible, that a connection is blocked and you receive a wfc notify, because your profile was not yet identified as private.

    Optional: check for block rules (block rules have higher priority than allow rules) but you said: with filtering profile Low all is okay, so this should be not necessary, because block rules should work also in filtering profile Low.

    If then all is OK, you should know the reason - if not, you should post more details (from connection log and about your rules).

    Alpengreis

    PS: I HOPE you understand my bad english, it's difficult for me to explain such things in this language :)

    EDIT: it seems, not yet identified right after wakeup means not = public
     
    Last edited: Jun 17, 2015
  3. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Some things bug me about those apps, and I've grown accustomed to WFC, I didn't expect I would like it this much.

    I think you've solved the problem, seems like I was positioning it slightly outside the screen. Now it does indeed work. And I was not talking about monitoring network connections, but a quick way to see rules, like in ZoneAlarm back in the days, the current one sucks. But I did forget that I could select the "User created rules" filter, so that comes close.

    http://filehippo.com/download_zonealarm_free_firewall
     
  4. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,413
    Location:
    Romania
    I will take a look at this.
    1. What other security products do you use on this machine ? Antivirus, antiSpyware, etc.
    2. Do you use a web filtering module or a software proxy ?
    3. When the computer wakes up from sleep mode, if you change the profile to Low Filtering profile and then back to Medium Filtering profile, do you still have the same problems ? This step will disable and re-enable the outbound filtering in Windows Firewall and will force it to refresh its state.
     
  5. spigot

    spigot Registered Member

    Joined:
    Jun 16, 2015
    Posts:
    2
    I'm using WFC on Windows 7&8.1 without any problem. Recently I installed WinSrv 2012 R2 and I'm unable to install WFC. Immediately after WFC installation start I get error.
    http://s29.postimg.org/4xk2s0sjb/Error.png

    Any help? Thanks.
     
  6. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,413
    Location:
    Romania
    I assume that this dialog is displayed immediately when you launch the installer. Try the new version 4.5.0.2 which was just released and see if this is fixed.
     
  7. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,413
    Location:
    Romania
    Windows Firewall Control v.4.5.0.2 - Quick fix

    What's new:
    - Fixed: The notification dialog does not update the Signed status if the parent process is not running anymore.
    - Fixed: The position of the notification dialog is reset to the default value after updating to a new version by using the integrated updater.

    Download location: http://binisoft.org/download/wfc4setup.exe
    SHA1: 20903f2a8ad5a87333ecc57546e97316366d5e72

    Thank you for your feedback,
    Alexandru
     
  8. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,796
    Location:
    .
    Thanks for this new version.
     
  9. Jack8

    Jack8 Registered Member

    Joined:
    Jan 5, 2015
    Posts:
    17
    Hi, after this 4.5.0.2 Update i have the error:
    Can't connect to Windows Firewall Control service
    Same after uninstall and reinstall this version.
    The Windows Firewall Control service (_wfcs) is stopped. When i restart it, it stops again.

    From Errorlog:
    Error:
    Can't establish the connection with Windows Firewall Control service. The service is not installed or is not running.

    Message:
    Der Pipeendpunkt "net.pipe://localhost/binisoft/1bbc4e9a705d5008dcf1681af47162f6" wurde nicht auf dem lokalen Computer gefunden.

    Solution:
    Start Windows Firewall Control service.
     
  10. marzametal

    marzametal Registered Member

    Joined:
    Mar 19, 2014
    Posts:
    766
    Same here...

    EDIT: How do we go about downloading previous versions. I made the stupid decision to overwrite 4.5.0.1 setup file with 4.5.0.2 before installing... the install link defaults to latest version.
     
    Last edited: Jun 16, 2015
  11. spigot

    spigot Registered Member

    Joined:
    Jun 16, 2015
    Posts:
    2
    Yes, thank you. Problem solved.:thumb:
     
  12. Jack8

    Jack8 Registered Member

    Joined:
    Jan 5, 2015
    Posts:
    17
    The the new version 4.5.0.2 did the trick ;-)
    All good, thanks for quickly response!
     
