TinyWall Firewall

Discussion in 'other firewalls' started by ultim, Oct 12, 2011.

  1. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    573
    Location:
    Hungary
    Yes. These rules are only needed and will only be created when the WF service is running. If WF is disabled, then there is no need for these rules and they also will not be created.

    When you uninstall TinyWall3, these rules are deleted so your computer is not left in an insecure state.

    And a different topic: new beta with some fixes is imminent.
     
  2. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    3,699
    Location:
    Mexico
    Great. I hope it could be released today.
     
  3. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    573
    Location:
    Hungary
    Well, it is always released today, you just have to know which today :)

    This release contains some I-would-say-critical fixes, so all beta users are recommended to upgrade. Changelog:
    - Profile updates for network printers and remote desktop
    - Fix trying to unset password results in user lockout
    - Fix parts of exit code not run when service is shutting down
    - Fix GUI crashes if local config differs from service
    - Fix tray menu entry visibility issue after (un)setting password
    - Fix specified ports not shown in GUI when editing an existing rule
    - Fix WF compatibility rules can be added multiple times
    - New feature: Password-locked service requires the password to uninstall

    Furthermore, I discovered that whitelisting an executable from a network share is broken in the betas. I know the reason, but I'm still scratching my head how to properly solve it, so it remains a known issue until some future release.

    Download link
     
  4. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    12,762
    Location:
    The Netherlands
    OK, now I understand. BTW, has the GUI been changed, can you perhaps post a couple of screenshots?
     
  5. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    573
    Location:
    Hungary
    It hasn't really changed. Of course it has received improvements and fixes, but it's still the same visual design. That won't change in TW3. I know it's not flashy or even modern, but IMHO it is something that most users can easily navigate without too much hassle. In the future I want to completely overhaul the GUI though, but I've got so many wishes/ideas for TinyWall that I will certainly be occupied in the next couple of years with it. So I have to heavily prioritize for 3.0 if I want to make a stable version available anytime soon.

    About the screenshots, I'm going to be very mean: Why not just try the beta yourself? :D
     
  6. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    12,762
    Location:
    The Netherlands
    OK cool, the old GUI was not that bad. And I'm not going to lie, I don't want to mess things up, that's why I haven't tried it yet. I'm waiting for the final release. BTW, about Sandboxie, it will become open source, would you perhaps be willing to take a look at it? Perhaps you can combine TW with SBIE, just kidding. :p
     
  7. gmw

    gmw Registered Member

    Joined:
    Aug 24, 2019
    Posts:
    20
    Location:
    Australia
    I updated to v2.99.9. All went smoothly except for the following notes:

    * The installation put the tick back in "Enable global hotkeys", I had removed after installing v2.99.8. I doubt this matters, since I am not even sure what the global hotkeys are.

    * The problem I reported in v2.99.8 still exists: after a reboot I have to untick "Unblock LAN Traffic" and then tick it again before the local file and printer shares become available (even though File and Printer Sharing is ticked). This is not a caching problem, the mapped drives stay disconnected until I do the reset of the LAN traffic option.

    Is the installer for this beta supposed to turn off Windows Firewall (it doesn't), or is that left as an exercise for the user? It's not hard, just wondering.

    Is there a document or post somewhere that says what the "Enable blocklists" options do (and how to use them)? Just curious.
     
  8. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    3,699
    Location:
    Mexico
    Yes. Some customs settings are reset to default, namely "Connections" window (checkboxes) and those @gmw posted too.
     
  9. g17

    g17 Registered Member

    Joined:
    Sep 30, 2017
    Posts:
    17
    Location:
    MI
    I really like TW, and love that development is active, but am not a real high level user, or even highly knowledgeable about most of this stuff.

    So bear with me on this question.

    In the application exception tab where you can grant or deny access to programs, there is 1 that bugs me: svchost

    The problem is this service is used for many things and it is not clear when you grant access (which you must) what you are allowing.

    Is it possible to list out which programs are using this service so a better determination can be made as to access?

    I use many of the sys internals programs to get a better understanding of what is going on under the hood, but have not found a program that can demystify the use of svchost. Any software recs would be most appreciated. Thanks.
     
  10. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    14,289
    Location:
    UK
  11. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    573
    Location:
    Hungary
    Hi gmw,

    Can you please do the following experiment for me? Add an exception for svchost.exe for remote UDP ports 1900 and 3702. Does it work now if you disable "Unblock LAN Traffic"?
     
  12. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    573
    Location:
    Hungary
    Just a short notice that I'm going to be abroad for the most of October (first part business, second part fun), so development won't advance in this month. I'll be back on the 4th of Nov.
     
