Windows Firewall Control (WFC) by BiniSoft.org

Discussion in 'other firewalls' started by alexandrud, May 20, 2013.

  1. Special

    Special Registered Member

    Joined:
    Mar 23, 2016
    Posts:
    454
    Location:
    .
    WFC is really polish IMO, the GUI and everything just makes sense, how it opens, how middle clicks close a window, etc. "un-polish" would be cutting corners, adding something that isn't quite "perfect" because it's quicker to do then going the extra mile, the "10 times more work" is his words not mine...

    Basically no one will ever complain that there are optional configurable hotkeys, but some might if they're not.

    And programs like DisplayFusion, MSI Afterburner, etc. are global, so there's always a chance something might clash in the future even if not now. Not saying it's a problem right now because the programs I mentioned are totally customizable on the hotkey front, but image if they weren't.
     
  2. Stukalide

    Stukalide Registered Member

    Joined:
    Jul 12, 2013
    Posts:
    65
    Half the features in WFC wouldn't exist if alex had stopped development once it reached a polished state. In the Connection log, there used to be no context menu options such as searching rules or creating a customized rule based on an entry. Yet you could say WFC was polished already then, as well.

    Absolutely, WFC is polished, and has been for a long time. But polished doesn't equate with freezing improvement + development altogether, forever. I understand what you're getting at in general, as happens with software from time to time -- feature bloat, feature creep, etc. But keyboard shortcuts are probably the furthest possible thing from de-polishing; so far from de-polishing, in fact, it's almost satirical.

    Further, adding keyboard shortcuts isn't cutting corners. Keyboard shortcuts pervade all software, in fact, it's a positive when software has equivalent keyboard shortcuts vs. having to do everything with slower, imprecise point and clicking. When you want to reload a site while browsing, do you mouse-click the reload button? Or do you press Ctrl-R | Ctrl-Shift-R | F5? Because I can't remember the last time I've clicked the reload button, or the stop button (Escape), or clicked into the URL bar and selected the current URL (Alt-D), or popped into the browser search box (Ctrl-K), or exited a multi-windowed browser (Ctrl-Shift-Q, Alt-F-X), or mouse-opened History (Ctrl-Shift-H) or Bookmarks (Ctrl-Shift-B). And there's even added functionality in keyboard shortcuts that you can't get from mere mouse clicking alone, such as reloading: Ctrl-R reloads, but Ctrl-Shift-R reloads bypassing cache.

    Above all, you wouldn't be forced to use any keyboard shortcuts and can continue mouse-clicking, making it the same level of polish you've been personally accustomed to.
     
  3. popescu

    popescu Registered Member

    Joined:
    Sep 1, 2018
    Posts:
    259
    Location:
    Canada
    Bugs in the latest version:

    Bug#1: with WFC freshly installed and enabled (medium filtering), I cannot sign in my VPN /L2TP servers.
    If I chose "no filtering" everything is OK

    Bug#2: if I change the configuration and the confirmation message will appear ('Are you sure ...") AND at the same time a regular firewall message pops-up about allow/deny (will appear on top of that), the system will freeze:

    you cannot answer to the first window (which is behind) and you cannot answer to the top message which is related to what answer you provided before.
     
    Last edited: Nov 3, 2019
  4. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,411
    Location:
    Romania
    This is not a bug. Each VPN software requires certain firewall rules in order to work when outbound filtering is enabled in Windows Firewall. Have you tried to verify the Connections Log or to enable the notifications to see what is blocked when the VPN is connecting ?
    I can not reproduce this. However, the system would not freeze. In the worst case, WFC would freeze, not the system. I tried different variations of this scenario and I was always able to close WFC dialogs, no matter of the order in which they were displayed. Anyone else, do you have a similar problem ?
     
  5. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    670
    Location:
    Switzerland
    @alexandrud

    [Bug (v6.0.2.0)?]: Time Sort in Connection Log isn't possible (properly)


    Right after open the connection log it's (sometimes?) possible to klick in the related field ... however: it has never correct sorted (it seems) after I changed the sort direction. Also after chose another sort methode(s), it's no more possible to sort with time (after a click in the field, the sort symbol (little triangle) does no more appearing)).
     
