Windows Firewall Control (WFC) by BiniSoft.org

Any idea why this program (game from steam) keeps getting logs even tho it's allowed?

 

Is there a rule higher up in the list, or more specific (perhaps on ports?) that's blocking it? Also, your screenshots don't actually show that the rule and log entries are for the same program.

 

I am beginning to think that a program needs 2 rules for outgoing, one for TCP and one for UDP. It might be since the last couple updates that caused this. Before, I never had my email program, IM program and Malwarebytes showing in my logs for blocked TCP outgoing. My rule set is the same as it was prior to the last several updates.

 

If you enable to see Extended properties column (from right click context menu on columns header) you will see that some Windows 10 firewall rules will have this check box checked. This means these rules have some extra properties which are not displayed in WFC, usually an application package. They appear in WFwAS. For Windows Store applications, you will not see a Program set for them because Windows Store applications use Application packages.

Since WFC doesn't do any packet filtering, this has nothing to do with latest updates of WFC. However, many applications use TCP and also UDP protocol. Please be more specific about your scenario. Do you see blocked connections for already allowed programs ? How are defined the rules for these programs ?

 

Hello, here's a UI suggestion. When items are selected (in the Rules Panel for example) the colour changes to grey/black and it's not possible to distinguish the Block/Allow rules by colour (red/green). Perhaps it'd be better to just use darker colours for this (dark red/green)?



About Secure rules, it'd be really nice if we could also add "authorized applications" to the exception list/group so "when application x creates a rule", the rule would be automatically allowed and enabled. I understand this might not be possible to implement though.

 

I added a new second rule for those apps for TCP and changed the Any to UDP. They quit showing in logs.

 

So I have "Security" set to delete unauthorised rules, which is great and works as expected. However, when using the right-click context menu to "Add to Group", I accidentally clicked on the "empty" slot (which apparently means move to "unlabelled group"). The trouble is that WFC then immediately identified the rule as belonging to an unauthorised group, and (of course) deleted it.

While this behaviour is not exactly a bug (WFC reasonably followed the logic of my configuration), it certainly inhabits the "spirit of a bug" as it wasn't my intention to delete the rule.

So, is it possible to somehow authorise a blank (unlabelled) group, just so this doesn't happen again? Or, at least, add an actual label to the blank context menu entry (like <None> or something) just so it stands out more? Or maybe warn that doing this under "the current configuration" will make the user unhappy? The purpose of deleting unauthorised rules is to prevent programmes from creating them... not the user.

P.S. As an unrelated request, would it be possible to add an option to select a custom font/size for the text in the Rules/Log listview windows? DPI scaling helps, but it's not an exact science and I find myself wishing for the text in these windows to be just a bit larger. Not the main interface window... that one's fine - just the other two.

 

WFwAS = ? https://github.com/henrypp/simplewall/issues/11
Does rule Enabled No .... mean traffic is neither Allow or Block?


What's affected by not added DiagTrack rule to Authorized groups "@".

 

It means that rule is "Off" or not being enforced. Think of it like a light switch, on light, off no light, make sense ?
PeAcE

 

Off or not being enforced....means traffic is ?
In order for Allow or Block to be enforced then the rule needs to be Enabled Yes/On.
And when rule is Enabled No/Off then the rule is not enforced.... meaning the traffic is ?
I mean without enforced rule. Chaos?
Does traffic do what ever it wants?
When Action is Allow with Enabled No/Off. Traffic is ______?

 

If you have a rule set. Then have it turned off as in not active (white on my screen, enabled is green). It will see the rule as NO and block the attempted connection. I keep windows update like this until I am ready to run the updater and check.

 

I have Enabled Yes Green Allow & Enabled Yes Red Block.
And I have a bunch of U rules that are Enabled No White Allow.
===================================
So, Enabled No White rules are not enabled (Enabled No) and therefore the connection is blocked ?
So, with Enabled No White -- Allow or Block are not in play because the connection is blocked ?

Spoiler: Green Red White

 

No. A rule that is not enabled is equivalent to a rule that is not there. The firewall will ignore it. What the effect of that is will depend on what other rules you have in place.

A reason you might want to disable a rule is if you are experimenting with different versions of a rule to do something or other. You might set up several rules which are all meant to do the same thing, but are slightly different from each other - eg maybe they specify different sets of ports. Then you can disable some so that only those that are enabled take effect. Then you could enable one of those and disable a different one to see what happens. It's easier to disable a rule than to delete it and have to add it back on later on.

Or, you might have a rule that allows something, but you only want it to be allowed for a few minutes every few days. So when you don't need it, disable it. It stays in the list so you can enable it next time you need it, then you disable it again.

