another Windows Firewall Control?

I just noticed a weird issue going on now though. I keep having to approve the same applications twice. Each time they have a different ID at the end, but they have they exact same path and what not.

 

Nothing weird about this. Just read the previous postings. There this issue is covered in detail.

 

Was the "show current network connections" removed? Because I remember there was such feature, but can´t find it anymore.

 

What's new in version 3.1.0.0
- "Active Network Connections" was removed due to the slow performance. Instead of this, in that window you will find listed the programs for that you selected not to show more notifications.

Off topic: I will start soon to transform WFC to a new enhanced application using Windows Presentation Foundation. This will resolve the troubles with different DPI settings, because it uses DirectX for rendering rather than the old GDI.

 

Yes, I know that but internally how? I use 4t tray minimizer and the titlebar buttons are not visible launching *.msc but when launched from your app's context menu they are as in WFAS context menu.

 

Process.Start("WF.msc");

 

Did you resolve anything ?

 

Not yet, would it need to be wfc.exe Process.Start("WF.msc"); ?

 

Has, anyone of you, tried Windows Firewall Control on MS-Windows Server 2008 ?

Thanks

 

Bug or something unavoidable? Watching DVD movie in WMP 12 at full screen. WFC popup alert causes full screen to exit.

 

It should work because WS2008 share the same Windows Filtering Platform (WFP) as Windows Vista and Windows 7. There can be some limitations with the default setup of WS2008 because it has some more restrictive group policy settings.

Not a bug. The notifications are set to be always on top of other windows, that is why the notification appears on top of WMP. In other way, how can you be warned about a blocked connection if the notifications can't get the focus ?

 

Version 3.1.0.2 available

What's new in version 3.1.0.2
- Improved: the program logic and some obsolete methods.
- Fixed: "Learning Mode" not working for swedish localisation.

I hope that in the near future I'll have enough time to finish the new version that will use WPF (Windows Presentation Foundation). This will be a really nice achievement. It will improve alot the user experience and it will also contain new features.

 

How does being on top trigger WMP from exiting full screen mode? I would think that it would just appear on top of the full screen instead of causing it to exit

 

Sounds good...looking forward to it!

 

Alex, today I had an issue that does not match your explanation:

I have got an "Allow-Rule" for
c:\program files\microsoft security client\antimalware\mpcmdrun.exe
on TCP Port 80, IP 65.55.53.190

Now what happened was another notification with exactly the same details.

I looked into the security log and found a WF-blocked connection with these details and event-ID 5157.
So why was this blocked although there is an "allow"-rule for it?
There seems to be a problem with rules that allow something, too.

 

Same address in the log? What I've found is that Windows Update can successfully use the Microsoft address range that you mention but Microsoft updates need more, a lot more. For some reason, it needs about 15 different akamaitechnologies and about 10 others with different names. All of which are not used every time a check is made. I think it has to do with which of the three update options are selected. The download but let me choose seem to need the most extra for me.

 

Yes, same address. That is what irritates me. I saw that with Windows/Microsoft updates, too, as with Akamai. These are covered by the svchost-rules as I think.
mpcmdrun.exe is belonging to Microsoft Security Essentials, and it's always the same IP. There is another IP linked with port 443, that I allowed, too.

 

I also use MSE and I never had this problem. I will investigate it more. The rule was created just with a few seconds before the second notification ? It is possible to be the same notification, or they were totally different ?

 

No, the rule was in fact created days before the reported behaviour. And definitely the same information. It didn't happen again since then, so I cannot report about any automatisms behind that.

 

Hello!

I never used any firewall except the integrated firewalls in XP and 7, I'm a newbie here. I would like to try this application because I would need it just to block some programs on my HDD, otherwise I would like to keep the Windows Firewall settings just as they are now. I have Windows 7 x64. And I have some questions, please help me.

