Simplewall-Firewall

Discussion in 'other firewalls' started by co22, Oct 25, 2016.

  1. henrypp

    henrypp Registered Member

    Joined:
    Jul 27, 2017
    Posts:
    41
    Location:
    Nowhere
    No. I'm still shining, still climbing. I hope to have time on autumn/
     
  2. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    3,379
    Location:
    Under a bushel ...
    Sorry OT, but chrlauncher also please (not that there are problems) :thumb:
     
  3. Duotone

    Duotone Registered Member

    Joined:
    Jul 9, 2016
    Posts:
    142
    Location:
    Philippines
    Installed simple wall and just notice that my windows defender security is missing in my system tray icon?! Is that fine?
     
  4. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    11,365
    Location:
    The Netherlands
    Any comments on this?

     
  5. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    3,484
    Location:
    Mexico
    Nope, just waiting for him to stop having fun /lol
     
  6. __Nikopol

    __Nikopol Registered Member

    Joined:
    Aug 13, 2008
    Posts:
    588
    Location:
    Germany
    It doesn't necessarily have to do with his program. Why am I the only one who sees this? I'm not the only one looking, am I?
    When I block Simplewall in itself it stops spamming it's own log file. (And subsequently the connections.)

    Henry said it has to do with me using a VPN. I don't know why or what is even going on. (I'm not an expert or even good at this) But I doubt its malicious.
     
  7. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,793
    Location:
    Poland - Cracow
    @Duotone @Cantos
    Your apps are from MS (WD and Word) so maybe the reason of your issue is that not only specific processes should be allowed but services also. Did you allowed some of them (list from RBM) to call out?
     
    Last edited: Aug 23, 2018
  8. __Nikopol

    __Nikopol Registered Member

    Joined:
    Aug 13, 2008
    Posts:
    588
    Location:
    Germany
    Why did you call me?
     
  9. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,793
    Location:
    Poland - Cracow
    Sorry for mistake...it's already changed :)
     
  10. co22

    co22 Registered Member

    Joined:
    Nov 22, 2011
    Posts:
    357
    Location:
    router
    i dont have word but some program(not remember what was but after allow its work) wont work if you dont allow access to 127.0.0.1
    so try it
     
  11. Duotone

    Duotone Registered Member

    Joined:
    Jul 9, 2016
    Posts:
    142
    Location:
    Philippines
    @ichito I think I've allowed msmpeng.exe to call out... need to add it on blocked apps?!
     
  12. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,793
    Location:
    Poland - Cracow
    I'm not using Windows Defender so I don't know what processes in fact there are in your system but
    - I think about such option (accesible from the list in SW window and from try menu)
    180824093115_1.jpg
    and services like this
    https://superuser.com/questions/494163/disabling-microsoft-antimalware-service
    - try to find such processes connected to WD...maybe they need to have internet access - point No 2 "Disable Real-Time Protection and reschedule your Windows Defender"
    https://www.drivereasy.com/knowledg...-exe-eating-up-too-much-cpu-in-windows-10/#F2
     
  13. imuade

    imuade Registered Member

    Joined:
    Aug 4, 2016
    Posts:
    677
    Location:
    Italy
    Maybe you can find this post of mine useful :)
     
  14. korben

    korben Registered Member

    Joined:
    Nov 5, 2009
    Posts:
    829
    Thanks guys for the input above.

    Now all I'm asking for is an update.
     
  15. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    11,452
    simplewall v2.3.4 (21 September 2018)
    https://www.henrypp.org/product/simplewall
    Download
    Changelog
    sha256 checksum
     
  16. lucidstorm

    lucidstorm Registered Member

    Joined:
    Aug 12, 2018
    Posts:
    41
    Location:
    Poland
    hi, does it have some self protection mechanisms, it runs very well but sometimes high CPU load with some windows services (if I find out which one I'll post). I use it for old laptops where I have to be careful about ram. Its also much simpler to use than any other software (the easiest one to date). However, there should be an informative window pop for new users on how to block all by default, first time I've run it I allowed all traffic without me realising it
     
    Last edited: Oct 3, 2018
  17. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    11,452
  18. __Nikopol

    __Nikopol Registered Member

    Joined:
    Aug 13, 2008
    Posts:
    588
    Location:
    Germany
    I can not update with the program or reach your website when I use a VPN server in Luxembourg. Do you block VPNs for some reason?

