Windows Firewall Control (WFC) by BiniSoft.org

Now I understand too! But for "users ordinary" it would be useful. Can you do it optional, "Steal the focus", "Do not steal the focus"? Please!

 

If you enable to see Extended properties column (from right click context menu on columns header) you will see that some Windows 10 firewall rules will have this check box checked. This means these rules have some extra properties which are not displayed in WFC, usually an application package. They appear in WFwAS. For Windows Store applications, you will not see a Program set for them because Windows Store applications use Application packages.
1. Open WFwAS (wf.msc) and create your rule for a specific Application Package. Leave the Program property empty.
2. Editing an exiting firewall rule from WFwAS works only if the Group name of the rule is empty.

Here you can see the values of the Location that are returned by FirewallAPI.dll. However, when you are connected to a VPN, the call to this method returns 6. This is when WFC shows VPN. It may bot be very accurate with some VPN providers. I have tested with AirVPN and TunnelBear.

I do not see any improvement by having the focus by default on the notification dialog since you need the mouse to easily navigate in the notification dialog. The answer is no to this enhancement.

 

Hello,

The VPN is AIRVPN, it's a public connection and the private connection is my home connection. If I configurer manually in windows firewall it works.

1. https://s17.postimg.org/pcr6mcx8b/from.png https://postimg.org/image/e0el4lbor/

2. https://s17.postimg.org/e0el4lbor/Rules.png https://postimg.org/image/pcr6mcx8b/

I show you here the problem with Qbitorrent but I have the same problem with System and Svchost !

3. Doesn't understand what is it...

Is there a way to download and old version of WFC ?

Kind regards,

 

One final (hopefully!) request for your great WFC. Sorry if I've already posted this, don't remember. It'd be great if we could get notifications when a firewall rule is added/created/deleted/modified by other software, whether 'Secure Rules' is enabled or not.

After starting to use the Windows Firewall fairly recently, I was impressed (not in a good way) at how easily programs can manipulate WF rules and basically do whatever they want without asking the user.

 

Problem solved, it seems that Qbittorrent was searching inside my network... that was an ipv6 i couldn't tell it was inside...

thanks again

 

Check my answer here on how to define working inbound rules for torrent clients. However, for your scenario, outbound connections are blocked, not by WFC.
You say that if you "configure manually in windows firewall it works". How you do it ? Whatever you do, some sort of firewall rules are created. These rules should also be displayed in Rules Panel. How are these rules different than the rules that you create from WFC ? Maybe these outbound rules are created for specific protocols, one rule for TCP and one rule for UDP protocol ?

The website offers for download only the latest version. Anyway, the problem that you have is not related to the latest version of WFC. That VPN displayed in Main Panel is just a label which is not used in any logic.

I wanted to display such info in WFC. Unfortunately, the events logged by Windows Firewall are not very reliable. Some of them are triggered 6 times for the same action. I made WFC to receive all of these but it used a lot of CPU since they are so many. Currently, this kind of feature is not feasible.

Anyway, you are interested which programs (that have administrative privileges) are messing with your rules, take a look in the following category of Event Viewer.

 

Thanks alexandrud, that's great info on the EV. I had searched there before but couldn't possibly find that. It's a good weapon to know exactly which process/application does this, so we can block it (or even uninstall it).

 

Perhaps a less-than-perfect, dumber "logging" method could be used? For example, WFC could simply monitor the total number of rules and give a notification when that number changes ("Your rules have changed from 500 to 503"). It's sloppy, but could be of help to some. Just an idea.

 

Many thanks @alexandrud. I can confirm that all is fine now that I have updated to 5.0.1.19. - WFC is retaining the correct Notification Status after I exit Shadow mode.

 

I find your suggestion principally good IF this could be implemented as an option (to not confuse "normal" users (too much)) ...

 

Was having same problem (we thought it was ccleaner over clean problem).
No problems now.

 

I will think about it.

 

I just came across this application in my search for 2 things, #1 a better UI for firewall management than the built in Windows 10 interface, and #2 a way to control what is used when connected to a metered connection (hotspot). This application obviously accomplishes the first task, but what would be the best way to go about #2? My ethernet+DSL connection to my home has random periods of high latency that are not conducive to gaming so I have been using my phone's hotspot feature. My hotspot has a datacap though and I'm concerned about background processes needlessly using data while gaming. So I'd like to have one set of rules for normal use, but then a very restrictive set of rules for my hotspot connection that basically only allows my chat client and game. Is the best way to do this having two Policy Files (.wfw) and manually switching between them? Can I make my own profiles for the Profiles tab (that lists High, Medium, Low, No)? Is there a way to automatically have it switch based on the active connection (like set up my DSL as a private network and hotspot as a public network)? Thanks for your help!

 

After a full cleaning with PrivaZer last couple versions when starting up, WFC is in "medium filtering" mode when "secure boot" is checked.
After another restart back to normal (High filtering). Win7 64.

 

Latest version is stuck in low filtering

 

You can't define your own profiles. You don't have to use tow different policy files.
1. Create a large set of firewall rules for Private location only. These will be applied when you are connected to your DSL connection. Make sure that you are in Private location when use this connection.
2. Define a small set of firewall rules for Public location only. These will be applied when you are connected through your phone. Make sure that you are in Public location when you use your phone connection.

For a minimum set of firewall rules required for Internet connectivity, check the "WFC recommended rules" (see the user manual by pressing F1 in any WFC window).

Secure Boot will automatically set High Filtering profile when the system shut down event is detected by the program. If wfc.exe is not running or if the shut down executes too abruptly, then WFC may fail in switching the profile. In this case, you must change the profile manually to High Filtering before restarting Windows.

This may happen on your computer if another security software blocks Windows Firewall from filtering outbound connections. Check my answer number 3) from this post.

 

I'll turn everything else off and try again

 

Ambiguous behavior when double clicking on the selected line in "Connections Log" and "Rules Pane".
Select the line in the "Connections Log" or "Rules Pane", then double-click in the highlighted row in the Program column, the "Customize and Create" or "Properties" window will not open.

Double-click in the other columns- the "Customize and Create" or "Properties" windows may open or may not open.
If you double-click on any column on an unselected line, then the trigger is clear, the "Customize and Create" or "Properties" windows always open.

 

Thank you for reporting this. It is a side effect of a recent fix that I made to be able to deselect the the last selected item. I will fix this.

 

Thank! Does the WFC (Windows Firewall) block 127.0.0.1->127.0.0.1 connections, if it blocks, then how correctly to make a rule (UDP, TCP, both)?

 

WFC does not block or allow any connection. Take a look here about your 127.0.0.1 question.

 

for those blocking svchost (I would love to do), how you managing to keep things like windows updates working?

 

To chrcol
Rule svchost.exe for Windows Update
TCP Out
Local Port- any
Remote Port- 80,443
Local IP- any
Remote IP- any
Deny
Only for the period of checking and installing Windows Update- allow.

 

ok fair enough, thanks.

 

Just found this forum so hope I am in the in the correct.
Using the newest version of WFC on four computers Windows 10 Pro.
On ONE the the Rules Panel just showed with many Internet Connection
Sharing rules.
I have sharing turned off and set as Public WiFi.
Any ideas ?