Windows Firewall Control (WFC) by BiniSoft.org

Thank.
The experimental option works well. This is for allowing rules. Is there no wildcard solution for deny rules yet?
I would change the window title, string 241

 

Is it still possible to get version 6.8.2 ?
I updated WFC last night and it has been very high on CPU since then.

 

v6.8.2.0 original installer ___https://workupload.com/file/qCWm5cBgqZ5 Always keep 1-2 previous versions.

 

They work the same. Starts with or ends with the string you provide. The only difference is that for normal strings, the notifications are skipped, for ALL CAPS, an automatic rule is created.

Check here and follow the same pattern: https://www.wilderssecurity.com/threads/windows-firewall-control-old-versions.431332/#post-3003447
The URL would be: https://binisoft.org/download/old/6820/wfc6setup.exe

 

I understand that.

I don't understand this. A permissive rule will be created, and I need a prohibitive rule. For example, how can I disallow outgoing connections for all applications located in D:\Portable?

 

You don't need any rule for that. Just use Medium Filtering profile which blocks by default all connections for programs without an explicit allow rule. The purpose of the notifications exceptions tab is not to create block rules or to disallow connections. The purpose of these exceptions is to instruct WFC to automatically dismiss certain notifications.

 

Thanks a lot for your help !

 

Updating WFC will always re-enable Connections Log / Log connections / Allowed connections, which may indeed increase CPU usage. Try disabling it.

 

It was never mentioned that an auto-prohibitive rule can be created with the new experimental feature.

 

Yes, I am aware of that. But now I realize that the wildcard for the forbidding rule is not implemented.

 

There is no forbidding rule here since an auto block rule will never be created. This experimental feature is to help to auto allow some programs that have a different path after each update. That's all. The purpose of the notifications exceptions is to auto dismiss notifications that would be sent to the user.

 

@alexandrud
hi
thanks for the update , but could be added a list of the older version maybe in the homepage , seeing a new version could work better on w11 updated and less under other older os
thanks

 

@alexandrud
This was already on the forum, but it got lost. Remind me again, please, what is the purpose of WFC accessing auditpol.exe at boot?

 

WFC service uses auditpol.exe to configure auditing policies required for notifications system, connections log, secure rules, import.

 

Can you use Secure Boot and WFC Lock at the same time? They are great options individually, but they kinda clash with each other from usability standpoint. Currently, after secure+locked boot, you have to open WFC, manually unlock it, set the filtering from High to Medium, and then again not forget to lock it. That is a lot to do at every boot..

Currently, if you right click a locked WFC icon in tray, the Profiles options are greyed out. I'd like to request a feature: instead of being greyed out, you can click on it to change profiles, it just asks you for a password, and then after changing the profile immediately locks the program again with the same password. Thoughts?

 

Minor observation (bug?): in Properties/Description of an auto-created rule (new experimental feature):

"Auto rule created by exception C:\USERS\USERNAME\APPDATA\LOCAL\WHATSAPP"

Right-click, Create Duplicate, Description becomes:

"Auto rule created by exception CUSERSUSERNAMEAPPDATALOCALWHATSAPP" (backslashes gone)

 

Why should it lock it back once unlocked, what if you just want to unlock it? How does WFC know what is your intention? To improve your use case, I would suggest to not use the lock mode. Or if you still want to use both, you could create a batch script that will remove those 2 High Filtering rules and restart WFC service, without unlocking:

netsh advfirewall firewall delete rule name="High Filtering profile - Block inbound connections"
netsh advfirewall firewall delete rule name="High Filtering profile - Block outbound connections"
sc stop wfcs
sc start wfcs

Just make sure you execute this with elevated privileges.

Noted. I will try to improve that.

 

WFC would know because you did not actually click on the padlock button on bottom left. I will try the batch script, thanks.

 

hi
thanks

 

@alexandrud

Thanks for new version!

Suggestion

SOMETIMES I make a double click instead single on the tray icon and SOMETIMES the GUI opens two times ...
so I suggest a (better) "protection" that avoids multiple GUI openings.

Greetings

 

I am still using v5.4.1.0

Are there any security advantages by updating to the latest version (v6.9.0.0) in Windows 10?

 

So much time has passed since then.
The program has remained free.
New clearer interface.
Automatic rule to update Windows Defender signatures when WD changed version number.
Similar for other applications that change paths when updating.
Windows 11 compatibility.
v5.4 may not correctly display the status of the "Secure Rules" and "Secure Profile" options because the name of the Windows Firewall service has since changed.
My opinion is that the program is better now. The rules from v5.4 are compatible with v6.9.0.0.
You can secure with both v5.4 and v6.9.

 

Thank you aldist.

 

How are you able to reproduce this? I can't on my machines, not even on a slow VM with just 1 core CPU and 1GB of RAM. The first thing that is checked when requesting to open the Main Panel is if the Main Panel is not already opened. This code is pretty fast, few milliseconds.

 

Windows Firewall Control v.6.9.2.0

Change log:
- New: Added 3 new providers for WHOIS queries in Tools tab.
- Improved: Removed file extension validation in Properties dialog to allow more rules to be created, especially for Windows Subsystem for Linux.
- Fixed: Rules Panel hangs if a program path is a network path.
- Fixed: The system tray context menu for notifications mode is not updated when changing the language.

Download location: https://binisoft.org/download/wfc6setup.exe​

SHA1: 458872d63f5f380acfff9e9a57dfd194da04e722
SHA256: 548214adb293b8e42fa26bd3ca91d558d21435eeb39fa4b3576a0d053c3ac757

Thank you for your feedback and your support,
Alexandru Dicu

P.S. Please let me know if Windows 11 Smart App Control still creates problems with version 6.9.x.x. It is signed with a new EV certificate which may help with that problem. Since I don't use that Windows feature, I could not test it on my side.