  13. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,413
    Location:
    Romania
    Windows Firewall Control v.4.5.0.4 - New version

    What's new:
    - Fixed: The rules are not loaded in Manage Rules if a rule is defined for a file located on a network location. The view remains empty.
    - Fixed: Importing and exporting of rules is not working when the user selects a policy file which is located on a mapped network drive.
    - Fixed: The setup fails to install on Windows Server when it checks for installed 3rd party firewall products.
    - Improved: The unlocking procedure in case the user forgets the password that he used to lock the program and Windows Firewall was simplified.

    Download location: http://binisoft.org/download/wfc4setup.exe
    SHA1: 8e6835b9b15ec81162f6ba95f7f129f2abbbf524

    Have a great weekend and thank you for your feedback.
    Alexandru
     
  14. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,413
    Location:
    Romania
    1. When are these rules created ? Are they created at start-up ? When you shutdown/restart your computer, the rules are missing and after a restart they just appear again ?
    2. The backup is scheduled to be made locally or on a remote location ?
    3. Does this software use a Windows service ? It may be possible that their service to start before WFC service. If this is the scenario, there is a short period of time when these rules may be created. WFC can't detect these rules if they are created before WFC service start-up. Unfortunately, there is no control over the start-up sequence of Windows services. For this reason I have created Secure Boot feature which blocks all connections when the computer is restarted/closed. In this case, the user can review manually the rules after Windows start-up before allowing network connections by switching to a different profile.
     
  15. kantry123

    kantry123 Registered Member

    Joined:
    Apr 11, 2015
    Posts:
    22
    Latest version works awesome @alexanderu
    just a quick question >
    if i just keep the service wfcs enabled and not the GUI(Wfc.exe) it works fine but whenever i try to start the application after a computer reboot..WFC takes around 10 seconds to start while all my programs work just wine

    can u fix this alex?

    regards
     
  16. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,413
    Location:
    Romania
    Windows Firewall rules are applied even if the WFC is not running. Also, the security features are enforced by Windows Firewall Control service (wfcs.exe). The GUI part (wfc.exe) just tells the service what to do. From your description it seems to be a .NET Framework loading problem. I mean, the assemblies of the framework may not be ready at boot time and it takes a few more seconds before wfc.exe is started. This delay does not influence the security of your system at all. Try to update to .NET Framework 4.5.2 or to repair the installation of it.
     
  17. kantry123

    kantry123 Registered Member

    Joined:
    Apr 11, 2015
    Posts:
    22
    OK sir will do that and let u know

    regards
     
  18. Kob

    Kob Registered Member

    Joined:
    Dec 13, 2011
    Posts:
    39
    May I suggest the following feature:

    To add in the Options/Secure Boot entry an option to allow a specific IP and /or port that will still get through after a Secure Boot.

    Reason: I have a computer which is connected to the public internet, and I want to protect it from programs that may connect out at the beginning of the boot process.
    However, I control that computer via VNC (local LAN) and currently, if I select the Secure Boot option, I am locked out of that computer when it reboots.
     
  19. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    670
    Location:
    Switzerland
    @alexandrud

    [Bug or by design?] Column Protocol alphabetically sorted is incorrect


    Now it's as follow (listed my used protocols only):

    HOPOPT, ICMPv4, IGMP, TCP, UDP, IPv6, IPv6-Route, IPv6-Frag, GRE, IPv6-ESP, IPv6-AH, ICMPv6, IPv6-NoNxt, IPv6-Opts, Beliebig (means "Any" in English)

    and vice-versa of course.

    Can you fix this?

    Kind regards
    Alpengreis
     
  20. marzametal

    marzametal Registered Member

    Joined:
    Mar 19, 2014
    Posts:
    766
    Question... if a rule has multiple remote IP entries, both single entries and ranges; does the list automatically sort itself into numerical order, or does the list maintain order of entry? I am not sure if previous versions sorted via numerical or if they kept the order as entered... so thought I'd ask. Cheers!

    Looking at W7F GUI, it appears the order is not sorted via numerical... maybe this can be a feature request for WFC? It isn't that important since a red box is produced if duplicate entries exist. So, not sure where to go from here...
     
