Simplewall-Firewall

Discussion in 'other firewalls' started by co22, Oct 25, 2016.

  1. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    7,339
    Location:
    Hawaii
    Sorry to hear that. It's one of the 5638 reasons why I do NOT use Win10.:rolleyes:
     
  2. henrypp

    henrypp Registered Member

    Joined:
    Jul 27, 2017
    Posts:
    52
    Location:
    Nowhere
    1) true
    2) true (it's just a list, filters are not applied forr this apps)
    3) true (inet access enabled, except of applied rules with "block" action)

    as example:
    -> allow IE internet access you just check iexplore.exe in apps list
    -> then you need to block 1900 port
    -> just create new rule 1900/block and apply created rule to iexplore.exe
    -> simple, isn't it?

    4) applied only filters you selected for the app, no another rules applied for the app.

    Ok, thank you!

    Lol. In Win10, Matrix has you. In Win7, you have Matrix!
     
  3. popescu

    popescu Registered Member

    Joined:
    Sep 1, 2018
    Posts:
    259
    Location:
    Canada
    I do not who had who, but would have been useful to provide instructions how to disable Win firewall in Win 10 without nagging:


    Solution

    1. In Windows Security, enable the firewall for all network profiles. Ensure the security centre shield shows a green tick. Do not proceed until security centre is happy.

    2. Run gpedit.msc to open local security policy editor as administrator.

    3. Navigate to Computer Configuration, Windows Settings, Security Settings, Windows Firewall with Advanced Security.

    4. Under Overview, click "Windows Defender Firewall Properties".

    5. For each of the required profiles, set Firewall state to "Off".
     
  4. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    3,958
    Location:
    Mexico
    simplewall is a free program so dev is not obliged to handle every aspect involved. As a community (Wilders) we might suggest changes, improvements or bug fixes. That's it.

    Now you wrote down a solution. That's great. Fine.
     
  5. polly77

    polly77 Registered Member

    Joined:
    Jan 13, 2014
    Posts:
    62
    Hi I cannot get edge or ie to work even though I enable all ,anyone know how under simplewall?Thks
     
  6. popescu

    popescu Registered Member

    Joined:
    Sep 1, 2018
    Posts:
    259
    Location:
    Canada
    When you get a pop up from IE, assign the "http" rule.
    If you are on 64bit, you will get 2 pop-up; one for IE and one for IEx86. For both assign "http" rule
     
  7. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    7,339
    Location:
    Hawaii
    Thanks Popescu! :thumb::thumb::thumb:

    Even though I don't use Win10, I am adding your helpful suggestions (Posts # 553 & 556) to my knowledge base -- for my friends who DO use Win10.
     
  8. polly77

    polly77 Registered Member

    Joined:
    Jan 13, 2014
    Posts:
    62
    Hi popescu thks for reply ,van this also be done with windows firewall control 10 by sphinx?
     
  9. popescu

    popescu Registered Member

    Joined:
    Sep 1, 2018
    Posts:
    259
    Location:
    Canada
    Yes, this is a typical procedure to disable windows firewall without getting nags every time you boot your PC and without a red x on "Windows security" icon
    However, it has been rumoured that this procedure doesn't work for win10 home edition.
     
    Last edited: Apr 1, 2020
  10. act8192

    act8192 Registered Member

    Joined:
    Nov 9, 2006
    Posts:
    1,756
    Firewall doesn't care. It's Windows that cares.
     
  11. act8192

    act8192 Registered Member

    Joined:
    Nov 9, 2006
    Posts:
    1,756
    Not a rumor. Home does not have gpedit. There probably are some registry edits Home people could do. But then next (of too many) upgrades will likely destroy it.
    Even though I have Windows-Pro, I decided not to use gpedit. I've learned to live with that red X. And if it vanishes, I will immediately know that something just enabled the firewall. I will also know because the firewall I use (Sphinx) will show popups with "Window Firewall" in the text.
     
  12. popescu

    popescu Registered Member

    Joined:
    Sep 1, 2018
    Posts:
    259
    Location:
    Canada
    Is not only the red X, but also the pop up time to time about windows firewall being disabled.

    And is not a good idea to be comfortable with a red x on Windows security icon, because it can be generated for a different reason and you will assume that is because the firewall being disabled.
     
    Last edited: Apr 2, 2020
  13. popescu

    popescu Registered Member

    Joined:
    Sep 1, 2018
    Posts:
    259
    Location:
    Canada
    What do I need to allow in SimpleWall in order to get Widows Defender to update?
     