If I install WFC and set it to "Low filtering", does that mean that inbound protection will still be just like it was before in Windows Firewall (I have it set to block all inbound connections except the few exceptions which are checked on the list of programs in Windows Firewall). Does the WFC affect/control only the outbound connections?

Is Windows 7 Firewall default setting block all inbound connections except the exceptions and allow all outbound connections? Or are some outbound connections blocked by default too? I'm scarred that I could mess up my Windows firewall settings with WFC. I know it's supposed to be a simple program but there's still too much options which I don't understand.

I've read that I can block a program by using the windows shell (right click) feature. Is it possible to set this setting for a specific program permanently? So that whenever I would start it it would block in and out access?

If I understand correctly I just have to set the rules and then I can close (exit) the WFC and the settings will remain and keep my PC protected. Why is then the default installation option to start WFC with Windows? Should I keep it running all the time (if yes - why)?

Will I still get a windows asking me what to do from the Windows when a new inbound connection tries to access the internet? Or does all that fall on WFC now? And how do I reset the default Windows firewall settings if I mess things up too much?

I'm sorry but I really don't know about FWs. I wrote to the WFC support and they are great, they replied to me quickly but I still have questions so I wrote here. Thank you for help in advance!

 

"Low Filtering" corresponds to the default Windows Firewall settings.

WFC with Learning Mode enabled handles only the outbound connections. No matter what profile you will use, the settings for inbound connections are not affected.

Windows Firewall contains by default hundreds of rules. Some of them are enabled and some of them are disabled. If you go to "Manage Rules" in WFC you will see that there are many default firewall rules. You must select the apropriate filter to see them.

Once you block a program with WFC, a firewall rule is created in Windows Firewall. This rule is active until you overwrite it or delete it. The rules are permanently.

Depends on what you need. It is not mandatory to keep WFC running if you don't need it's functionality all the time. Most of the users prefer to keep it running because they want to be notified about their programs when they try to connect to the internet. Learning Mode works with "Medium Filtering" profile.

The usual notifications about inbound connections that you currently receive from WIndows Firewall will remain the same. WFC handles only outbound connections. If something goes wrong ( the worst that could happen is to block a program to connect to the internet) you can go to WFC menu and choose to "Restore Default". This will reset Windows Firewall to the default settongs.

With welcome.

 

About the default Windows 7 Firewall settings: all inbound is blocked except the exceptions and all the outbound is allowed. Is that right?

If I will use the Low filterig mode, I can set some programs to disable their access to internet in low filtering mode too, right? And then I can exit the WFC and not start it with Windows at all and the outbound rules will stay and protect me, right? But I will not be notified in any way that those programs tried to access the internet - they just won't be able to and that's all, right? I won't use learning mode because it's not presnet in the low filetering, so I think best for me is to set disabled access for the programs I want, close WFC and forget about it.

Please correct my assumptions if I am wrong somewhere. Thank you very much!

 

Hello,
I registered an account here to express my gratitude for this great app. I hope it will help me forget good old kerio firewall I used for years on winxp.

I'd also like to post you a couple of suggestions/requests that I think would improve WFC even more:

A log showing blocked connections with the ability to create a rule from there. Something like "allow SomeApp.exe" "allow SomeApp.exe on port xx" "allow SomeApp.exe on port xx for the ip xxx.xxx.xxx.xxx) accessible clicking on each entry in the log.

I see that WFC already has an option to protect both itself and windows firewall with a password but I think that it would be useful to have something like a togglable "tampering protection" to lock down windows firewall leaving the ability to access firewall rules only via WFC. That way malware/applications/installers couldn't silently add their own rules without user's knowledge.

Thank you for your time and your work.

 

All assumptions are correct.

Thank you for your suggestions. I will try to implement such features in the future.

 

OK, thank you again! One more little thingie though: should I install 96 or 120 DPI version? I have two displays which I use: a laptop display (16" Sony VAIO @ 1600x900) and an external monitor (24" Dell @ 1920x1200). Both versions seem kinda same to me. Which one should appear bigger and which one smaller?