Windows Firewall Control (WFC) by BiniSoft.org

Discussion in 'other firewalls' started by alexandrud, May 20, 2013.

  1. kawasabi

    kawasabi Registered Member

    Joined:
    Feb 13, 2016
    Posts:
    1
    Also i had problem with having no internet after updating to 4.6.1.0 I have not changed anything before updating.
    Medium filtering blocked internet access.
    After creating a new allow rule for svchost.exe internet worked again.
     
  2. hjlbx

    hjlbx Guest

    @alexandrud

    Any work-around for applications - like Kingsoft WPS - that make many connections during installation ?
    • Uninstall WFS
    • Install WPS
    • Re-install WFS
    o_O
     
  3. smith2006

    smith2006 Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    808
    Thanks for the reply.

    I have tried updating to v4.6.1.0 again, but it still failed (no internet connection).

    I have tried both enabling & un-enabling Secure Rules (the default was uncheck).

    I notice the Windows Firewall rules decrease drastically from over 400 to only 76 after updating (all the system rules gone),

    Attempts to import firewall rules I have backup failed, it just wouldn't take in.
     
  4. hjlbx

    hjlbx Guest

    @alexandrud

    The above firewall configuration does not break anything on Windows ?

    You just deleted all the other Windows Firewall rules ?
     
  5. tcarrbrion

    tcarrbrion Registered Member

    Joined:
    Dec 15, 2007
    Posts:
    105
    I have tried both wfc and wfcs as power apps in Appguard so it should not block them, but that did not help. However, wfc -mp works every time even after a reboot and looks a reliable way of starting it.

    It is the tray icon that does not respond when I start it without the -MP. It always appears in the tray but does not respond to double click or right click.

    Thanks,
     
  6. kantry123

    kantry123 Registered Member

    Joined:
    Apr 11, 2015
    Posts:
    22
    @alexandrud
    Hi even i Have problem while connecting to internet
    Had to firist DISABLE SECURE RULES and RE-ENABLE to WORK INternet..!!

    regards
     
  7. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,411
    Location:
    Romania
    For browsing the Internet with any browser an allow rule for svchost.exe, remote port 53, protocol UDP is required. This allows DNS requests.
    Not yet.
    So, the installer completed successfully ?
    If you enable Secure Rules without defining all the authorized groups (Core Networking, Network Discovery, File and Printer Sharing, etc) all rules from other groups will be deleted. This explains why you have now fewer rules, 76 instead of 400. Secure Rules deletes also system rules if the groups of the system rules are not authorized in that list. When you import a policy file, all rules that are not in the authorized groups list are removed.
    Yes, I just removed all other rules. If something would not work, I will just check Connections Log to see what I still have to allow by a new rule. But, for my needs, that minimal set of rules is enough.
    You can launch Main Panel with wfc -mp and Rules Panel by executing wfc -rp. Also, you can define global hotkeys to launch these windows from the Options tab. I will make some more tests but unfortunately I cant reproduce this behavior. So, when the system tray icon does not respond, if you go to the Application event log you don't see a new error logged there for wfc.exe ?
    You can launch Main Panel with wfc -mp and Rules Panel by executing wfc -rp. Also, you can define global hotkeys to launch these windows from the Options tab. I will make some more tests but unfortunately I cant reproduce this behavior. So, when the system tray icon does not respond, if you go to the Application event log you don't see a new error logged there for wfc.exe ?
     
    Last edited: Feb 13, 2016
  8. tcarrbrion

    tcarrbrion Registered Member

    Joined:
    Dec 15, 2007
    Posts:
    105
    Nothing at all related to WFC in the event log.
     
  9. jwcca

    jwcca Registered Member

    Joined:
    Dec 6, 2003
    Posts:
    772
    Location:
    Toronto
    There were only two entries in the Secure Groups: Windows Firewall Control and Temporary Rules.
    I did not have the [Secure boot] or the [Secure rules] ticked so I didn't lose everything else.

