Windows Firewall Control (WFC) by BiniSoft.org

Discussion in 'other firewalls' started by alexandrud, May 20, 2013.

  1. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Okay....now I'm finding one U -@
    one U -@.png
    Do I need to add my one U -@ to Group @ ? #3509
     
  2. _CyberGhosT_

    _CyberGhosT_ Registered Member

    Joined:
    Mar 2, 2015
    Posts:
    457
    Location:
    MalwareTips "Your Security Advisor"
    Thanks mood for shining light on this, very good. :)
     
  3. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,412
    Location:
    Romania
    This dialog is displayed when you create a new firewall rule through Shell Integration feature. Currently, WFC intercepts when a new rule is added in Windows Firewall when Secure Rules is enabled. Unfortunately, there is no way to tell which external application added a new rule as the event only contains the path of the new rule.
    You have rules prefixed with "U - " only if you enable Secure Rules and you set it to disable unauthorized rules. You may still have these kind of rules after a policy reset if Secure Rules was not actually disabled.
    Rules that start with @ will be created by the operating system (Windows 10) for Windows Store apps only. When you reset your policy to the default one you will not have any @ prefixed rules. If you start a few Windows Store apps you will see new rules that start with @. To prevent Secure Rules from disabling/removing these rules, you can add @ (just a single char) as an authorized group name. Then, the rules for these Windows Store apps will not be removed/disabled by Secure Rules.
    WFC can't decide which duplicate rules to remove because multiple similar rules can have different group names, names, descriptions, and maybe the user wants to remove the one that doesn't have his custom description, etc. If you are not sure which ones to remove, just pick any of them and remove the others. Nothing bad would happen if you do this.

    Check the following help topic from the user manual:
    User interface > Main Panel > Rules > Windows Firewall Control recommended rules

    This is a minimal set of rules that are actually required. On top of this set of rules, you could add only a few more rules for the programs that you really want to allow to connect to the Internet. For example, on my computer I have maximum 30 firewall rules and no inbound rules at all.

    There are duplicate rules, even in the default Windows Firewall set of rules because when you enable/disable certain functionalities of the operating system, the operating system just enables/disables a specific group name.
     
    Last edited: Oct 8, 2017
  4. Big Mike

    Big Mike Registered Member

    Joined:
    Apr 18, 2015
    Posts:
    17
    Ah, ok - I don't use the shell integration. I already knew, that "Secure Rules" can be helpful.
    But it doesn't exactly fit my purpose:
    - If a rule is added (or changed), which is in a known group, the "Secure Rules" feature is not helpful. Its purpose is to disable/delete rules in new groups. (Many setup programs recreate their original rules on any update, but sometimes I use only a restricted subset; also if a setup enables Windows default rules, "Secure Rules" is ineffective - a workaround is to put all rules to custom groups).
    - I get no notification, that I should look at my config, when something changes. I have to look in my rules to see what changed from time to time. With a notification I'd be able to associate a change in the Windows default policies with a setup program, which I've executed at the time, the policy has been modified.

    I understand, that it's not possible to see which process caused the change. But a message like this - or better additionally with the display name (and group) of the rule would be really helpful for me. Ideally a click on the message opens the rules panel with matching filters, so that I could easily inspect the new rule(s).
    It's based on monitoring changes of the rule set. I don't know if this is possible or if anyone else might find it useful. It's clearly not helpful for novice users who don't want to mess around with network locations, protocols and ports.
     
  5. AmigaBoy

    AmigaBoy Registered Member

    Joined:
    Sep 12, 2015
    Posts:
    205
    A very small issue I'm seeing is that the state of the windows isn't always remembered. For example, I always use the Rules Panes in maximized mode, but about 4 out of 10 times it will open -either from tray or HotKey- in a small, non-maximized window.

    Perhaps related to how (Microsoft's) Windows operates.
     
  6. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    I did 'Reset all settings to the default values' & did 'Restore Windows Firewall default set of rules' & did 'Restore Windows Firewall Control recommended rules'.
    I did not re-enable Secure Rules nor set it to 'disabled' after I did 'Reset all settings to the default values'. Maybe, 'Reset' requires machine restart to clear all WFC settings to the default values.
    Hmm, Windows Store apps only. Okay. So, then my added @ looks okay and only applies to Windows Store apps. Aha. Lite-bulb. @=apps.
    [​IMG] #3509
    head scratch for me is that now I only find one @
    [​IMG] #3515
    Okay, I'll monitor @ upon starting Windows Store apps.
    So, maybe I needed to first uncheck Secure Rules and then do 'Reset all settings to the default values'.
    Guess, I assumed 'Reset all settings to the default values' included Secure Rules.
    I'll leave duplicate rules, as is, for now. Seems harmless (for now) to have 'duplicate rules'.
    Ahh, okay....duplicate rules even in default Windows Firewall set of rules.
    Yes, Windows Firewall Control recommended rules are easy to see and readily understood thru 'Restore Windows Firewall Control recommended rules'.
    Thanks - Regards w Respect
     
    Last edited: Oct 8, 2017
  7. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,412
    Location:
    Romania
    Check this forum post:
    https://www.wilderssecurity.com/thr...-by-binisoft-org.347370/page-122#post-2669280
    Any reset in WFC, nor install/uninstall, etc. does not require a computer restart. Never. This is something that Windows 98 would require :)
    I just spot a bug in WFC code. If you reset user settings, they are reset but Secure Rules, if enabled, remains enabled in WFC service. I will fix this in the next version. Thank you for finding this.
     
