simplewall 3.5 Released (4 October 2021) https://www.henrypp.org/product/simplewall Download Changelog sha256 checksum Spoiler: Changes v3.5 v3.5 (4 October 2021) in this release fqdn support was removed because of security issue (issues #1012) improved performance due caching network resolution and file information partially revert of windows defender power off (issue #1022) added ballon tip to display input limitations (issue #809) added compress internal profile in resources with lznt1 fixed signatures information pointer use-after-free when dns resolver avoid arpa requests (issue #1008) fixed resolve network addresses can cause crash (issue #1015) fixed notification color issues (issue #1007) fixed update installation (issue #1016) fixed blank notification (issue #1009) fixed version information retrieval fixed workqueue environment fixed internal bugs
simplewall 3.5.1 Released (6 October 2021) https://www.henrypp.org/product/simplewall Download Changelog sha256 checksum
simplewall 3.5.2 Released (17 October 2021) https://www.henrypp.org/product/simplewall Download Changelog sha256 checksum
simplewall 3.5.3 Released (17 October 2021) https://www.henrypp.org/product/simplewall Download Changelog sha256 checksum Spoiler: Changes 3.5.3 fixed using uninitialzed port variable in ip ranges [regression] (issue #1055) 3.5.2 builded with windows 11 sdk fixed port can be omited when parsing ip ranges (issue #1010) fixed remote range replaces local range (issue #1044) fixed interface stuck by comctl library (issue #1009) fixed massive gdi handles leak fixed internal bugs
Anyone knows if simplewall can block/allow "whatever.exe" no matter where it is installed? Or perhaps block/allow an entire folder? (i.e. all processes inside it) I'm perfectly happy using the excellent WFC (Binisoft) but the bad practice of some software creating new folders after an update is getting annoying. WFC/Windows Firewall cannot handle this and new rules are required every time.
If you allow a process then even if the process gets updated it can still connect, as long as its path is not changed (which includes the process name)
Allowing an entire folder would be a security risk. Plus what kind of programs are you using that constantly make new folders when updating AND update so frequently? Like, yeah sure every time i update my amd driver it asks me to connect. But that's not a problem to allow it. So all good.
Thanks. So I'm guessing it's not possible since I am talking about changing paths (same name .exe). Not a huge problem (not really a frequent issue), but an annoyance. Perhaps Sphinx could do it (with the 'Zones' feature - not sure) but their 3-PC license is a bit on the expensive side.
simplewall 3.6 Released (9 November 2021) https://www.henrypp.org/product/simplewall Download Changelog sha256 checksum Spoiler: Changes v3.6 This is a features release. v3.6 (9 November 2021) improved multi-threading safety improved startup time improved dpi support added option to confirm allowing applications (issue #1070) added filtering for the application list (issue #663) added editor list items count mark for tab title added wfp initialization failure workaround added filtering for editor apps and rules added layer name into log moved log exclude configuration into another settings page (issue #1064) revert notification x button (issue #973) changed create rule toolbar icon (#723) fixed filters with hard permit can access internet (issue #689) fixed issue with hotkeys for switch tabs (issue #723) fixed rebar incrorrect resizing when dpi was changed fixed update installation issue (issue #1061) fixed notification multi-monitor support fixed service missing path (issue #1036) fixed editor can cause crash (#1071) fixed big memory leak (issue #1066) fixed net events unsubscription optimized listview sorting fixed internal bugs cosmetic fixes
simplewall 3.6.1 Released (11 November 2021) https://www.henrypp.org/product/simplewall Download Changelog sha256 checksum
Hi. I've recently switched to using Simplewall and for the most part I'm really happy with it, seems to do and work just how I hoped it would, at least in the APPS tab. However, one thing I'm really unsure of is just how it's handling the other tabs, particularly Services etc, and I'm not sure if it's the cause for one program I've ran for many years now no longer seeming to allow me to connect via iOS. The app in question is PhotoStreamr - it gives me zero prompts, I added it manually and allowed all which I found to be relevant, but it just does not connect now and I don't know if it's due to Simplewall blocking a service (it's a Java program) or if it's actually the program itself (PS) no longer working as it was. I doubt you can be so specific to help with the program itself but if you could give some guidance or info on how the other tabs work and if there's any kinda of 'rule of thumb' to follow with that it would be most appreciated. Thanks.
if PhotoStreamr is javabased program then usually need to allow javaw.exe or other file located C:\Program Files\Java * and if it dosent prompt or late prompt its maybe because other firewall running. disable them and restart simplewall it should prompt now and enable packet log in setting if anything block it will be in packet log tab also allow looback connection for all app in setting>rules hope its help you
Thanks for the reply and info! Turned out it was (maybe?) nothing to do with Simplewall itself but Windows Defender Firewall somehow being set to not give notifications for when blocking stuff, flicked that on and bam, right away the expected pop-up for allowing Java appeared. I say MAYBE nothing to do with Simple but for my understanding, is Simple basically just a GUI for Windows Firewall and so maybe that option to disable said notifications came from Simple? Anyway, thanks again, it was only thanks to you suggesting no prompt would possibly be due to another firewall running which led to me looking there.
Is there any way to have a hierarchy with simplewall? It would be nice to have a rule where an app can only communicate through a certain address, a sock5 proxy address, while also having every other connection blocked. But I cannot see a way to do that; if I create a block rule it takes priority over the allow rule(s) and doesn't allow any connection at all. I know it's not a limitation of wfp, because Sphinx's firewall WFC can do this.
I'm thinking of using Simplewall (along with WFW) to stop any data-theft attempts and prevent apps from 'calling home'. Any advice/suggestions are welcomed.
wrong thoughts. if a program want steal data it probably do not perform this itself. "phone home" can have several causes. and if the trojan changes name and place you have nuts - and trojans do that i common. prevent the intrusion, not the getting out.
I agree with Brummelchen -- the "best" protection from malware phoning home is to detect & prevent the malware from getting into one's computer in the first place. The two main "apps" for doing this are: (a) an AV with good BB/AI & sigs, and (MOST important) (b) a careful & prudent user. This is not to say that a user should NOT use available & effective tools for monitoring connect outs. However, pairing WFW (Windows FireWall) with SimpleWall (SW) is a bit dodgy because I *think* SW is no longer designed as a front-end for WFW. Windows Firewall Control is, I *think*, structured to work as a front-end to WFW. Someone PLEASE correct me if my *thinks* are incorrect!!!
Re: "SW is no longer designed as a front-end for WFW" My understanding is that SW is built on Windows Filtering Platform, and is not a frontend for Windows Firewall... this has always been the case as far as I know. Windows Firewall is also built on Windows Filtering Platform so there can be some confusion.
Repeat: Windows FW Control IS a front-end to WFW. I was only referring to Simplewall... not Windows Firewall Control which is as you say.