    I then opened the Rules, sorted by Groups and added Core Networking and 10 more by double clicking on a rule, Copying the group name and then using <ctrl> V to paste into the [new authorized group] box and click [+] to add it.

    Not everyone knows about <ctrl> V and C so it would be wise to allow Paste in that box because there's always the chance that someone will make a keying error and lose rules they were trying to protect... :)

    J
     
  10. Broadway

    Broadway Registered Member

    Joined:
    Aug 16, 2011
    Posts:
    211
    The internal updater says that 4.6.0.0 is the latest available version.

    I have to download the setup file for 4.6.1.0 manually.
     
  11. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,219
    Location:
    USA
    When I updated to 4.6.1.0 Secure Rules was Off by default. When I checked it there was a warning pop-up saying that all undefined/unauthorized groups would be deleted, so I left it unchecked. I opened the Rules Panel and saw that I have quite a few groups that would have been deleted if I had enabled secure rules without adding them to the Authorized Groups list first. Perhaps that is what happened in your case?
     
  12. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    670
    Location:
    Switzerland
    @alexandrud

    One suggestion for the Secure Rules authorized groups:

    In Win 10 exist many different group names with @ as first sign. For such groups a placeholder (with * (asterix)) would be helpful. So it would be possible to define groups as @* or @(* which include automatically new such groups. Also such groups are created automatically through Windows and are always deleted without the user would have a chance to see it (except in WFC log with Event ID300).

    Could you add such a function?
     
  13. j9ksf

    j9ksf Registered Member

    Joined:
    Jan 20, 2015
    Posts:
    35
    This did not work for me.
     
  14. peter_brown_usa

    peter_brown_usa Registered Member

    Joined:
    Aug 20, 2014
    Posts:
    26
    Hi,

    I had reboot my PC and WFC flashed up a message saying 4.6.1.0 was available and do I want to update, so I did and it updated 4.6.0.0 to 4.6.1.0
    After WFC upgrade fiished and then ran and it was at this point I could no longer connect to my internal network or VPN. I had not even opened WFC rules/settings by then.

    So No I have not touched Secure Rules at all and now Looking into the Security Tab Secure boot is not ticked. Secure Rules not ticked. Only 2 authorised groups show which is Windows Firewall Control and Temporary Rules.

    Looking at the rules tab it looks like lots of rules have disappeared, though lots are still there.

    So what would be the easiest way to connect up to my LAN again/VPN and have WFC running in Medium Filtering.

    Is there a way to wipe all the rules and start afresh or a way to wipe and install a pre-defined core set of rules like one might during an origianl install of WFC

    I would still like to point out I have not touch these secure rules in the settings at anytime.
     
  15. peter_brown_usa

    peter_brown_usa Registered Member

    Joined:
    Aug 20, 2014
    Posts:
    26
    This is really bugging me.

    So looking into the RULE settings I see a possible solution to my question in the previos post about a core set of rules.
    I see "Restore Windows Firewall default set of rules". So I click this and accept the yes to resore, then I suddenly see lots and lots of new rules appear in the Manage Rules window and suddenly I now have access to my internal LAN Horay!!!! BUT then 30 seconds later the Manage Rules window will suddenly wipes all the rules and bang I am back in the dark ages.

    Why is WFC restoring the rules and then nearly imediatley then delete all the rules. Whats going on. I just don't know.
     
  16. hjlbx

    hjlbx Guest

    @alexandrud

    WFC 4.6.0.1 Installation is broken !

    Installed over top of 4.6.0.0 as well as clean install of 4.6.0.1.

    Tried at least 10 times - and did not enable Secure Rules.

    Core Networking group is missing from Group list.

    Every time this is what rules 4.6.0.1 installs... and internet is broken.

