After reading many positive comments here about Private Firewall, I decided to give it a try, and I must say that I am disappointed, as it's missing a number of critical features. Unconditional Port Blocking The main feature that I really need that PF does not have is the ability to block ports unconditionally, no matter what application is trying to use them. Please correct me if I'm wrong about this, but it seems PF aboslutely needs to associate port blocking/allowing rules with particular applications. I could not, for example, block access to all ports below and including 1024, no matter which application is trying to use them. This feature is really important to me, and it's lack in PF is a deal-breaker. Non-contiguous Ports in a Single Rule Another feature I'd like to have is the ability to specify multiple non-continugous ports in a single rule. For example, I'd like to make a rule concerning ports "135,137,445". This can't be done in PF either, as far as I know. Fortunately, you can specify port ranges, like "1-1024", and (of course) you can specify individual ports, like "135", but not both individual ports and ranges, like "135,137-139,445". Undocumented XML Format Though I am happy that PF can export and import rules in a relatively easy to understand XML format, that format needs to be thoroughly documented somewhere so that the XML file could be edited by hand or by external tools. I don't want to have to guess what 'Mode="2"' or 'Rule flags="122"' or 'Value="1"' are, or what the <AppsParent> section is for. Too Much Clicking Without thorough documentation, the XML file that PF imports is only really editable by PF itself, which brings me to my last complaint: creating rules in PF involves way too much clicking! I know clicking a lot is the traiditional Windows GUI way, and that may be fine if you've got only a handful of rules to configure. But any more than a handful is going to become seriously painful to create in PF. I'm afraid to even imagine how many days or weeks it would take to create a few hundred rules in PF. Such a large ruleset would still be pretty painful to make even if you could type it in using a capable text editor, but at least if PF's export/import XML format was well documented, it could be done and it would save you a monstrous amount of clicking. Copying and Pasting Rules Now, if click you must, at least PF should allow you to copy and paste existing rules. But no. All you can do is modify, add, or delete them. Keyboard Shortcuts If you're going to be creating a lot of rules through the PF GUI, you should at least have keyboard shortcuts for every possible action, and allow these shortcuts to be user-configurable. Conclusion Considering all these deficiencies, I really can't take PF very seriously. It may well be a good firewall, for what it does. But its configuration ability is sorely lacking.