  21. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,413
    Location:
    Romania
    Currently the High Filtering profile is achieved by creating two block rules for inbound and outbound connections that will block all connections for all programs. To achieve what you have proposed, these block rules should be customizable somehow in WFC and defined with remote IP addresses. Let's say that you are in a local LAN and you want to be able to connect from 192.168.0.15. You will have to define the template for blocking rule with the following ranges 1.1.1.1-192.168.0.14,192.168.0.16-255.255.255.255. In this example, the IP 192.168.0.15 is your remote machine which will be allowed. I will think about a solution for this. For example, a subfolder that will contain a partial policy file which describes the rules used for High Filtering profile. If this file is not found, then the default rules are created. What do you think ? You (all) can also propose a different way and we will choose the most intuitive solution.
    This happens because the protocol is internally an integer and the sort is made based on the protocol number, not by the displayed string value. I will see if I can change the sort to take into consideration the string representation instead of the protocol number.
    The entries are not sorted. The list maintains the order of entry. Not all users prefer them to be sorted. Maybe the user wants to see first a specific IP and then some custom ranges.
     
  22. Rafales

    Rafales Registered Member

    Joined:
    Feb 20, 2013
    Posts:
    62
    Location:
    Earth
    Hi alexandrud,
    If the user wants to see the history of blocked and allowed rules for the last 6 months or 1 year as per date and time. Is there such a feature in WFC ?
     
  23. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    670
    Location:
    Switzerland
    Suggestion: make the Secure Boot with variants too - WITH DESCRIPTIONS ...

    - Secure Boot All
    Blocks all connections in-/outbound - from/to LAN/Internet - while boot process.

    - Secure Boot Internet
    Blocks all connections in-/outbound - from/to Internet - while boot process.

    - Secure Boot Custom

    Define which connections are allowed while boot process.

    Example for the "Secure Boot Custom": the user could define a rule to allow the desired inbound traffic from LAN and another rule to allow desired outbound traffic to Internet. WFC should automatically block the rest. If possible, with the same logic as for other rules too.

    Those rules could be ...

    - in a seperate window (not within the normal rule manager)
    OR
    - within rulemanager, marked as Secure Boot rules (own color or something like that)

    ... AND those rules should be only valid WHILE boot process.

    Very easy handling for "normal" users: select "Secure Boot All" or if desired to block from/to Internet only "Secure Boot Internet".

    Okay, NOT very important thing - nevertheless it would be easier to handle/understand of course.

    Kind regards
    Alpengreis
     
  24. marzametal

    marzametal Registered Member

    Joined:
    Mar 19, 2014
    Posts:
    766
    I have been using this rule for a while now... I read somewhere that it is referred to as the Zero Octet Rule. The template varies somewhat if the user is registered on a VPN. 3 rules vs a subfolder... could go either way! I guess it comes down to how hands on the user is with their ruleset.

    If only Microsoft had introduced a zero before the protocol number... the sorting issue would've been avoided. 01 02 03 instead of 1 2 3

    That's fair enough... thanks for the feedback :)
     
  25. Kob

    Kob Registered Member

    Joined:
    Dec 13, 2011
    Posts:
    39
    The way I envision this, considering your description how the blocking operates, is as follows (I propose one of the 2 options - Quick and Dirty or GUI - Advanced):

    A. Quick and Dirty

    1. Have an exclusion file in the installation directory named SecureBoot.txt, which contains the exclusion IP list.

    2. On program startup, WFC reads the file content. If no file or empty or corrupt - then default SecureBoot behavior.

    3. If exclusion list is present and valid - to show in the GUI, by the SecureBoot label, a label "Using Exclusions" and a button to pop up Notepad with the file content.

    4. File format is text, line-based, as follows:
    # - designates a comment from that mark on to the EOL.
    IP entry range as in 168.0.0-15.* (accepting wild card) or in CIDR notation (nice to have)
    IP entry range...
    IP entry range...

    5. Correct content syntax is the responsibility of the user.

    B. GUI (Advanced)

    1. Have a pop up editable table, activated by a "Exclusions" button by the SecureBoot label, having 3 columns:
    - Enabled/Disabled check box
    - Excluded IP range (with wild card) or CIDR notation (nice to have)
    - Comments

    2. The table should have at least a few rows to accommodate a reasonable number of IP ranges.
    - If no entries in the table or all disabled - then default SecureBoot behavior
    - Syntax checking
    - If any exclusion line is enabled - to show in the GUI, by the SecureBoot label, a label "Using Exclusions"
    - Columns can be sorted by clicking of their headers.

    The WFC program will parse the file (A) or the table (B) and send the proper blocking IP blocks to the firewall.

    Naturally, the above can be modified in order to simplify the UI, the logic flow or to reduce the required programming effort.

    Thank you for considering this feature request.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.