Windows Firewall Control (WFC) by BiniSoft.org

Discussion in 'other firewalls' started by alexandrud, May 20, 2013.

  1. SwissBIT

    SwissBIT Guest

    Hi

    Except you introduce this as an OPTION (while install-process or even better configurable in the program itself). So, ALL would be satisfied! And you could have a new target group ...

    Greetings,
    SwissBIT
     
  2. Aborash

    Aborash Registered Member

    Joined:
    Jun 11, 2013
    Posts:
    13
    Location:
    Milky Way
    Seems nice, may be I'll give it a try
     
  3. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,412
    Location:
    Romania
    Windows Firewall Control v.4.0.0.4 - New release

    What's new:
    - New: Added the possibility to copy the filename in the clipboard when the user clicks on the filename in a notification. Open file location was moved to the program icon, so pressing on the program icon will open the file location folder.
    - New: When the user recreates the recommended rules there is no result dialog to inform the user if the action was completed or not. Now, a new confirmation is displayed.
    - Updated: WFC recommended rules for Windows Store in Windows 8 was updated.
    - Fixed: A new notification is not displayed if the Location is changed and there is a rule which blocks other Locations. For example, if a browser is allowed for Domain location only and the user switches to Public location, then the browser is blocked without displaying a new notification.
    - Fixed: The default rule for the WFC updater is not the correct one on a clean install, only when the user chooses to recreate WFC recommended rules from the Rules tab.
    - Fixed: When exporting a policy file it does not overwrite a file with the same name even if the confirmation dialog says that the new file was successfully saved.
    - Fixed: When importing a policy file the profile is switched to Low Filtering and the notifications are set to disabled. These two settings are left now like they were before the import.
    - Fixed: Update dialog result does not show in the center of the Control Panel window if Manage Rules window is opened.

    Installation notes: Just use the updater to update to the new files. That's all.

    Download location: http://binisoft.org/download/wfc4setup.exe
    MD5: f782e642842b9ba189935511aaae9026

    Thank you for your support and your feedback,
    The developer ;)

    @SwissBIT : The changes to the locking system require more time to implement. I will have this in mind for the next version.
     
    Last edited: Jun 11, 2013
  4. SwissBIT

    SwissBIT Guest

    Thank you, alexandrud ... and keep it up :)

    Greetings!
    SwissBIT
     
  5. SwissBIT

    SwissBIT Guest

    Hi,

    - Bugs:

    B1) IPv6 addresses does not work properly ...
    These are "double" saved - for example 2a00:1158:0:300:3a3a::1-2a00:1158:0:300:3a3a::1 ...


    B2) DNSBL fails for IPv6 ...

    DNSBL check fails for IPv6 addresses.DNSBL check fails for IPv6 addresses. Maybe an other service such as http://multirbl.valli.org/ would be a better solution.


    - Suggestions:

    S1) New shortcuts <Ctrl>+<Home> and <Ctrl>+<End> for Manage Rules windows ...

    In Manage Rules windows, the <PageDown> & <PageUp> keys work, but NOT the shortcuts <Ctrl>+<Home> and <Ctrl>+<End>. In large rule sets these combinations would really help.


    S2) Search field in rule manager window should have "X" button to clear the field ...

    For fast delete of search field content.


    S3) Customizable and visible Source Addresses ...

    As in WFwAs also. This is an relative important point, because not always ANY as source address is the right entry. For example - many users (also I) have internet via cable and WiFi (WLAN). In this case, the source IP for the different locations might not be the same - regardless of whether the IP is assigned dynamically (Public-Wlan or at Home for ex) or statically (at Work for ex).

    Also a corresponding column for that should be added to the Rule Manager.


    S4) Customizable Interface types ...

    As in WFwAs also. This is an relative important point, because many users (also I) have different interfaces. And some rules are eventually not always desirable for ALL adapters.

    Also a corresponding column for that should be added to the Rule Manager.


    S5) Customizable ICMP types ...

    As in WFwAs also. Not really quite so urgent but good for the ToDo list.


    S6) Service Name should be integrated in notification ...

