Fort Firewall 3.13.6 UI: Options: Add "Filter Local Network" flag. UI: Options: Add "Exclude from screen capture" flag. UI: Options: Add "Interface" tab. UI: Update SQLite to 3.46.1
Fort Firewall 3.13.7 UI: Options: Tray: Add "Show Alert Icon" flag. UI: Programs: Add "Clear Alerts" button. Driver: Fix "Block Internet traffic" with "Filter Local Network" turned on.
Fort Firewall 3.13.8 UI: Options: Traffic Graph: Add "Units" option. UI: Format traffic dates and bytes per locale. UI: Options: Fix "Theme" selected value. UI: About: Show last success check time. Driver: fortbuf: Improve IRP cancelling. Installer: Don't re-create "README.portable" for Portable. FortFirewall.exe.ini: Add "updateDir" option.
Fort Firewall 3.13.10 UI: Add Spanish language. Installer: Show "README.portable" file (for how to uninstall the portable installation). Driver Scripts: Don't remove FortFirewall service.
Fort Firewall 3.13.11 UI: Programs: Add "Rules inheritance" combo-box. UI: Options: IP Addresses: Don't expand tabs. UI: Blocked Conn: Separate "Direction" and "Reason" columns. UI: Blocked Conn: "Add Program" on double click. UI: Fix initial Zones loading to Driver (v3.11.3 regression).
I've been using Tinywall for many years now, but since that project is effectively dead, I'm thinking about migrating to something else, and Fort Firewall has caught my attention. It seems to do more or less everything TW does, and it is actively maintained, which is great! I've just been playing around a bit with it in a VM, and there is much to like, but the UI is somewhat confusing in some areas. The wiki/user manual (on GitHub) doesn't nearly cover everything as far as I can tell. Particularly confusing is perhaps the "IP addresses" tab, even if it is mentioned both in the FAQ and the Wiki. I'll have to play around a bit more to properly understand those. I also found that "Reset to default current tab" doesn't work properly on all tabs, which I opened a GitHub issue for. The Zones dropdown for "Edit program" is also not intuitive. I thought that perhaps I could use that to block access to defined zones for a particular program, but I couldn't get that to work. Probably user error, but since there are no explanation and no tooltip, it becomes guesswork. And since there are so many choices, it is not easy to know which combination of settings are necessary to achieve the desired outcome. Please don't take this the wrong way, I do see this as a promising app, but the documentation is sparse, and also somewhat outdated (there are more options in the current version than what is shown in the wiki). I completely understand that creating and maintaining documentation is tedious work, but a good user experience relies on it.
Most docs were created thanks to user Stefan (@Dashke) some time ago. It'll be overhauled and simplified after Rules implementation. - Zones should be updated to have actual addresses - Program's Zones applied only for Allow action - Program's Zones can be checked - app can connect to only these addresses - or Zones can be unchecked - app can not connect to these addresses - but Zones are not defined (checked or unchecked) by default
Keeping docs updated is quite a bit of work, especially when the application is being developed continuously (which is good), but it is fairly important, at least when it isn't immediately obvious what different options mean, and how they affect each other. Ah, OK. The rules settings are already there, but not editable. Do you have a rough idea of when you think that feature will be implemented? Ok, got it. However, that is not at all intuitive, so it really needs to be explained in the wiki. When right-clicking on the tray icon, the menu that pops up has a few items: I only have the default "Main" group, and again it isn't clear what unchecking that box will do, especially since a group might contain both blocked and allowed apps. It seems to me that unchecking this will make all apps in that group blocked, so it is a short way of just killing internet access for all apps in the group. That is perhaps also the most intuitive interpretation, but for cases like this, a tooltip would be great. And then there's the "Filter Enabled" checkbox. Unchecking it seems to allow all traffic (again perhaps the most intuitive interpretation), but then there is also the "Block Traffic" and "Filter Mode" submenus. It is not clear why there are so many options that seemingly might do similar things, so unless this can be simplified into fewer menus, again a tooltip would be welcome. Since I am using TW currently, I have traffic enabled for both instances of svchost (32 and 64 bit), and I haven't really looked into how many services use this. With Fort it is shown clearly, and individual services can be blocked, which is very nice. However, as an experiement, I tried explicitly allowing both svchost.exe files (to simulate the behaviour of TW), but that doesn't work in Fort. It still pops up individual warnings for services using svchost, so you can't just allow all by allowing the exe itself. Not a problem, just somewhat surprising.
How would/does FortFirewall handle switching users back and forth, whether those users were logged in or logged off?
well lets say....user1 (me) makes and sets rules for a browser, from within my windows user account, later I either log off, or not, and another user logs into their windows user account. They want to use the same browser, only they are doing so in their user account. Do those same rules i created for the browser (user1) apply also for the the other user when they log in, or would they be creating their own rules thru Fort from their account?. Basically 2 user system but 2nd user is not gonna wanna mess with Firewall settings. Also are the "Settings" that I select in Fort stay the same for both users, will both users get alerted the same on any activity? Also are the 'Rules' still running (blocking/allowing) for user1 if user1 isnt 'signed off', and another user is signed in to their user2 account?
There is a global Fort Firewall's Service with global config for all users. Any user can run Fort Firewall's UI process to configure it. You can set a password in Fort Firewall's Options. And configure for 2nd user to not show any alerts from Fort Firewall.
Fort Firewall 3.13.13 UI: Add "-c backup export/import [dir-path]" command line argument. UI: Programs: Sort "Name" column case-insensitively. UI: ProgramEdit: Disable blocked Zones/Rules row. UI: Options: Auto Update: Add "Keep current version", "Auto-download new version" flags. UI: Options: Improve "Reset to default". UI: Options: Import Backup without app restarting, but close all windows. Driver: Simplify traffic stats handling.
I currently already have another firewall installed, do I need to uninstall that first before trying FFW ? or could I just 'disable the rules' of that firewall ?
Fort Firewall 3.14.0 UI: Programs: Add "Alerts" filter. UI: Options: Reset changes on close (v3.13.13 regression).
Fort Firewall 3.14.2 UI: Do not open Alert Program in Auto-Learn mode. UI: Programs: Add "Kill Process" filter. UI: Update translations.
Fort Firewall 3.14.3 UI: Options: Programs: Add "Sound Alert" flag. UI: Apply Tray Events to Menu button. Driver can be opened only by Administrator. Attention: If you use Fort Firewall without Service, then you have to run it as Admin!
Fort Firewall 3.14.4 UI: MyFort: Move "Windows Service" from Options. UI: Options: Add "Alert Window for Auto-Learn mode" flag. UI: Options: Add "Block traffic for disabled App Groups" flag. UI: Programs: Remove "Use Application Group's Enabled State" flag. UI: Move app group periods handling from Driver. Driver: Fix check of Administrator.
Fort Firewall 3.14.6 UI: Options: Schedule: Add ability to retry tasks on error. UI: Options: Fix conf reloading after import.