Simplewall-Firewall

Discussion in 'other firewalls' started by co22, Oct 25, 2016.

  1. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    7,148
    Location:
    Hawaii
    Surely only you are right and everyone else is wrong -- Evorim's development team is wrong, and Simplewall's professor henrypp is wrong, and all the users of those FWs are wrong.

    I scanned a number of your posts in these forums. 9 of every 10 are negative. Hmm...:rolleyes:
     
    Last edited: Sep 25, 2020
  2. lucd

    lucd Registered Member

    Joined:
    Jan 30, 2018
    Posts:
    389
    Location:
    Island of Woman
    to make vodooshield work with SW you need to enable svchost apparently, so then AI cloud starts working
     
  3. popescu

    popescu Registered Member

    Joined:
    Sep 1, 2018
    Posts:
    259
    Location:
    Canada
    I find SimpleWall much easier to use that Windows 10 Firewall Control
     
  4. Less

    Less Registered Member

    Joined:
    Dec 24, 2008
    Posts:
    276
    I hope to try evorim soon.
    currently playing with Comodo
     
    Last edited: Sep 27, 2020
  5. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    3,479
    no doubt. Myself started with Atguard until it was bought from Symantec, then Outpost, then Look'n'stop, then Online Armor - all sophisticated firewalls. I use the firewall from sphinx soft since version 1 as it is very close to those in the past. for simple blocking or filtering the windows firewall is more than enough → which leads to "windows firewall control" from binisoft because WFC works in that rules, rules are stored that way, not stand-alone. I tried a lot but none was that convenient like W10FC.
     
  6. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    7,148
    Location:
    Hawaii
    Hmmm... Excellent comments and very helpful. Now, I hope this thread will return to its topic: "Simplewall Firewall."

    Although SW's developer rarely posts in Wilders nowadays, he is very active in providing weekly responses to questions, suggestions, and bug reports at GitHub. In the past 8 weeks, developer has released 3 revisions to SW so I fell certain SW is being actively maintained & developed for all Windows versions 7 to 10.
     
  7. lucd

    lucd Registered Member

    Joined:
    Jan 30, 2018
    Posts:
    389
    Location:
    Island of Woman
    Binisoft is Ok, or other popular third party Apps based on it, Windows firewall just allows what it deems trusted which is not OK, it is asking for trouble
    It is entirely possible to use third party based on Windows filtering platform (WFP) and Windows firewall (WF) togheter if so is paranoid, tested example Eset/SW or spy shelter/Eset/SW

    NOTE: no advice should be taken as universal but the built-in windows firewall alone is an awful idea, I followed this idea once and I deeply regret it

    one line of cmd can have unfortunate repercussions, ie cmd.exe /C "netsh advfirewall firewall add rule name="csrss" dir=in action=allow program="C:\Windows\rss\csrss.exe" enable=yes"
    csrss should never be killed or else BSOD, but the normal crss is in C:\Windows\system32 directory

    I mention it since bleeping computers were long advocating the usage of standalone built-in Windows Firewall as best idea ever in security, after cleanup they always recommended enabling default windows firewall and giving advices on how to set rules
     
    Last edited: Oct 3, 2020
  8. korben

    korben Registered Member

    Joined:
    Nov 5, 2009
    Posts:
    899
    I have installed the W10 2004 update.

    If my memory serves me well, and I can't vouch for that, I used to hit Enable Filters, the FW of W 10 became disabled this way too. All good.

    On this version of W10, Security at a glance, the screen remains Red encouraging me the user to enable the FW, but I should leave it at that, am I correct?
     
  9. lucd

    lucd Registered Member

    Joined:
    Jan 30, 2018
    Posts:
    389
    Location:
    Island of Woman
    one consideration when using SimpleWall (SW), if you go to Security Centre and enable Windows Firewall (WF), WF is gonna bypass SW rules and allow outgoing connections, ie if you disable chrome.exe in SimpleWall and enable Windows Firewall in Security Centre , chrome.exe is going to connect according to WF rules, so when using SW you have to accept that the Security Centre will be forever in red (tested on latest 1909 and 2004 win10, SW version 3.2.4 - I think it behaved differently before as per what OP said that SW and WF can co-work, well not anymore), completely another story with third party programme controlling WF, ie ESET+SW and both programs co-work nicely respecting each other rules
     
    Last edited: Oct 3, 2020
  10. korben

    korben Registered Member

    Joined:
    Nov 5, 2009
    Posts:
    899
    Roger that! Will do as advised, appreciate it.
     
  11. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    622
    Location:
    Lunar module
    Leave it as it is.
    No bypass. Windows Firewall rules have the highest priority and are processed first, and after them the SW rules will be triggered. It's like two doors one after the other, if at least one door is closed, there is no passage. If chrome.exe is allowed in WF but blocked in SW, it won't be able to go online.
    But using two firewalls at the same time is a wrong and redundant solution.
     
  12. lucd

    lucd Registered Member

    Joined:
    Jan 30, 2018
    Posts:
    389
    Location:
    Island of Woman
    I know what you are saying, I know FW has priority too, and I thought the same as you but did it 2 minutes ago, Chrome blocked in SW allowed in FW and it can connect despite being blocked (SW rules work fine on me only if I disable FW) , I was shocked and ran to disable FW fast, it was like you said but in the past with previous installs, I am on VM 24/7 thought (dunno if relevant) and no system is always completely equal (srp gpo policies, drivers, programmes) anyway it is better to have it off if SW is deployed, Henry recommended disabling FW, he said they can work in tandem but recommended disabling

    I would agree with you 100 per cent until I did some tests and saw it with my own eyes, please check if you have same problem
     
    Last edited: Oct 4, 2020
  13. lucd

    lucd Registered Member

    Joined:
    Jan 30, 2018
    Posts:
    389
    Location:
    Island of Woman
    If not I'll nuke the system see if it goes back to normality, that thing is a bit strange it should be like you said (but its not on this host)
     
    Last edited: Oct 4, 2020
  14. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    7,148
    Location:
    Hawaii
    I am following this exchange with great interest. I deeply appreciate your efforts.
     