    If a Service is used, this should be viewed and possible editable in the notification. Note, that the Windows Firewall Notifier (WFN) can do this already. Note: the Windows Firewall Notifier (WFN) can already do this.


    S7) Active line in Rule Manager prevents the display of the status color ...

    It appears only a gray line. My suggestion: Display a small FLAG at the beginning of each line for "Blocked" "Allowed" and "Disabled", which is always visible.


    Kind regards,
    SwissBIT
     

    Attached Files:

    Last edited by a moderator: Jun 12, 2013
  6. silver0066

    silver0066 Registered Member

    Joined:
    Dec 31, 2004
    Posts:
    994
    New version did not work for me. Kept disconnecting my Netgear Router using Genie. I am back on 4.0.0.3 and it works just fine for me until this is fixed.
     
  7. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,412
    Location:
    Romania
    The doubled item comes from Windows Firewall API. I will make some validation rules to display it only once.
    I think your recommendation is too verbose than the current ipvoid.com. I will think to a solution, maybe making it configurable somewhere in the application.
    S1) I will add this.
    S2) I will add this.
    S3) In 99.99% of cases, users will not care about local address because it will always be the same address as the user has. I don't see any security improvement if you set your IP as a source address in a firewall rule. This was removed on purpose from WFC columns to make it simpler.
    S4) and S5) The purpose of WFC is not to duplicate all WFwAS settings. It contains fewer configurable options (the most important ones) for a rule to make things simpler and to make Windows Firewall easier to use. For fine tuning and exotic tweaking of the rules there is always WFwAS. I think 99% of the users use software firewalls for outbound control and what is important for they is if a program should connect or not. Only 1% configure ports, remote addresses, interfaces, etc. For the majority is only: block or allow (all connections).
    S6) The notifications that will benefit from the service name retrieving are only the ones for svchost.exe. There is a lot of work and changes to make this possible. I will it a new try. This is not an easy task.
    S7) But in this way the colors will be removed and the selection still must be highlighted somehow. This will add icons instead of colors. It is easier to follow full colored rows instead of small icons in the first row. This will not change.

    Windows Firewall Control does not block or allow anything. Windows Firewall does, based on the firewall rules that it has. Does anyone else having trouble with the last version ?
     
  8. artoor

    artoor Registered Member

    Joined:
    Oct 13, 2012
    Posts:
    113
    Location:
    Poland
    Not the least, it works like a charm, and I love this tool :D

     
  9. silver0066

    silver0066 Registered Member

    Joined:
    Dec 31, 2004
    Posts:
    994
    When I updated 4.0.03 to 04, it kept adding notifications to programs I had already allowed, particularly Netgear Genie, which broke my LAN connection if I did not catch it in time. On the Manage Rules Page, Genie was green and set to all, ie, everything, but it apparently did not take. This did not happen in v03 and does not happen now that I have gone back. I made no changes to the Windows Firewall outside of WFC.
     
  10. SwissBIT

    SwissBIT Guest

    Hi,

    Perfect!

    Okay!

    Cool!

    Okay, that make sense.

    I really hope for this!

    One idea for this: leave the highlight background (maybe make the gray a bit lighter) and instead always white text make the selected text how the status?

    No, until now, no problems at all!

    Thank you!
    SwissBIT
     
  11. SwissBIT

    SwissBIT Guest

    Hi,

    - New problem with IPv6 address ...

    I had added the following IPv6 in WFwAs (on existing rule):

    2a00:1158:0:300:3a3a::1

    Then in WFC, it shows this IP as:

    2a00:1158:0:300:3a3a::1/128

    with error message "Invalid subnet mask" and "red-field".


    - Subnet-Masks are general invalid ...

    All IPs with subnet masks are marked as invalid (Invalid subnet mask). This is a serious issue: all existing such rules are no more editable, because save is not possible.


    - IP field length is too short ...

    Input (from copy and paste for example) is truncated at position 255. This is MUCH too short. I have fields for example with 427 chars.


    --
    SwissBIT
     
    Last edited by a moderator: Jun 13, 2013
  12. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,412
    Location:
    Romania
    Do you use Malwarebytes Anti Malware ?