 

Well, all my Enabled No White Allow rules were created by WFC.
I have not disabled any rule. I've just Allow or Block enabled rules.
I've reset all settings to default values and restored default and recommended rules a few times to experience the process. I've not disabled any rule. I've deleted rules. I'm apparently not employing WFC at full potential. As you can see....White rules are a mystery to me.

 

Not possible at this time. However, you can distinguish allow/block rules by taking a look at the Action column.

It would be possible, but it would be difficult to handle all scenarios. Some of these unwanted rules are added at boot time (e.g.: Steam), some of them are added when a full screen app/game is executed, so, a notification from WFC in these cases would be useless since the user will not see the notification. In this case you should not use Secure Rules.

Authorizing a blank group name would defeat the entire purpose of Secure Rules since many of these unwanted rules are added through netsh which does not allow setting a group name. Naming that first entry to something will interfere with an existing group name since it can be any string. I will think about a solution.

I will think about this. It can be done but I must see where to put such an option.

WFwAS = Windows Firewall with Advanced Security
You can launch it by executing wf.msc or from WFC tools tab.

I don't even have such a rule (Windows 10). If everything works as expected, then remove the rule.

Regarding the disabled rules, they don't apply. If you use Low Filtering profile (outbound filtering disabled in Windows Firewall) then all outbound traffic which is not matched by enabled rules is by default allowed. If you use Medium Filtering profile (outbound filtering enabled in Windows Firewall) all traffic that is not matched by an enabled rule is by default blocked. In both cases, disabled rules are not taken into consideration.

 

Yeah, link was google search. Did not realize source at first read. Sorry . I was interested in

I tried delete. Rule came back. That's why I was curious about instructions to create Authorized group @ and add my U -@ to Group @.
Diag Track may be machine specific, my setup W10 Home 1607. No worries. No biggy. Thanks

I run Medium and wondered why all the White rules (disabled rules) were listed since they appear to be "rules in waiting". When I change for example firefox.exe Enabled Yes Green to No White. Upon calling firefox.exe. WFC prompts me for response.
Okay. I'll think of White rules as disabled rules and not taken into consideration. And no reason for me to add my one U -@ to Group @.

Thanks ~ Regards w Respect

 

Working smooth as silk with 7x64.
I hope you don't over bloat for win 10.
Thanks!

 

Wow... recognises VPN connections... might have to update my version to see this! Still on 4.9.9.0

 

So here's a basic question I'm sure, on the Rule Panel, the column "Group" is that just for user organization? Everything just defaults to Windows Firewall Control, and a few of mine are blank as well. If it's just for categorization, how do some of you guys use it, I'm just looking for ideas really.

 

I paid for wfc. I can't log in. https://i.imgur.com/SxvnBE5.jpg I can't activate wfc. it was installed and activated for at least a year than I uninstalled it today and installed current version. can u help me reactivate it? i get this error "Donation details not found. Please contact us by email at support@binisoft.org"


Dear joanne , thank you for your donation and for your support.
SLTTK63LUZNQ8V9Y activation code
Below is the URL to your activation page. You have approximately 24 hours to activate
the program, in which after that period the activation page will be expired.
http://www.binisoft.org/page.php?dl-1MK26104DW553605G
After the activation page will be expired, to get a new activation code,
you can log in into your account, using the following credentials:
Username:
Password: binisoft
You can change your password after you are logged in. If you want to log in into your
account now, go to the following URL: http://binisoft.org/login.php
You can watch the activation process on the following URL:
https://www.youtube.com/watch?v=sV3Sk7DMuzU&feature=youtu.be
If you have any questions, comments, or concerns, feel free to email support@binisoft.org
Thank you for your support,
Alexandru Dicu
BiniSoft.org Team

 

It's activated now, thx.

 

After updating Winscribe VPN 1.80 beta 24, Windows firewall show this alert. I thought WFC is suppose to take care of connections? I say cancel, and every time Winscribe starts this message shows.

 

Ok, thank you. If possible, please consider allowing item de-selection. For example, if there is only one entry in the rule list (after a search for example) and that item is selected (either before or after the search) then it becomes "black" and cannot be deselected by clicking on it, or somewhere else.

(just found out it can be deselected with CTRL-click, but a single click would be nicer )

 

Windows Firewall itself displays security alerts for programs, other than Windows services, that attempt to listen for unsolicited incoming traffic and the incoming traffic is blocked. These security alerts can be disabled from Windows Firewall and are not configurable from Windows Firewall Control. Pressing the Allow access button will create a new inbound allow rule, while pressing the Cancel button will create a new inbound block rule. It seems that this software really needs access to your computer.

How do you find these small bugs ? I will add a way to deselect the one item if only one exists.

 

It was the beta, back to stable. If it starts this crap I will be moving on to another VPN. Wondered why they were giving out "free" life-time licenses. Know I know!
Spyware (maybe). Will stay on stable for now.
Thanks for the notice.