    WFC.PNG
     
    Last edited by a moderator: Feb 13, 2016
  17. peter_brown_usa

    peter_brown_usa Registered Member

    Joined:
    Aug 20, 2014
    Posts:
    26
    I have got around the issue of the rules being auto deleted after 30 seconds. I managed to find a backup of my previous ruleset from 4 weeks ago, so loading this ruleset and the rules are not autodeleted. which is good news.

    Again I would like to iterate that at no point was SECURE RULES ever selected.

    It seems that SECURE RULES is running regardless of the tickbox at least on my WFC on any ruleset that is currently created by WFO ie RESTORE DEFAULT

     
  18. Stukalide

    Stukalide Registered Member

    Joined:
    Jul 12, 2013
    Posts:
    65
    I figured out what's happening with the latest update breaking internet connectivity -- for some reason, DNS lookups are being blocked. I checked WFC's log, and remote port 53 connection attempts by svchost.exe are all being blocked -- I'm not sure why. I added an allow rule myself, and now everything is working fine (for anyone else interested).

    Is there a reason for this change?


    EDIT:

    Wow, there seems to be a definite bug in 4.6.1.0 -- it must be enabling Secure Rules on its own in the background, because all of my rules outside of WFC-rules are now deleted. For the record, I did not enable Secure Rules.
     
  19. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,411
    Location:
    Romania
    I have modified the latest version that appears to be available on the server until we find what is the problem with thee missing rules.
    I will think about it.
    Which ones are there ? Only the ones with the group name "Windows Firewall Control" ?
    In the Rules Panel, from the right click context menu you can Restore default rules which will restore all Windows Firewall default rules. Then you ca start making your rules again. Don't you have a back-up of your rules so that you can revert them ?
    Do you use also TinyWall ? The rules are removed even if you do not have Secure Rules enabled ? This is really strange. Please check the WFC log and see if there are events with ID 300. This event is generated by Secure Rules when a rule is removed. Is this the reason why your rules are removed ? Do you see there any errors ?
    It seems that you do not have any other rules anymore. If you try to restore default set of rules, do you see your rules back ? Maybe a back-up from the past that you could try with ? I am doing a lot of tests and I can't reproduce this problem on my test machines.

    I am testing this.
     
  20. hjlbx

    hjlbx Guest

    @alexandrud

    I searched WFC Event Viewer for ID 300. It's all recorded there - all deleted.

    This new Groups "feature" was created to fix a minor problem but now it creates a massive critical problem.

    Plus, I have no back-up of the firewall rules.
     
  21. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,411
    Location:
    Romania
    I have found the problem with the rules that are removed. I will provide a fix very soon. Thank you for your understanding.
     
  22. smith2006

    smith2006 Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    808
    Yes, it was successful.


    Unchecking Secure Rules & followed by importing the previous policy file also cannot solve the issue.

    The no of rules still stay at 76.
     
  23. smith2006

    smith2006 Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    808
    Something is wrong if action is irreversible.

    Have tried unchecking secure Rules & importing the previous policy file.
     
  24. smith2006

    smith2006 Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    808
    Thanks Alexandrud.

    If possible, could you also illustrate how to define an authorized group?

    The default is only Windows Firewall Control and Temporary Rules.
     
  25. marzametal

    marzametal Registered Member

    Joined:
    Mar 19, 2014
    Posts:
    766
    Buddy... are the connections needed... eg: can the install complete with install connections denied on-the-fly?

    I remember when I installed LastPass for Windows, it required a connection. I just allowed it, and then deleted the rule post-install. This is fair enough, since it has to sync details. AdGuard also tries to use connections during install, but I tracked it down to the Microsoft Installer trying to talk to Akamai servers, so I denied access and it still installed correctly. I ended up making a block rule for it.

    I like how Kingsoft works with Office extensions, but still haven't been tempted enough to swap LibreOffice over with Kingsoft. If this issue is doing your head in, lemme' know and I will try to figure something out for ya'...
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.