  14. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    3,285
    Location:
    Canada
    1. C:\windows\system32\svchost.exe to ports:80, 443
    2. C:\programdata\microsoft\windows defender\platform\x.xx.xxxx.x-x\msmpeng.exe to ports: 80, 443
    3. C:\programdata\microsoft\windows defender\platform\x.xx.xxxx.x-x\mpcmdrun.exe to ports 80, 443
    if it's only checking for protection updates, it will probably only need the svchost rule on port 443. Otherwise, good luck with the other rules, because the "x" variables will occasionally change when the defender engine updates to a newer version. Of course if Simplewall can handle path variables, then you're good to go.
     
    Last edited: Apr 4, 2020
  15. popescu

    popescu Registered Member

    Joined:
    Sep 1, 2018
    Posts:
    259
    Location:
    Canada
    Thanks, but if I open svchost.exe to TCP80,443 is like not having a firewall. Any app can use svchost.exe to communicate over internet.
    A good example is AdobeX which uses svchost.exe to update.
     
  16. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    3,285
    Location:
    Canada
    We've gone over this before, so this is the last time I will explain this to you in hopes you will grasp and embrace the concept; if Simplewall rules can handle remote IP addresses using subnet masks or CIDR blocks, then you can spend a few hours to study how subnet masking and CIDR blocks work, from which you can restrict your rules further by utilizing one or the other concepts. If detailed logging is provided, you can easily figure this out.

    Remember, knowledge is power.
     
  17. act8192

    act8192 Registered Member

    Joined:
    Nov 9, 2006
    Posts:
    1,756
    I assume nothing. I read the notifications as they appear about controlled folders and other such.
     
  18. Scorpion7

    Scorpion7 Registered Member

    Joined:
    Apr 18, 2020
    Posts:
    1
    Location:
    UK
    Hi,

    I am a long time user of the SimpleWall firewall.
    Now that I use two laptops, I would like to network share on them both to share files etc.
    This will only work if I disable SimpleWall.
    So can you tell me what I need to disable in SimpleWall in order to get both laptops to see each other without compromising on the firewall security?

    Thank in advance and stay safe everyone!!
    Scorpion7
     
  19. popescu

    popescu Registered Member

    Joined:
    Sep 1, 2018
    Posts:
    259
    Location:
    Canada
    Quick question:

    How can a disabled service has "network connection"?

    upload_2020-4-27_20-24-46.png
     
    Last edited: Apr 27, 2020
  20. popescu

    popescu Registered Member

    Joined:
    Sep 1, 2018
    Posts:
    259
    Location:
    Canada
    After one month, THE GOOD, THE BAD and THE UGLY

    THE GOOD:
    nice interface ,
    not based on Windows Firewall,
    can group the rules per app,
    minimum impact on CPU and RAM

    THE BAD:
    in Win10 you need to manually disable Win Firewall in order not to get alerts about "Firewall disabled"
    not clear how to use "Service" and "Packages"
    not possible to use wildcards

    THE UGLY ;
    almost zero documentation, on every step you need to "guess" how to do it or what is going to happen
    because of lack of documentation you do not know if you are doing something wrong or the firewall has an issue
    no detection if an app is using another app or BITS in order to connect to internet. Ex: if you allow svchost.exe TCP 443 and 80 for windows updates , adobe acrobat X can check for updates without warning.Restricting the interval to Windows IP's (around 1 million) doesn't help.

    CONCLUSION

    Nice program , which can improve your computer "cool factor" ; will allow you to restrict access to the internet for most legit applications
    A well designed malware will slip through without warning, so the firewall will not add another layer of defence to your security suite.

    After playing with it for 4 weeks, guessing here and there , I uninstalled it.
     
    Last edited: Apr 29, 2020
  21. SeriousHoax

    SeriousHoax Registered Member

    Joined:
    Mar 27, 2019
    Posts:
    29
    Location:
    Bangladesh
  22. popescu

    popescu Registered Member

    Joined:
    Sep 1, 2018
    Posts:
    259
    Location:
    Canada
    based on what is happening with "Apps" , services without a check mark should have network access denied , the same like an app without a check mark.

    But this seems not to be the case....
     
  23. SeriousHoax

    SeriousHoax Registered Member

    Joined:
    Mar 27, 2019
    Posts:
    29
    Location:
    Bangladesh
    I guess this is because services can't access network by themselves. Windows services usually use svchost.exe for those. By the method I showed above you can deny specific services.
     
  24. popescu

    popescu Registered Member

    Joined:
    Sep 1, 2018
    Posts:
    259
    Location:
    Canada
    OK then, but for consistency, all services should have a "check mark" (like unrestricted access) and the user should remove the check mark to block the device or should create rules, the same like in Apps
     
    Last edited: May 2, 2020
  25. SeriousHoax

    SeriousHoax Registered Member

    Joined:
    Mar 27, 2019
    Posts:
    29
    Location:
    Bangladesh
    This could be a limitation of WFP. Anyway you don't need to create multiple block rules. Just create one and check all the services you wish from the list in the rule creation wizard. Enable dropped packet logging so you can analyze what has been blocked.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.