  6. popescu

    popescu Registered Member

    Joined:
    Sep 1, 2018
    Posts:
    259
    Location:
    Canada
    I do not use a VPN software; I set up the VPN / L2TP manually , with user name, password, server name and shared key. With "Medium filtering" and "Notifications enabled" , I cannot connect: the connection stays indefinitely at "Connecting..." and no notifications are displayed . If I switch to "No filtering" the connection is possible

    Is true, the WFC will freeze but all I can do is to move the mouse. I had to reboot in order to recover.
     
  7. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,411
    Location:
    Romania
    This is indeed a bug. I will add on the to do list and will be fixed.
    You can kill the process wfc.exe and restart it. A reboot is not required.
     
  8. JNicoll23

    JNicoll23 Registered Member

    Joined:
    Oct 24, 2009
    Posts:
    48
    Location:
    Scotland
    You "set up" what? Surely, your VPN software? I think you meant you don't use some sort of configuration wizard?

    Having set up server name etc, some software on your system is communicating with that server. If the thing doing the communicating is not VPN software", what is it?
     
  9. bege10

    bege10 Registered Member

    Joined:
    Nov 5, 2019
    Posts:
    4
    Location:
    Germany
    Hi,
    I have just installed Windows Firewall Control. I am amazed that I didn't read about this amazing tool earlier.

    There are 4 (why?) equal standard entries in the outward rules that allow the sharedaccess service with no restriction (all protocols, ports and so on. And WFC still displays a notification for the service host and sharedaccess service.
    If others also have these 4 entries, is there any difference in the mentioned standard rules that I missed?
    Why does WFC still show a notification?
     
  10. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,411
    Location:
    Romania
    Screenshots please. With the rules (please include all columns) and the notification dialog. Thank you. I have only one. Did you import a policy multiple times ? Or did you create the same rule multiple times ?
     
  11. popescu

    popescu Registered Member

    Joined:
    Sep 1, 2018
    Posts:
    259
    Location:
    Canada
    I manually set up my VPN connection as explained here:

    https://www.windowscentral.com/how-manually-configure-vpn-windows-10

    Point is, after installing WFC I cannot connect to any VPN server and also there is no notification displayed ; only switching to "no filtering' will allow me to connect to the VPN.
     
  12. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,411
    Location:
    Romania
    WFC is not the culprit here since it is not doing any packet filtering. Connectivity issues are with Windows Firewall itself not with WFC in particular. Try to enable the rules from the group named "Routing and Remote Access". If an inbound rule is required (and it is most likely) you have to check the Connection Log for inbound blocked connections, as WFC will not display any notification for them. Read also this article: https://www.thewindowsclub.com/configure-vpn-connection-windows
     
  13. popescu

    popescu Registered Member

    Joined:
    Sep 1, 2018
    Posts:
    259
    Location:
    Canada
    Thank you for your answer!

    What I do not understand is why without WFC I can connect fine to all servers from my VPN network and as soon as I install WFC with "medium filtering " I cannot? We are talking about the same Windows Firewall here...
     
  14. Roberteyewhy

    Roberteyewhy Registered Member

    Joined:
    Mar 4, 2007
    Posts:
    610
    Location:
    US
    IVPN works fine with MWFC (v.6.0.2.0) on both OpenVPN and WireGuard.

    Robert
     
    Last edited: Nov 6, 2019
  15. kaljukass

    kaljukass Registered Member

    Joined:
    Apr 27, 2011
    Posts:
    244
    Haven't you accidentally forgotten who this thing belongs to? Could it not have any connections with given problems?
    https://press.malwarebytes.com/2018...xpand-security-offering-and-global-footprint/
     
  16. Circuit

    Circuit Registered Member

    Joined:
    Oct 7, 2014
    Posts:
    939
    Location:
    Land o fruits and nuts, and more crime.
  17. popescu

    popescu Registered Member

    Joined:
    Sep 1, 2018
    Posts:
    259
    Location:
    Canada
    Tree new rules created in "Rules Panel" and "allowed" but no pop up from WFC.
    @{Microsoft.StorePurchaseApp_11911.1001.5.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.StorePurchaseApp/Resources/DisplayTitle}............ Allow