    Also, do you know what those entries in the "blocked package log" mean? It is literally full of them. Many times per second.
    14-‎Oct-‎18 ‏‎23:29:28,<empty>,<empty>,[SOME EXTERNAL IP] (Remote),192.168.178.20 (Local),<empty>,<empty>,#0,IN,BLOCK
    Why are the places for the program name and some others empty?
     
  19. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    11,452
    simplewall v2.3.6 (16 October 2018)
    https://www.henrypp.org/product/simplewall
    Download
    Changelog
    sha256 checksum
    v2.3.6 (16 October 2018)
    • added purgen submenu into tray menu
    • added more statusbar information
    • set extra large icons view by default
    • tray menu services counting bug
    • fixed app with overdue timer still enabled on profile load
    • fixed resetting some data on profile load
    • fixed timer resetting on profie load
    • fixed listview checkboxes
    • cosmetic fixes
    • fixed bugs
     
  20. bitpixl

    bitpixl Registered Member

    Joined:
    Jul 22, 2016
    Posts:
    3
    Location:
    Anywhere but here
    So as of today I switched to Simplewall (coming from Tinywall) and I'm loving it.
    I do have some questions / observations being a new user.

    * Leave windows firewall (wf) enabled on install or disable it.
    1. With wf OFF, simplewall will save to it's own config? (I'm using this)
    2. With wf ON, simplewall will configure the wf?
    Which of these 2 options is recommended and as I'm using the 1st option, how and when does simplewall activate during boot process?
    I'm asking this because I dont see a simplewall service and the default firewall is disabled by simplewall. (I have enabled boot-time filters)

    * Is there a way to allow us to expand the settings/rules window for a better viewing experience?

    * Is the blocklist automatically updated with simplewall updates?

    * of the default enabled system rules, which ones do you guys still disable (and why).

    * I'm working under user context, tried to use the skip UAC but that option doesn't seem to be working properly (as mentioned before).

    * I also vote for making the exit button close to the taskbar.

    * compared to tinywall the first thing I missed was having an option to quickly restrict a program to only acces the LAN. It's working now using the custom rules, but maybe it can be included as an build-in option in the future.
     
    Last edited: Oct 20, 2018
  21. __Nikopol

    __Nikopol Registered Member

    Joined:
    Aug 13, 2008
    Posts:
    588
    Location:
    Germany
    * Simplewall always configures the Windows Filtering Platform (WFP) if enabled. (As does Windows Firewall) But leaving the Windows Firewall on together with Simplewall, leaves your device open to changes to it outside the scope of Simplewall. And any program can simple add filters to the Windows Firewall which practically negates protection.
    Recommended is option 1: to let Simplewall turn the Windows Firewall off. (You can ignore the screams from Windows Security Center about it.)

    I don't know when Simplewall activates itself if boot-time filters are enabled. But I guess it doesn't and this is some functionality of WFP.
    Simplewall does not need a service because it uses WFP. (Like pretty much ALL other firewalls for windows)

    * You can drag the borders and embiggen the window. Or did you mean something else?

    * The blocklist gets separate updates. (More often)

    * None except DNS and Windows Update. (You may need DHCP) Why? Do you have servers running? If not: They are potentially detrimental to network security if allowed.

    * Exit button close to the taskbar?

    * You can right-click anywhere and add a custom rule or a program, if that helps and isn't obvious. I forgot what they tell you when you install it first time.

    * have not used TinyWall
     
  22. bitpixl

    bitpixl Registered Member

    Joined:
    Jul 22, 2016
    Posts:
    3
    Location:
    Anywhere but here
    * Simplewall always configures the Windows Filtering Platform (WFP) if enabled. (As does Windows Firewall) But leaving the Windows Firewall on together with Simplewall, leaves your device open to changes to it outside the scope of Simplewall. And any program can simple add filters to the Windows Firewall which practically negates protection.
    Recommended is option 1: to let Simplewall turn the Windows Firewall off. (You can ignore the screams from Windows Security Center about it.)

    I don't know when Simplewall activates itself if boot-time filters are enabled. But I guess it doesn't and this is some functionality of WFP.
    Simplewall does not need a service because it uses WFP. (Like pretty much ALL other firewalls for windows)

    Excellent answer thank you. Any reason why the boot-time filters aren't enabled by default?

    * You can drag the borders and embiggen the window. Or did you mean something else?

    The main window yes, but once you open the settings window, that window can't be resized.
    Allowing the settings window to be resized to get an overview of all (available/enabled/disabled) system rules in one overview would be useful imo.


