another Windows Firewall Control?

So I did a clean install now.

What I am missing now is
- the service name "wuauserve" behind the windows-update rule (svchost)
and
- the service name "W32 time" behind the windows-timeservice-rule (svchost)

Are the rules for that specific svchost rules no longer connected to the services (like it was in 3.3.0.1)?

Thank you

 

I also realized that the Firewall rules created with WFC no longer show up in WFwaS. So when I now export the policies, what rules do I export then:

all rules - including the ones of WFwaS or
only the rules created by WFC?

 

This apply only for this version. When you have checked for updates you used version 3.3.0.1. When you will use this feature from this version, 3.3.0.2, it will download the new version on your desktop. You will see that it will work when a new version will be available, for example version 3.3.0.3.

The only remote address where wfc.exe should connect is 50.22.79.60 port 80 TCP, where it checks an XML file for available updates. That's it. Any other attempts should be blocked. They are probably verifications of security certificate and other stuff introduced by Visual Studio or by the obfuscation program used. WFC is safe.

As you already noticed, this applies only to a clean install when the rules are created. From Manage Rules, when you edit the properties of a rule, you can set a group name for every rule. The rules created by WFC are created in group "Windows Firewall Control". You can change the group to whatever you want.

Indeed. I will fix this. I don't know why the service name wasn't saved. I will investigate.

WFC uses the same rules as WFwAS. When you go in WFwAS, scroll down and you will see the rules that you have created in Windows Firewall Control group. They are all there. Also, when you export and import a policy, all rules are imported / exported, including the WFC ones and the original ones. All of them.

 

Thank you, Alex, for your answers.

 

I'm currently using "Medium Filtering" with v3.3.0.2

I've allowed javaw.exe to work in the private profile but only for the "in" direction, before I installed WFC.
The two rules are:
Name: Java(TM) Platform SE binary
Group:
Program: C:\program files (x86)\java\jre6\bin\javaw.exe
Profiles: Private
Enabled: Yes
Action: Allow
Direction: In
Protocol: 1st rule: UDP / 2nd rule: TCP


My preferred download tool is jdownloader. It uses the javaw.exe to actually manage the downloads.

An opened connection (currently downloading looks like this):
Process Name: javaw.exe
Protocol: TCP
Local Port: 62639
Local Address: 192.168.0.20
Remote Port: 80
Remote Address: 178.33.xx.xx
State: Established
Process Path: C:\Program Files (x86)\Java\jre6\bin\javaw.exe
Window Title: JDownloader

Because only inbound connections for javaw.exe are allowed shouldn't WFC block an outbound connection for it?

 

Hello,

Ever since the latest update (3.3.0.2), Windows Update is being blocked. I do not see a rule for it either. I can make a blanket rule for all svchost but that is too broad and I do not want to do that. How do I make a rule for Windows Update for svchost.exe -k netsvcs (just for netsvcs)? I am at a loss as how to do this. I also tried learning mode but do not get any pop-up. Any help will be appreciated...

 

Easiest way to handle Windows Update is just create a rule for the service itself.

 

With Medium Filtering enabled, JDownloader does not work until you create a rule to allow outbound connections for javaw.exe. Please check your rules, if JDownloaded can connect and download files, there is a rule to allow outbound connections for javaw.exe.

Windows Update should work through the rule named "WFC - Windows Update". Unfortunately, this rule is generally for svchost.exe and does not include only the Windows Update service. This will be fixed in the next release, which I plan release soon. The new version will be able to set the service name for a rule, from Manage Rules. This problem will be fixed in a few days.

Learning Mode works only for Medium Filtering profile. Which profile do you use ? And what version of Windows and in what language ?

 

Hello,

Strange I do not have that rule.

Yes, I can manually add a rule for svchost.exe and Windows Update will work. However if I do a rule for wuauclt.exe (Windows Update), Windows Update is still being blocked.

Cool !!!

I am using the medium filtering profile with learning mode enabled. My OS is Vista HP x64 with all service packs and hot-fixes up to date using the English language. As for the learning mode, I get no pop up when Windows Update is trying to update but Update is being blocked. I can verify by allowing all traffic via WFC main GUI.

On another note, I assume my exporting policies problem was not fixed this release as it is still present. On a side note, whenever exporting policies is failing, any changes I make in "Manage Rules" does not stick either. The changes appear to take but next time I go back to "Manage Rules", the changes did not stick. These two problems seem to go somewhat hand in hand as they both seem to always occur at same time and only a reboot gets things back as they should be.