    Last edited: Oct 8, 2017
  8. AmigaBoy

    AmigaBoy Registered Member

    Joined:
    Sep 12, 2015
    Posts:
    205
  9. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Ahh, I was just about to post (after re-testing) that I stand by my comments.
    Thank you for confirming this.
    Seems, once I have U prefix. I'm not able to clear U prefix, even with 'Secure rules' un-tick nor even with reset user settings.
     
    Last edited: Oct 8, 2017
  10. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,412
    Location:
    Romania
    The rules that were renamed the "U - ruleName" won't be renamed back.
     
  11. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Hmm, okay....one way "U - ruleName".
    So, no way to reverse Secure Rules tick?
     
    Last edited: Oct 8, 2017
  12. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,412
    Location:
    Romania
    You can disable Secure Rules by checking it again and unchecking it back (in case it was enabled while you have reset user settings). However, this would not rename anything back.
     
  13. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Okay...."this would not rename anything back"....yes, that was my observation.
    I assumed 'U-named' would be renamed. My apology for assuming.
    Note to self: The rules that were renamed the "U - ruleName" won't be renamed back.
    Thanks - Regards w Respect
     
  14. murmel

    murmel Registered Member

    Joined:
    Apr 25, 2017
    Posts:
    1
    Location:
    germany
    Hello Alexandru,

    ... updated from 4.9.9.4 to 5.0.0.1 i have now an occult problem
    with the sort-function of the rule-tabs. Any Tab will sort up or down,
    except the Action-Tab (Allowed/Blocked) - occured in Win7 and Win8.1.
    Can you confirm this or is any other user affected ?

    Thank you for your work.

    Greetings from Berlin to all other users of this fine piece of software.
    Spec.Greetz to Alpengreis for DE-Translation
     
  15. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,412
    Location:
    Romania
    Thank you for reporting this. I confirm that there is a problem with the sorting on the Action column. I will fix it in the next version.
     
  16. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,412
    Location:
    Romania
    Windows Firewall Control v.5.0.0.2

    Change log:
    - Fixed: When connected to a VPN, the location displayed in Main Panel is empty.
    - Fixed: Secure Rules remains enabled in WFC service even when 'Reset all settings to the default values' from the Options tab is executed. The Secure Rules checkbox is unchecked but it is actually enabled.
    - Fixed: It is possible to create new firewall rules through Shell Integration even if the program is locked with a password.
    - Fixed: Sorting on the Action column does not work in version 5.
    - Fixed: Visual layout fixes in Main Panel.
    - Updated: Installer was renamed to wfc5setup.exe.

    Download location: https://binisoft.org/download/wfc5setup.exe
    SHA1: 75a9664d7bd60aefd2bf41175b90c05862e4159a
    SHA256: ae6ac4285ad62dd842344c2013db58c8ea6881b3b7c06665446db8f40c5cdccd

    Best regards,
    Alexandru
     
  17. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,412
    Location:
    Romania
    I didn't fix anything. Version 5.0.0.2 can be downloaded from the website and version 5.0.0.2 is available through auto update mechanism.
     
  18. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    5.0.0.2 = Thanks
     
  19. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    670
    Location:
    Switzerland
    Perhaps it was a cache thing ...
     
  20. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    so, it's okay to allow OCSP request traffic? @mood
     
  21. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    FWIW ~ 5.0.0.2 with Reset all settings & Restore WF default + WFC recommended rules.
    1490.png
    1489.png
     
  22. guest

    guest Guest

    Yes, it's ok to allow it
     
  23. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Okay.... ExeRadarPro seems to run normal, regardless. I was not aware how RadarPro checked signature prior to WFC.
    Thanks
     
  24. smith2006

    smith2006 Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    808
    Now everything is in order, thank you. :)
     
  25. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    I'm still curious about my one U -@ rule. I have not added (as you can see) rule to Authorized groups "@".
    DiagTrack.png
    Rule is disabled as per my preference for Unauthorized rules. Any comment as to what DiagTrack is and why no Program. Are Windows Store apps not recognized as a Program. Trying to use my one U -@ rule to understand Secure rules for Windows Store apps.
    1505.png
    What's affected by not added DiagTrack rule to Authorized groups "@".
    Just trying to use my one U -@ rule to understand Secure rules for Windows Store apps.
    Thanks
     
    Last edited: Oct 14, 2017
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.