    * The blocklist gets separate updates. (More often)

    How is this updated? through the same update mechanic?

    * None except DNS and Windows Update. (You may need DHCP) Why? Do you have servers running? If not: They are potentially detrimental to network security if allowed.

    I'm just asking because I had LLNMR/mDNS/NetBios(in/out)/SNMP/SSDP(in/out)/UPnP enabled. Wondering if that's default or if more was enabled on my end compared to a default windows install. I did find out that turning off WS-Discovery does some stuff with the indexing service (got an index error message on top of the startmenu when I started to type/search something in the startmenu), so I put that back on. I also had to switch on NTP to have windows time get the current time from pool.ntp.org.

    Speaking of Windows Update, having "Windows Update" option enabled under system rules didn't seem to be enough. I had to allow "svchost.exe", which does alot more than just getting windows updates (also sends telemetry). I've "restricted" svchost.exe to port 80;443, but I still feel akward about that executable... I guess there's nothing you can do about it if you want Windows Updates (unless I start using WSUS Offline Updates or something similar)

    * Exit button close to the taskbar?

    I think I was a bit unclear/wrong here, I mean on the main simplewall window on the bottom there's the "Exit" button that closes the the simplewall program. I think it would be better/safer to have that button funtion as a "close to system tray" (and leave it running) option. I think having an true exit program option by right-clicking on the fire icon on the system tray would be a better solution.

    * You can right-click anywhere and add a custom rule or a program, if that helps and isn't obvious. I forgot what they tell you when you install it first time.

    Yeah after some tinkering I got that to work. Ok, would it be possible to have Simplewall have a default option called "restrict to local network" pre-configured as a custom rule, so novice users can simply right-click on the program and link the "restrict to local network" custom rule? I think it would add to the "simplicity" idea of simplewall.

    * have not used TinyWall
    It was pretty good actually, but I think this is getting better and better :)
     
  23. lucidstorm

    lucidstorm Registered Member

    Joined:
    Aug 12, 2018
    Posts:
    41
    Location:
    Poland
    cool since when u use simplewall alongside eset firewall you receive double alerts first from simple wall then eset, might not be like much but if one fails (gets compromised, corrupted, bugs out or when re-installing one of them) another picks up connections. Tinywall doesn't work with eset but with simple wall there are no spotted issues yet. I am trying both at same time (simple wall + eset) since simple wall gives more intuitive control over some eset settings and they don't clash they seam to seamlessly upgrade one another and eset will tell you with hips if simpewall got modified and now tries to connect (hips missing in simplewall) like from virut infection, hacker activity and alike
     
    Last edited: Oct 22, 2018
  24. __Nikopol

    __Nikopol Registered Member

    Joined:
    Aug 13, 2008
    Posts:
    588
    Location:
    Germany
    bitpixl
    Sorry, your answer slipped through my notifications. Haven't seen it until now. Sorry :)
    I don't know. The dev sometimes come on here, you can ask if he doesn't sees this.
    @henrypp He's the developer.
    Yes. You can search for it manually or it will just pop up.
    It is default. I have all these deactivated and they are still listed. You don't usually need them
    I don't use indexing. Actually, in Simplewall I have NTP deactivated, but I still get updates. I just checked. Maybe if the NTP protocoll fails, windows falls back to something else. Thanks for mentioning it. I totally forgot NTP and had it still configured to use microsofts server.
    Yea that's right. Unfortunately Henrypp hasn't yet done something in this regard. Maybe it is hard or impossible to get all or any relevant windows update server IPs.
    You seem to think that the firewall is disabled when you close Simplewall. (I think. Because you said "safer") Simplewall works even when the program is not running. As it uses WFP to enforce blocking; as long as you activated Simplewall the protection never ends. It tells you about this when you close it unless you set the flag to never tell you again the first time you saw it. The only thing that isn't working is the pop-up windows that ask you about new programs that want more internet.

    I think it's best if you make a list with your ideas to improve the program. I don't think Henrypp takes enough time to read all the posts in this thread.
    If you write @henrypp you can send him a notification about your post.

    EDIT: Henrypp, FYI, some Luxembourger VPN-IP are blocked on your website. No issue though.
     
    Last edited: Oct 26, 2018
  25. yeL

    yeL Registered Member

    Joined:
    Aug 10, 2015
    Posts:
    135
    I wish this firewall had some kind of Connections Log where every program that tries to access the internet gets logged and we can customize them to allow/deny, etc, i prefer that over the notification system
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.