    The problem is that in WFwAS we see something, but when I call Windows Firewall API it gives something different (that /128 at the end, and those duplicates too). I will try to modify the validations but is very hard because it breaks other validations. One single wrong character and when you apply the changes the rule will not be updated. About the length, I will update it to 1024 characters.
     
  13. KurianOfBOrg

    KurianOfBOrg Registered Member

    Joined:
    Jun 10, 2013
    Posts:
    2
    Location:
    India
    Does it still reject all connections first until you click "Allow" instead of pending them? This breaks lots of applications and is the single reason I don't use this. I understand that it's a limitation of the "lightweight" method used but I hope it gets addressed soon.
     
  14. silver0066

    silver0066 Registered Member

    Joined:
    Dec 31, 2004
    Posts:
    994
    I have Malwarebytes on my system, but with only On Demand scanning.
     
  15. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,412
    Location:
    Romania
    It can't be addressed because this is how it works. Windows Firewall Control does not use any network filtering driver and does not check the connections. There is no packet filtering at WFC level and this is the reason why it can't pause a connection until user interaction. It works on a passive way and reads Windows Firewall events through Windows Firewall API and offers notifications. I don't think it breaks many applications. It is enough to press again in the blocked application on the "Connect/Update/Refresh" buttons and they will connect without trouble. WFC is not a firewall, is a front end for Windows Firewall and has all the limitations that Windows Firewall has.
    I will do some more tests these days to find the problem and to provide a fix. There is a portion of code that was implemented to be compatible with MBAM and I think this is broken, even if MBAM is not with real protection activated. Strange thing s that I can't reproduce this and only 2 persons have reported this. I will look into this.
     
  16. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,412
    Location:
    Romania
    I just installed this application Netgear Genie on my computer. I don't know how it works on your computer, but on my system it takes 50% CPU all the time when it is running. I have a dual core CPU and 50% is a lot. Take a look at the screenshot attached.

    Untitled.png

    I have received two pop-ups. One from WFC for outbound access and I have created a rule to allow all. The other pop-up was from Windows Firewall, requesting inbound access which created two inbound rules to allow UDP and TCP connections.

    First reaction of the program was that I have no Internet connection because my WLAN is disabled. Yes I knew that, it is because my computer is connected through wire to the Internet. It had rules to allow all inbound and outbound connections. After a few seconds while my network icon appeared without connection, then it was ok. I have reinstalled WFC 4.0.0.4 to see if there is some effect. It works fine.

    Do you have troubles only with this particular application ? Or do you also have problems with other applications and WFC ? Again, I don't see how WFC can conflict with Netgear Genie because it does not block anything. When I have installed Netgear Genie, it disconnected my network, probably to configure itself, but this has nothing to do with WFC.
     
  17. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
    It surely is :thumb:
     
  18. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
    I know it's not a big thing, but would it be possible to change the systray icon? it just doesn't look like a firewall in any way imo...the shield in the last version made more sense
     
  19. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
    Yea same thing happening to me, I keep getting new alerts for chrome and utorrent over and over again...this is the first time this has happened so could it be a bug?
     
  20. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,412
    Location:
    Romania
    I have recompiled the version 4.0.0.4 and I have removed the validation for Locations. It now should work like the previous version 4.0.0.3. Please try this version and let me know if everything is fine now:

    http://binisoft.org/download/test/wfc4setup.exe

    1. Please uninstall any WFC version that you already have.
    2. Choose to keep your current rules.
    3. Download the test version from the indicated URL.
    4. Install it and choose not to create the recommended rules as you already have them.
    5. See if the problem is fixed.

    Looking forward to hear from you.

    Thank you for your support and your patience.
     
  21. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
    DONE! So far so good, no new alerts i'll keep you posted.
    Thanks :thumb:
     
  22. MrElectrifyer

    MrElectrifyer Registered Member

    Joined:
    Jul 24, 2012
    Posts:
    177
    Location:
    Canada
    Updated to v4.0.0.4 and it seems to have stopped displaying duplicates when I perform a network connection cycle, but still be displays duplicates when I perform a sleep cycle on my Surface Pro o_O I'm guessing it has something to do with the "Mail, Calendar, People and Messages" app cause lately, I've only been getting duplicates for that app's "Livecomm.exe" file....

