Windows Firewall Control (WFC) by BiniSoft.org

Discussion in 'other firewalls' started by alexandrud, May 20, 2013.

  1. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,412
    Location:
    Romania
    You can use whatever you want to delay it. You can also manually start it when you want.

    Check the experimental feature described here. It will help you.
     
  2. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    3,418
    Location:
    Slovakia
    The auto-creating rule works, but WFC can not detect ramdisk? WFC detects the path as a device and I can not really allow temp folder.

    capture_04202023_213011.jpg

    That silly app creates an auto-generated folder and on top of it, if it gets blocked, it shuts down and I have to restart the game to launch it again. So I have to disable the firewall, copy the path once it launches and then enable the firewall.
     
  3. frah90

    frah90 Registered Member

    Joined:
    Apr 20, 2023
    Posts:
    2
    Location:
    Italy
    Thank you very much! I'll try it.
     
  4. knuji

    knuji Registered Member

    Joined:
    Apr 12, 2023
    Posts:
    8
    Location:
    Australia
    From page 270
    Thank you for the explanation aldist. Much appreciated.
     
  5. DinuX

    DinuX Registered Member

    Joined:
    Nov 13, 2018
    Posts:
    4
    Location:
    Malaysia
    Hi, I well aware that there is a hotkey to "Toggle between Low & Medium Profile".

    But is it possibility to have another hotkey to toggle between High & medium profile?
    The reason was I am using secure boot. By using a hotkey would be easier than a few clicks (sometimes could accidentally wrong click).

    Thanks in advance.
     
  6. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    1,103
    Location:
    Lunar module
    WFC has no such option. But you can achieve your goal another way, disable Secure Boot, automate the disabling of the network adapter at shutdown! (shutdown!) of the computer. Now when the computer boots, the network adapter will be disabled, which is the same as Secure Boot, the Internet will be disabled until you manually enable the network adapter with a one-click .bat placed on the taskbar.
     
  7. _____

    _____ Registered Member

    Joined:
    Apr 1, 2020
    Posts:
    5
    Location:
    CZ
    Hello Masters :)

    I have two computers connected via LAN, one has (VNC Server) and the other has (VNC Client).
    When the firewall (Windows Firewall Control) is turned off, the connection works, when it is turned on, the connection cannot be established.

    If firewall is turned on, it does not show that the VNC Server application is blocked.
    https://i.imgur.com/9oqj6UN.png
    https://i.imgur.com/un8ofJR.png

    OS: Win10
    Software VNC Server: TightVNC for Windows (Version 2.8.81)


    Isn't it because the app in question is running without a path?

    How is it possible that the path to the file is not visible in the application?

    Thanks!
     
  8. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    1,103
    Location:
    Lunar module
    CurrPorts shows all system applications without path, but in WFC you have to specify path in rules for application.
    Examine the WFC log - blocked connections, and create appropriate rules. In your case, you will need allow rules for incoming connections as well.
     
  9. moredhelfinland

    moredhelfinland Registered Member

    Joined:
    Mar 31, 2009
    Posts:
    344
    Location:
    Finland
    I'm using Netlimiter 5 and it does have a "firewall" called a "Blocker". steam.exe wants to connect to internet. No internet, please run again.
    When using Netlimiter blocker, it istantly asking for steam.exe outbound connection, while sendin to steam.exe to "pause".
    Alex, please please implement this feature to WFC. I'm not only one that suffers this behavior of WFC.
     
  10. tnodir

    tnodir Registered Member

    Joined:
    Oct 21, 2017
    Posts:
    229
    Location:
    etc
    You can "pause" connections only in kernel mode (i.e. using Fwps{Pend|Complete}Operation() in driver).
     
  11. _____

    _____ Registered Member

    Joined:
    Apr 1, 2020
    Posts:
    5
    Location:
    CZ

    Even if I enter the path to the file "C:\Program Files\TightVNC\tvnserver.exe" the problem is the same, The connection is established only when WFC is fully switched off, I am starting to think that it is a bug. Can someone please try this?
     
  12. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    670
    Location:
    Switzerland
    Have you OTHER blocking rule(s) which could be influencing that connection? Because blocking rules have higher priority than allowing rules ...
     
  13. tnodir

    tnodir Registered Member

    Joined:
    Oct 21, 2017
    Posts:
    229
    Location:
    etc
    You can use System Informer's Firewall tab to see which filter rule blocked the program's connection.
     
    Last edited: May 10, 2023
  14. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    1,103
    Location:
    Lunar module
  15. _____

    _____ Registered Member

    Joined:
    Apr 1, 2020
    Posts:
    5
    Location:
    CZ
    THX infor for dump test!

    https://pastebin.com/raw/kcQXWrLT
    https://pastebin.com/raw/bc7BKrmM

    EDIT:
    OK, I'm a total idiot! :-D

    I forgot that the created rules are not IN/OUT (together) It was enough to create a rule only for incoming connections and everything works
    Thank you all for your help, I figured it out from the dump log!
     
    Last edited: May 10, 2023
  16. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    670
    Location:
    Switzerland
    Hey, no problem - it works now, that's the important thing :)
     
  17. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    1,103
    Location:
    Lunar module
    It often happens that the problem lies on top, and you stubbornly do not see it.
     