  15. warrior99

    warrior99 Registered Member

    Joined:
    Nov 21, 2014
    Posts:
    47
    Also following this, usto use simplewall but had issue's with my Vpns so wont to wfc.
     
  16. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    622
    Location:
    Lunar module
    Jawohl, nuke your system. No bypass.
    Tested with Windows Brandmauer (Windows Firewall Control) + SimpleWall + Firefox. The screenshot shows almost updated alerts, first the WFC alert appears, then the SW alert. Firefox cannot go online until enabled in Windows Brandmauer and in SimpleWall.
    11.png
    Chrome, I think it creates a permissive rule on its own, find it, the SW rules are located in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BFE\Parameters\Policy\Persistent\Filter
     
  17. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    622
    Location:
    Lunar module
    If it's not Google Chrome, but a pre-installed metro-app Microsoft Chrome, the rules can be in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\AppIso\FirewallRules
     
  18. lucd

    lucd Registered Member

    Joined:
    Jan 30, 2018
    Posts:
    389
    Location:
    Island of Woman
    Aldist is right, sorry Korben

    turns out SW doesn't work on my host not even spy shelter firewall, the GUI and icons are there but I can't block any browser connection with spy shelter firewall and SW, ie Firefox and Chrome cannot be stopped on this machine, some stuff I can block like some programs but not browsers, I know how to use SW and spy shelter firewall so its not lack of knowledge or mistakes - I know the GUI by the book by now

    And I found out thats because I am using adguard who handles the browsers and its own connections (what else I wonder? ) : it bypasses spy shelter and SW rules allowing browsers in and out

    1) if I disable adguard in SW, Firefox and Chrome can't connect
    2) if I enable adguard in SW and block Firefox and Chrome, they simply don't respect spy shelter firewall or SW rules: browsers can connect and they are handled by adguard and blocking them in SW does nothing

    chrome.exe and firefox.exe become adguard.exe so to speak for SW

    adguard complicates things (depends also on the rules) , so no need to nuke hopefully it's adguard's doing, nothing to do with FW, and it doesn't matter if its on or off (if its on with adguard and sw you get all sorts of new bugs, eg. blank network alerts in SW)

    might need to verify it better : I also suspect that anything filtered by adguard gets an automatic SW bypass partial or total, why? because I also have steam blocked in SW and I was receiving steam updates, I was wondering how is that possible before this find, but for instance if I block steam in SW I can't login to steam just update it (steam is offline but starts updating when I close it) ok I stop before it gets too messy, just don't trust these filters with adguard on.
     
    Last edited: Oct 6, 2020
  19. co22

    co22 Registered Member

    Joined:
    Nov 22, 2011
    Posts:
    385
    Location:
    router
    i have similar problem sometime back with different apps ("app without internet access" have internet access)
    maybe because i upgraded from older version or not.not sure exactly how i fixed:doubt:
    i think i have user or system rule that allow 127.0.0.1 for all apps.
    but remember i look at github and found this too https://github.com/henrypp/simplewall/issues/545
    also remember i unticked allow loopback connection for all (recomended ) in settings -> rules
    again i don't remember how fixed it:thumbd: :doubt: but was from my side
     
  20. lucd

    lucd Registered Member

    Joined:
    Jan 30, 2018
    Posts:
    389
    Location:
    Island of Woman
    this fixed it

    EDIT: nuked just in case:)
     
    Last edited: Oct 9, 2020
  21. pb1

    pb1 Registered Member

    Joined:
    Apr 4, 2014
    Posts:
    658
    Location:
    sweden
    Have any of you users a solution to the fact that it can not be added to the context menu. How can i add allow/block to that menu?
     
  22. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    7,148
    Location:
    Hawaii
    Hmmm... I have used many firewalls over the years but none of them had such a capability.
     
  23. act8192

    act8192 Registered Member

    Joined:
    Nov 9, 2006
    Posts:
    1,709
    Sphinx firewall from http://www.sphinx-soft.com/Vista/index.html puts some rules into the context menu. Read the description and then more details using the menu on the left. Ignore their "vista" in the name. It's for XP, vista, 7, 10.

    EDIT: I just checked something. Rules in the context menu are only for Windows 10 and in the paid version (mine is plus).
     
    Last edited: Nov 22, 2020
  24. pb1

    pb1 Registered Member

    Joined:
    Apr 4, 2014
    Posts:
    658
    Location:
    sweden
    Sordum has a program, extension, for W.D Firewall and i hoped it would exist something for Simplewall to. Sphinx has it from the Plus version and up but it is to costly, good firewall extension but not worth that type of money.

    Maybe i should mail HenryPP about adding that possibility to Simplewall. It would be nice to be able to Allow an installation, an exe, from the beginning and not having to allow repeatedly along the way. Sometimes that stops it and one has to start all over.
     
  25. SeriousHoax

    SeriousHoax Registered Member

    Joined:
    Mar 27, 2019
    Posts:
    11
    Location:
    Bangladesh
    WFC has this feature.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.