    --EDITS--

    Nope, it has nothing to do with that app. I uninstalled it and now I get duplicate notifications for "C:\windows\system32\backgroundtaskhost.exe" whenever I perform a sleep cycle :|

    Yup, seems to be working so far :)

    Awesome!! :thumb:

    Have a few suggestions:
    1.) For the Manage Rules window. At the "Recently Blocked" list, could you add buttons under "Options" in the side panel to "Create Custom Allow/Block Rule"? If possible, also add it to the context menu It's kinda irritating to have to first create a generic Allow/Block rule, go back to the "Manage Rules" list (keeping track of all the ports/addresses from the "Recently blocked" list), then edit the just created rule.

    2.) For the main window. I noticed that you're using checkboxes in places ("Profiles" tab, "Notifications" tab and "Rules" tab) where radio buttons will be more intuitive; places where the user is allowed to select only one out of a number of options. Mind replacing the checkboxes at those places with radio buttons? More specifically replace the following checkboxes with radio buttons:
    - All checkboxes under "Profiles" tab
    - The notifications-level checkboxes and the sound-to-play checkboxes under the "Notifications" tab
    - The direction checkboxes under "Rules" tab​

    3.) For the notification window. From the looks of the changeloog for v4.0.0.4, I notice you've partially implemented my location management suggestion. While you're at it, mind adding options to customize the location when a user clicks the "Customize this rule before creating it" link? Also, could you replace the protocol checkboxes (at the rule customization form) with radio buttons?

    4.) For the notification window. Now that you've moved the "Open file location" action to the "left-click on application icon" event, mind making the "righ-click on application icon" event copy the file path/location to the clipboard?

    There also appears to be an incompatibility with Malwarebytes Anti-Malware. For example, when I visit the domain "bitshare.com", Malwarebytes Anti-Malware blocks that site and WFC shows a duplicate alert for Chrome. This is with v1.75.0.1300 of Malwarebytes Anti-Malware Pro.

    That's it for now :) Thanks for your continuous efforts in making this software extraordinary!
     
    Last edited: Jun 17, 2013
  23. MrElectrifyer

    MrElectrifyer Registered Member

    Joined:
    Jul 24, 2012
    Posts:
    177
    Location:
    Canada
    Irritatingly, there also seems to still be another rule the Windows Store requires. After doing some deductive reasoning, I decided to switch to a local account; doing so unsurprisingly logged me out of the Windows Store. So, I attempted logging in again and then I bumped into a login error stating that Windows Store is unable to log me in as I'm not connected to the internet.

    Cleared the Windows Firewall Control "Recently Blocked" list and after two failed attempts of logging into the Windows Store, due to lack of internet connection, the following recently blocked connections were logged:

    Windows Store Requires Another Rule.png

    Appears to still fall into the rule I recommended here. Wonder what service its using this time o_O
     
  24. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,412
    Location:
    Romania
    Sorry for the late response. I have a lot of work and I can't find time to reply.

    1) Create custom rules from Recently Blocked can be done and I will do it in the next version.
    2) Those checkboxes are actually radio buttons but they have the same template. It looks better this way than round radio buttons.
    3) I have added Locations checkboxes in the notification dialog, but I had to remove them because it looked very bad. Too much items in such a small dialog. This will not be done. Please use the Locations configuration from Control Panel window. In the notification dialog, they don't fit on one row and I have to insert 3 rows to include them.
    4) Can be done.

    About MBAM compatibility issues, this is under observation. The compatibility with MBAM breaks some validation rules and I have to either support MBAM, either remove Locations check for notifications. One of two, because I have tried many variations and these two don't work together.

    I will check again Windows Store rules to see if they need to be updated.
     
    Last edited: Jun 21, 2013
  25. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
    Well whatever fixes you made did the trick, no more redundant alerts :thumb:
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.