Even for fastmail, port 587 is the preferred port. (Source: http://www.fastmail.fm/help/remote_email_access_server_names_and_ports.html)
I see now, I'm behind the times, just been using port 26 for years. Now using 465 TLS (to send) and TinyWall is working fine. Thank you for waking me up!
Ultim, the steam profile for steam is not working. I need to set steam to allow outbound to browser the store. Just reporting.
Maybe this FW will give LnS some competition soon. I hope it becomes a very strong packet filtering Firewall, and highly configurable.
Okay, here is TinyWall RC2 (second release candidate), let's hope this works out better than the previous one. As hinted in one of my posts earlier, TinyWall had a problem running on Vista because it tried to rely on a feature that Vista does not have. The good news is, this should be fixed now and TinyWall will run on Vista. Bad news is, on Vista there is no tampering protection for the firewall rules, simply because I haven't found a way to achieve this functionality on that OS. Windows 7 users still get full protection. Other than that, I did my best to fix all issues reported in the forums and added/changed some messages in the installer to clarify some common misunderstandings. Changelog: - Fix: Disable Windows Error Reporting for TinyWall to prevent generating disk-eating report files - Fix: Do not crash if Windows Firewall logs are absent, but continue without monitoring - Fix: Check startability not just for direct service dependencies, but for the whole dependency graph - Fix: Prevent controller crash when doing "Whitelist by window" on an app that has higher privileges - Fix: Skype Home and Contacts cannot load - Fix: Steam unable to browse store - A new, more general method for crash handling - Separate "Web browser" from "HTTP(S) client" profile - Add streaming capabilities to "Web browser" profile - Also allow port 25 for e-mail clients. This is just a hack for lousy providers. - New applications support (mostly some download managers) - Add "Important notice" page to setup - If the uninstaller is not started using the tray application, notify the user about the correct way to uninstall
What's the difference between HTTP profile and web browser profile? Will the installer overwrite rules that we have for web browser profile or do we need to change it manually?
The HTTP profile is equivalent to the old web browser profile, it only allows ports 80 and 443 outbound. The new Web browser profile also allows some additional ports to allow streaming media using the RTSP, RTMP and MMS (mostly microsoft and flash) protocols. The installer will overwrite the profiles, but not the profile associations. So if the standard for program X was to use the browser profile, but the new standard for X is to use HTTP profile, it will keep using the browser profile. But all programs that use the browser profile will now have the additional media streaming ports allowed. This means your settings will keep working, but if one of your programs does not stream multimedia over the web, you can tighten the rules by re-assignning some of them the new HTTP profile.
Just curious about IP blocking, what does "it cannot handle a few million IP addresses in a timely passion" means? It would be a great addition to tinywall.
yes. I don't see a reason why most firewalls don't have these feature I hope Tinywall will have this thing before its stable release.
It means that when I tried to load one of the PeerBlock2 lists into the Windows Firewall (I dont remember which one), it took more than 15 minutes. And I have a fast computer. Not before the first stable release. But development does not stop there, so just because it won't be supported in version 1.0 does not mean won't be support ever. However, in the near future I need to concentrate on other features, like a community submission feature for profiles and custom port/profile support. 1.0 should be out soon (I don't see any more problem reports), but be assured that development of new features continues.
With Windows only, you can't. I modified TinyWall to do that, parse the peerblock list then feed the constructed firewall rules to Windows Firewall. But when I saw that it takes 10+ minutes to "feed", I left out that feature from TinyWall since it would be pointless. I will need to find an alternative route.
Thank you for your quick reply in previous question! Another question, "Always ask for exceptions" what exactly does this do? I see it is unchecked by default. I checked it just experimenting and nothing seems to be asking.
By default TinyWall does not ask you for the profile of a recognized application. If you check this option, it will. So there will only be a difference for applications that are in TinyWall's database.
Hi! Sorry for the lack of updates in the past 2-3 weeks. No, this firewall has definetely not "gone under", it just happened that because RC2 was stable some other things took higher priority. I was extremely busy doing university and other non-hobby related stuff. However, I did plan on how TinyWall should evolve in the future and I decided to include 3 more features before 1.0. - Custom port exceptions (yes, you've all been waiting for it!) - Import/export - Improving on the timer capability This also means there will probably be one more RC, but who cares how I call them as long as they are stable, right? I've also got a looong list of new features to work on after 1.0, in fact so long that I'm glad I wrote them all down because I bet I wouldn't remember all of them. So as long as I stay motivated the way I am now the future of the project is guaranteed. I will announce some of them when 1.0 is out. I will try to finish RC3 soon. Cheers, ultim
I understand the university stuff since I'm studying electronics engineering. Good news about the new features. BTW, what does improving on the timer capability means?
It means 1) adding a new timer option "Until next reboot" and 2) making the timer functionality more easy to access (easier to find).
ultim, I suggest you take a look at this. www.wilderssecurity.com/showthread.php?t=312709 this could improve tinywall
AdMuncher as HTTP(S) client allows IE9 to connect when it should be blocked. Uninstalling AM, IE9 is blocked like it should be.
skudo12: Thanks. Seven64: That is because AdMuncher works by redirecting your browser. When AM is installed, your browser connects to AM on your local machine and AM makes the real connection to the remote server over the internet. So in this case you would need to block AM. The symptom that IE can connect even when it is blocked when AM is installed is a side-effect of how AM works. TinyWall does not block IE in this case since with AM IE never tries to connect to the internet, only to your local machine. edit: This also means that you would need to give AM the "Web browser" profile.