  18. fmcatalan

    fmcatalan Registered Member

    Joined:
    Mar 20, 2023
    Posts:
    2
    Location:
    here
    Hi! I've been using WFC since forever I think, I just discovered that there was this forum so I wanted to say 2 things: 1) Thanks man, awesome work 2) Recently discovered by accident what I know found out is an experimental feature, the auto adding of rules, I set a few in every PC I work with "googledrivefs.exe" "whatsapp.exe" for instance since they update regularly and with changing paths, today when I found a little time to do some maintenance at home, I wanted to change the LOW filtering profile to MEDIUM finally, I have it like this because this is the PC my younger uses to play and I'm annoyed to come and make a rule every time roblox updates (almost daily) but to my surprise it does not work!
    https://i.imgur.com/BjCo67a.png
    You can see the autocreated google and xbox rules, but for the life of me I can't get Roblox to play ball... I tried with and without notifications, and nothing, any Idea is much appreciated... back to LOW profile for now, thanks!
     
  19. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    1,103
    Location:
    Lunar module
    Maybe because your application runs from %AppData% instead of /Program Files/? The option is still experimental.
     
  20. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,412
    Location:
    Romania
    The problem here is that WFC does not create an auto allow rule for ROBLOXPLAYERLAUNCHER.EXE? Or that the game does not work even if you create (manually) an allow rule for it?
     
  21. fmcatalan

    fmcatalan Registered Member

    Joined:
    Mar 20, 2023
    Posts:
    2
    Location:
    here
    If I create the rule it woks perfectly, that's how I did it until got tired and switched profile to low.
    I posted the capture because two of three rules where created so no actual problem with WFC creating rules either, it just seems to be failing to do so only for roboxplayerlauncher.exe OR the folder
     
  22. kobashi

    kobashi Registered Member

    Joined:
    Jun 15, 2021
    Posts:
    2
    Location:
    Earth
    Hello,
    I am using WFC since many years but I finally came here to ask for a solution on an issue I could never get through.
    Indeed, here is my typical setup after installing Windows OS :
    - install WFC with WFC recommended rules
    - setting up medium filtering, display notifications, rules for outbound
    - enabling secure profile, secure rules
    - deleting all rules except the set of WFC recommended rules
    - among WFC recommended rules, I block two of them : time service and windows update

    I then connect to my Wi-Fi network and I receive several alert of outgoing connections from svchost services and SYSTEM

    I have tried an infinite combination of rules but it always end the same way : either the set of rules leads to whole internet connection being blocked, or the internet connection does work but the Wi-Fi quickly disconnect from my AP at launch, I have to manually connect to it again, then I get disconnected again after a few seconds/minutes, get disconnected again, manually reconnect and only then it's almost stable after 2 or 3 manual re-connections. And even after that, I randomly get disconnected after minutes or hours, need a manual reconnect.

    A few years ago, I added svchost.exe and SYSTEM to the ignore list but I do not remember a better behavior of my Wi-Fi connection and after all, I would like to be able to configure everything, especially regarding svchost.

    I thought that creating allow rules for SYSTEM from any local IP and port to the remote IPs and ports that triggers an alert and blocking all svchost services except DNS and DHCP would do the job but it doesn't. I've tried almost everything I could think of (combination of allowing/blocking) but I never could get through...
    I've red through more than 6 months of messages here but I could not find someone encountering the same issue.
    I really can't guess where does it come from, I don't understand as I always got the same issue since several years on many different systems and internet connections.
    The only thing I can say is that my set up of rules *seems* to work correctly when using wired connection (connection never lost) but I am not sure about that.

    Hope someone can help me there !
    Thank you very much
     
    Last edited: Jun 14, 2023
  23. chrcol

    chrcol Registered Member

    Joined:
    Apr 19, 2006
    Posts:
    982
    Location:
    UK
    Alex you may or may not remember a few years back I fixed a network public/private flipping state by disabling the provisioning/logon service.

    I now have a new problem, I now sleep my PC and when I wake it up the network temporarily goes public, and it triggers WFC notifications for ntp and ups connections.

    I have examined the event logs, and found the event id's related to this.

    So event ID 10001 not long after wake up, the network disconnects.
    Then event ID 10000 it connects, but initially is in public state as it identifies the network, then again another 10000 when it confirms its connected state and as a private network.

    So my request is there a way you can temporarily disable notifications for lets say 10 seconds after a 10001 event id or maybe after event id 10000. As there is period of state transition. Or might be easier to make the notifications settings configurable independent for public and private so e.g. on public I have it set to disabled and on private I have it set to display notification, that would also solve my problem.

    My preferred solution is the independent public profile option as that would also silence it when connecting to VPN services.

    I dont think there is anything I can do to windows to prevent this state transition.

    If you cant do it I can add a specific LAN block rule for public which I think would silence it.

    --edit--

    I added what should count as a generic block rule (applies to all programs) for the public network profile, but the notifications are still appearing when in public profile state, I do have the "use generic block rules" option ticked under notifications.
     

    Attached Files:

    Last edited: Jun 15, 2023
  24. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,412
    Location:
    Romania
    Let's try to take WFC out of the equation. If you restore the default Windows Firewall default set of rules and leave WFC to Low Filtering profile, do you still have the same behavior with the Wi-Fi disconnecting? I never use a wired connection, only Wi-Fi and I never encountered this problem. If you still have the same behavior with the default set of rules, I would say that maybe your router may be defective, or the Wi-Fi adapter from your laptop? To isolate the problem, try the same scenario with another machine in the same Wi-Fi network and see if it disconnects the same way. Also try your machine in another network to see if it is the router. From your description it does not feel like a Windows Firewall/WFC problem, but a hardware problem.
     
  25. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,412
    Location:
    Romania
    I wouldn't play with the block rules for this. If you already have everything configured for your network (svchost.exe/System), why not use the Notifications exceptions list to disable the notifications for them? WFC can't disable notifications for 10 seconds because those can be 20 seconds on slower machines and other relevant notifications may be also displayed in that time frame.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.