  13. dionysus

    dionysus Registered Member

    Joined:
    Sep 3, 2019
    Posts:
    5
    Location:
    Warwick, Rhode Island, USA
    Have a safe and good trip.
     
  14. Vilmalith

    Vilmalith Registered Member

    Joined:
    Nov 28, 2007
    Posts:
    68
    Does anyone have a working link to the update on 9/16? I just get a 404 Not Found page.
     
  15. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    573
    Location:
    Hungary
    EDIT: new link
     
    Last edited: Oct 11, 2019
  16. gmw

    gmw Registered Member

    Joined:
    Aug 24, 2019
    Posts:
    20
    Location:
    Australia
    Sorry for the delay. Yes this exception makes File and Printer Sharing work even if "Unblock LAN Traffic" is not ticked. Note, however, that I still have problems after a reboot. The shared drives refuse to reconnect until after I have changed the tick on "Unblock LAN Traffic" - but this time (with the exception in place) it doesn't matter if I simply untick it, it seems that any change is enough to make TinyWall reset something that needs resetting after a reboot. Until that happens the drives will not reconnect.

    Note: the reboot problem is not completely consistent, sometimes things seem to come back okay, but usually not. The most consistent bad result appears to be if I wait for the system to settle before I login (since I'm testing on a VM I wait until the CPU drops on the host).
     
  17. gmw

    gmw Registered Member

    Joined:
    Aug 24, 2019
    Posts:
    20
    Location:
    Australia
    Further to my last post and the inconsistency of problems at reboot: I just did some Windows updates on a system that does automatic login, and TinyWall seems to come up perfectly each time on that system. All my other systems are currently manual login and those almost always need me to do the tick/untick thing on Unblock LAN Traffic, after a reboot, in order to get the network working properly.
     
  18. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    573
    Location:
    Hungary
    Ok, well at least we now know your problem had two factors, and one of them is solved with the updated rules. Previously those ports were only used by a service by svchost, and so consequently TW has restricted the exceptions to the service. It very much looks like I cannot do that anymore, because MS has moved them again to a different service or maybe are not even part of a service anymore at all. Will be fixed in next version.
    The other part of your problem has something to do with boot order of services, but I'm still at a complete loss here. I use network drives and shares myself actively, and the worst I experienced is that shares might not be accessible for about 30 seconds after desktop is up, but it always resolves itself automatically if I just wait out these few seconds, without having to do anything. I'm afraid I cannot do much in this regard, and even less when boot-time filters are introduced in the next update.
     
  19. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    573
    Location:
    Hungary
    I'm in a somewhat ironic position in the past days. On one hand I have a firewall that I am fixing and patching up to be as secure as possible. On the other hand I am punching holes in another firewall. Greetings to all from Shenzhen.
     
  20. kerykeion

    kerykeion Registered Member

    Joined:
    Jun 30, 2010
    Posts:
    280
    Location:
    Philippines
    A little further south, you'll be in HK. Glad you're fine, will be testing this firewall again, when time permits.
     
  21. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    573
    Location:
    Hungary
    Thanks. Right now this is a business trip with tight schedule so I cannot go anywhere I want to. I'll be in HK though 1-2 Nov. on my own, and my plane will leave there on the 3rd.
     
  22. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    12,762
    Location:
    The Netherlands
    I decided to install TinyWall, but it keeps exciting when I try to load the GUI. Is this because I didn't disable the Win Firewall, is this a requirement? For the record, the TW service did install correctly. I'm using Win 8.1 64 bit.
     
  23. askmark

    askmark Registered Member

    Joined:
    Jul 7, 2016
    Posts:
    392
    Location:
    united kingdom
    Did you download the installer from the latest link (below) or an earlier version? When i installed the first beta I had the problem you're describing, but this was fixed by installing a newer beta.
     
  24. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    573
    Location:
    Hungary
    The newest beta doesn't need WF. If you downloaded the stable version from the website however, then you still need WF.
     
  25. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    12,762
    Location:
    The Netherlands
    Yes I know, but should I disable it, or is the problem that I described related to something else. What happens is that TW runs correctly, but when I try to launch the GUI via tray-icon it exits. This never happened with TW version 2.

    I downloaded this file in August 2019, so it's one of the latest TW versions, to be exact v3.1. So there seems to be something wrong on my system. I hate these problems, I had the same with the newest SpyShelter version, so I'm using an older version. It's because of this stuff that often don't even bother to upgrade to newer versions.
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.