 

Alex, I've found another issue:

Although I created the following rule...

Block
c:\windows\system32\taskhost.exe
Remote Ports: 80,443
Remote Addresses: 65.55.7.141

... WFC still notifies me about:
taskhost.exe on Port 443 and address 65.55.7.141

That reminds me of former WFC-versions where we had to activiate "don't bother me again".

Thank you

 

This happens because the ports from the rule must be the same as the new attempt of connection. Your rule contains ports "80,443" and the new connection is made on port "80". They are not the same, and from this reason, you receive a new notification. I will change the program's logic to search in defined ports instead of compare them. Until then, I recommend you to not set the remote ports field for the rules that block programs (Anyway, taskhost.exe will not try to connect on other ports, so specifying the ports is not required). I will fix this in the next release.

 

Good to know, thank you.
Are multiple IP addresses treated the same way as multiple ports?

 

Another issue:

In the above rule I wanted to delete the ports 80 and 443 from the rule, that means change from "custom ports" to "all ports".
In the manage-rule window I doubleclicked the rule, changed the remote ports to "all" and applied. 80 and 443 disappeared from the rule in the rules list.
After closing and reopening the manage-rule window 80 and 443 as remote ports are back in the rule.
I can reproduce that.

Addition:
I was even able to reproduce this with an "allow" rule, which I tried to change the ports from "custom" to "all". They disappear when clicking "apply".
After closing and reopening the manage-rule window the ports are back.

In both cases this behaviour occurs either on doubleclicking a rule or on using "properties".

 

Yes, it works the same way. I will fix this too.

You are right. It works only if you select ANY protocol. Thank you for reporting this error. I will fix this too. In a few days, the new version will be out and all these things will be fixed. Thank you again.

 

You are welcome.
Thank you again, for your excellent support!

 

Tried and is fixed and working like a charm. Thanks.

 

Version 3.3.0.3 available

What's new:
- New: The service name can be specified from the Properties window when editing a rule. From a drop down list. (puff-m-d)
- Fix: Service names are not properly set for the recommended rules when the program is installed. (puff-m-d)
- Fix: Local ports and remote ports are not saved when modifying the properties of a rule in Manage Rules. (Broadway)
- Fix: Duplicate notifications for the same connection when the remote ports contains multiple ports. (Broadway)
- Updated some templates.

Download link: http://binisoft.org/download/wfc.exe

Any feedback is welcome. Share your opinions about new features, possible existing bugs, etc. As always, I will try to implement new stuff, if it is possible and I will fix any problems reported that can be fixed.

Just check for updates and install the new version.
Thank you all for your help,
Alexandru

 

thanks for the news
but is there a old version that doesn't need frame 4?
i don't want to install frame 4
thanks
cheers

 

The latest version that was using Net Framework 2.0 was version 3.1.0.3.
Net Framework 2.0 was released 7 years ago. From version 3.2.0.0, I have used Net Framework 4.0 for the development. Net Framework 4.0 was released in 2010 and adds many new features and improvements. My suggestion is to update to the latest Net Framework available. It can't be bad for your system.

 

Thank you. I just made a clean install and set up my rules. Runs fine so far...

 

Holy Hell....please tell me this is a mistake. 200 meg for a gui? It's not even the firewall, just the gui for it. I can certainly understand reluctance to further make ourselves dependent on .NET.

(Yes, RAM is inexpensive. That's not the point. Have people forgotten how to efficiently code?)

 

The code is optimized. Every window is disposed properly, any collection, list, dictionary, etc. On my systems, wfcs.exe never had more than 30MB, and wfc.exe never requested more than 80MB. I will try to see what eats up so much memory. Unfortunately, the NET Framework takes to much memory. I will see what I can do.

 

I should clarify....it's not WFC that I dislike. I like it, and I donated to it. It's .NET that I hate. Anything that uses it is going to suffer from similarly high usage statistics.

 

i update framwork 4

is there a way to backup my w7 firewall built in setting manually?
i mean i want to backup it
how can i do it Manually?
thanks

 

You can use "Export Policy" from WFC main interface. This will save all of your firewall rules, which can be imported back, by using "Import Policy". WFC is fully compatible with WFwAS firewall rules and works directly with them. When installing WFC, no firewall rules are deleted. Only, if at installation, the user choose to create recommended rules, WFC will add 8 new rules which can be easily deleted from Manage Rules window. If the user choose not to create recommended rules, no new rules will be added.