    The rules in the attachment are between Host Process... and Microsoft office...
    I manually switched them to "Block"

    How were these rules created behind WFC backo_O rules.jpg
     
    Last edited: Nov 7, 2019
  18. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,411
    Location:
    Romania
    This has nothing to do with this. Why would you try to suggest anything like this ?
    Medium Filtering profile is enabling outbound filtering mode in Windows Firewall which is by default disabled so that everything can connect to the Internet. From WFC you just switch some Windows Firewall settings which otherwise are less accessible from WFwAS console.
    Everything as expected. For this reason I have implemented Secure Rules feature. Those rules were created by the operating system. I recommend you to read the user manual to understand better what WFC is supposed to do and what is supposed not. Read below how Windows Firewall works and how Secure Rules can improve your experience with it:
    https://binisoft.org/pdf/guides/Malwarebytes-WFC-User-Guide.pdf#page=25
     
  19. popescu

    popescu Registered Member

    Joined:
    Sep 1, 2018
    Posts:
    259
    Location:
    Canada
    Thank you for your answer!

    I found the problem for not connecting to VPN :I had to add a rule (from blocked connections) : NT Kernel7System (System).....Allow
    However, I never received a notification from WFC regarding this request.

    Now, about "Secure Rules" ;If I enable it, and a program wants to create a rule, I would get a notification from WFC or simply the program will fail to connect to the internet , without notificationso_O

    Thanks!
     
  20. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    1,103
    Location:
    Lunar module
    The application will not be able to connect independently or unnoticed, you will receive a notification from the WFC. "Secure Rules" are protected only from changing or creating rules by third-party programs, from outside the WFC, @{Microsoft.StorePurchaseApp_11911.1001.5.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.StorePurchaseApp/Resources/DisplayTitle} cannot create a rule.
     
  21. popescu

    popescu Registered Member

    Joined:
    Sep 1, 2018
    Posts:
    259
    Location:
    Canada
    "Secure Rules" doesn't work as intended, see attachment.
    Even though is enabled and "Disabled Unauthorized Rules" still I have several rules created by Windows, WHICH ARE NOT DISABLED, see the top of attachment. rules.jpg
     
  22. bege10

    bege10 Registered Member

    Joined:
    Nov 5, 2019
    Posts:
    4
    Location:
    Germany
    I had exactly the same rules. After activating Secure Rules they didn't appear any more.
    Did you import the already existing group names when you activated Secure Rules? If so, did you delete the group names of the unwanted rules?
     
  23. popescu

    popescu Registered Member

    Joined:
    Sep 1, 2018
    Posts:
    259
    Location:
    Canada
    I did not import anything; I created the rule one by one based on notifications and at a certain point I selected "Secure Rules" and "disable unauthorized rules"
    After several hours I opened the "Rules panel" and I noticed some rules on the top being allowed , created by Windows.
     
  24. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,411
    Location:
    Romania
    Below, did you press on the highlighted button ? What do you have in the Authorized groups list ? Because the behavior that you reported happens if those group names are added in the Authorized groups list, which happens when you press on the Import group names from the current existing rules button.

    upload_2019-11-10_17-21-20.png
    Have you tried to disable and re-enable Secure Rules ? Can you please manually test this ?
    1. Enable Secure Rules.
    2. Launch cmd.exe with Administrative privileges.
    3. Execute netsh advfirewall firewall add rule name="Notepad" dir=out action=allow program="C:\Windows\Notepad.exe" enable=yes
    4. Refresh the rules in Rules Panel and check if you have the new rule for Notepad that you just created. Is it there ? Or was it disabled/removed by Secure Rules ?
     
  25. popescu

    popescu Registered Member

    Joined:
    Sep 1, 2018
    Posts:
    259
    Location:
    Canada
    I had only Windows Firewall Control and Temporary Rules.
    I cannot troubleshoot anymore because I uninstalled WFC and reinstalled version 5.4.1.0
     
    Last edited: Nov 10, 2019
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.