TinyWall Firewall

Discussion in 'other firewalls' started by ultim, Oct 12, 2011.

  1. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    Yes, when you exit the tray icon, TinyWall is still running, it only exits the user interface. But even if you terminate the service instead of the GUI, the rules still stay active. To disable TinyWall without uninstalling, you can set it to 'Disabled' mode. The 'Disabled' mode is meant to disable the firewall on your computer, so while it technically leaves Windows Firewall on, it will be in a state where it lets all connections through. The effects will be more similar to as if Windows Firewall was also disabled.

    For SmartScreen to work, C:\WINDOWS\System32\smartscreen.exe needs to be whitelisted. It should be found and recommended automatically to you when you run the auto-detection, but you can also add it manually of course. It should also be automatically whitelisted on a fresh installation.
     
  2. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,796
    Location:
    .
    If I untick box "Windows Update" , does it really stop Windows 10 from updating itself?
     
  3. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Thanks for the info. But now that TW is a standalone firewall, why does it disable the Win Firewall? Or am I misunderstanding? I thought that TW didn't control the Win Firewall at all.
     
  4. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    Yes, though it remains possible to manually update Windows using command-line tools, I think, if you whitelist them separately.
     
  5. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    Because IMHO that's what average users would expect, as most users don't strongly disassociate one firewall from the other. If Windows Firewall is set to block something as per default rule, and they disable TinyWall, they'd be surprised if their apps are still blocked even though they disabled "the firewall". EDIT: Windows Firewall can still block things, the difference is it needs to have an explicit block rule instead of the default action.
     
  6. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,796
    Location:
    .
    Mi goal is to prevent W10 from updating automatically. What I plan is to update manually, at will, by ticking TWs case back again and after its done, disable WU again in TW.
     
  7. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    Will work as expected. I used to do same thing on my PC to ensure Windows does not update at unwanted times, though lately it has not been necessary, because Windows can now be told to delay updates by up to a whole month. This used to be more important when it only allowed 3-4 days at most. I have Pro though, not sure what the situation is on Home. Anyway, I can testify that disabling the "Windows Update" special exception prevents Windows Updates from working. Just tested it again:

    upload_2020-12-7_21-6-38.png
     
  8. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,796
    Location:
    .
  9. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    OK thanks for the info. So basically a tool like WFC will keep working even if you disable TW. Like I said before, I like to combine them, so the Win Firewall is managed by WFC, and outbound connections are being blocked by TW.

    Cool, will check it out. I was currently using StopUpdates10, but I don't know if it actually works. But I see there are plenty of other tools that can also do this, I'm posting this just for general information.

    https://www.thewindowsclub.com/free-update-blocker-tools-to-stop-automatic-windows-10-updates
     
    Last edited: Dec 9, 2020
  10. Aninob

    Aninob Registered Member

    Joined:
    Dec 9, 2020
    Posts:
    2
    Location:
    France
    Hello ultim,

    I'm using TW since a while and highly appreciate it.
    I've gone through Faq and this forum but did not find an answer to the following question: How would I block outbound IP's for an application (or even not depending on application) ?

    I've read above details about domain blocklist but as far as I understand it relies on the Hosts file, by redirecting some IP domain names to the [0.0.0.0] IP address which will make them "block". My need is to block numeric IP addresses. So I'm afraid Hosts file won't help.

    Thank you
     
  11. Aninob

    Aninob Registered Member

    Joined:
    Dec 9, 2020
    Posts:
    2
    Location:
    France
    Sorry while I rereread my question I see it is not precise enough:
    How would I block a short list of outbound numerical IP's for an application (or even not depending on application) ?
     
  12. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    Hello Aninob,
    That is not possible in the current version unfortunately.
     
  13. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    I have already explained multiple times (a while back) to you why this is a bad idea, even if it happens to work with your specific firewall settings by luck. Please don't spread false information. You are of course free to do whatever you want on your own system (but even you had a problem due to this once, I remember), but if my advice as the dev of TinyWall counts as anything, I discourage people from running multiple firewalls at the same time. There are both technical as well as usability reasons.
     
  14. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    OK so you are saying that there is no guarantee that TW and WFC will work just fine together. But at least on my two systems running Win 8.1 and Win 10 I don't see any problems. Basically, I see WFC as a tool to control the Win Firewall since M$ did such a terrible job. So no matter if I actually want to make use of the Win Firewall, I always install WFC.

    However, I do prefer TinyWall for outbound control. So far, TW does seem to work correctly when I put WFC in "Medium Filtering" mode. The only thing that I need to worry about is that WFC isn't blocking stuff that is actually allowed by TW. But yes, I get what you're saying, in general when you want to make use of TW, it's probably best to simply disable the Win Firewall in order to avoid problems.
     
  15. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    *Sigh*
    No, the problem is not the Window Firewall. In fact, I recommend to leave the Windows Firewall turned ON while using TinyWall. As far as the technical problems are concerned, the problem is that both WFC and TW will want to take some control of the Windows Firewall. While TW does not use the Windows Firewall to implement its own filtering, it does alter its state when WF is ON to minimize conflicts with TinyWall. And you can guess what happens when both TW and WFC try to control WF at the same time... And this is not just theory, even at present, right now, there are options in WFC that will make it incompatbile with TW. That is in addition to possible future changes in both firewalls that may cause even new problems. And all the previous are in addition to usability issues.

    I understand. You've found a config that happens to work for you. But this will not work for many users and has other disadvantages (that may not be important to you) too in general. And trying to document for others when it does work is bad because there is zero guarantee from either TW or WFC that it stays that way. Even now it is only a coincidence and not by design. And all this for no gain. It is pretty much pointless running multiple software firewalls, at least from a security point of view.

    Why try to do something explicitly unsupported that has known problems with close to zero gain and happens to only work in a specific case and only by chance? This was a rhetoric question :)
     
  16. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    OK, now I get your point. But what you're basically saying is don't install WFC when using TinyWall? And what if simply put WFC in "No Filtering" mode, this isn't a good idea either? BTW, I made a mistake I actually put WFC in "Low Filtering" mode otherwise it will also block outbound connections from apps without a rule.
     
  17. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    Depends on what WFC does in "No Filtering" mode. If it leaves Windows Firewall alone and does not touch it even when it is modified externally, it should be okay. Or maybe WFC took another route. I really don't know. But if WFC is in No Filtering mode, then basically it is not doing anything filtering-wise, so why install it all? Which is why I say, users should choose WFC or TinyWall, but not both, unless they are asking for trouble down the road or one of the firewalls is redundant.
     
  18. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Like I said, I get your point, but I personally install it to get control over the Win Firewall, and because of the "Connections Log" which seems to log actions from TW. But anyway, in "No Filtering" mode it disables the firewall. According to you, TW does the same if you choose "disable firewall", so this might indeed conflict.

    Also, I'm guessing that the "Secure Rules" and 'Secure Profile" features from WFC, might also interfere when TW tries to change certain settings of the Win Firewall. Still, on my Win 8.1 and Win 10 systems I don't see any problems at the moment, but I will try to stop making comments about combining WFC and TinyWall.
     
  19. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,412
    Location:
    Romania
    I agree here. Users should use either one or another. Combining them is not a good idea and does not improve any security, it just creates headaches for users and for us, the developers :)
     
  20. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    BTW, is it possible to make TW remember column size in all windows? It seems that at least on Win 10, when you choose "whitelist by process" I will keep having to resize the columns. But it should also be remembered in the "Connections" window for example. Another tool that refuses to remember column size is AutoRuns, at least on Win 10, on Win 8.1 it does seem to remember it, very weird.
     
  21. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    703
    Location:
    Hungary
    TW already remembers column sizes. If it doesn't, then please update to the latest version (at the time of writing 3.0.10). Since you seem to be running 3.0.4 or older, you'll need to manually uninstall first and then install the newer version. You can export and then import your settings to avoid losing them. This is because the MSI before 3.0.5 was 64-bit while newer version is 32-bit, so an in-place upgrade fails to work.
     
  22. g17

    g17 Registered Member

    Joined:
    Sep 30, 2017
    Posts:
    101
    Location:
    MI
    I've seen a recent strange behavior, wondering if anyone else has seen this?

    I'm running 3.0.10 on Win 10 Pro 20H2 19042.685

    I will usually elevate TW from the menu, so I went into the folder and changed the properties of the .exe to run as admin to avoid this.

    After doing this, the icon no longer shows up in my system tray. I checked my task manager and only 1 instance of TW was running, there are usually 2. I just clicked my shortcut again and it shows up now.

    Am I doing something bad here? I have admin rights in my account.

    OK, I checked some stuff before posting and now have more questions.

    The .exe file I modified is in ...program files (x86). It is the only .exe in that folder, hidden or not.

    The tinywall shortcut I made for my start menu (I believe I just pinned the above .exe), is in a different folder with different .exe files

    A picture might be easier. Here is the install folder and the path

    tw.GIF

    Here is the shortcut path from the start menu that (I believe) I made just by choosing the pin to start option with a right click on the .exe above).

    Capture.GIF

    How are these in different folders with different executables? The file that the shorcut points to is the TinyWall Controller.

    Sorry for the long post, thanks.
     
    Last edited: Dec 24, 2020
  23. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    OK thanks, perhaps I'm indeed using an older version. Because I noticed that the columns from "Application Exceptions" are also not remembered on Win 10. To clarify, I can't tell you which version I'm using, because I'm currently on my Win 8.1 desktop.
     
  24. TerryWood

    TerryWood Registered Member

    Joined:
    Jan 14, 2006
    Posts:
    1,037
    Hi Rasheed

    I suppose some people might say, why are you posting a question about "column sizes" when you don't know what version you are using. Particularly when the developer has said explicitly that TW remembers column sizes.

    Forgive me for thinking this is verbal diarrhea over common sense and wasting the developers time to boot. Sorry if I offend but...

    Terry
     
  25. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    TerryWood, with all due respect, it's probably best to keep these kind of comments to yourself, because they are non productive. I reported a possible "bug" and the developer was so kind to remind me that this is "fixed" in the newer versions, I responded with "thanks I will check it out", end of story. Also this stuff may sometimes be introduced in newer versions, this is the case with the newest AutoRuns, it doesn't remember column-size, while old versions do. It may not be a big deal to you, but to me and perhaps many others, it's annoying as hell. :)
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.