TinyWall Firewall

Discussion in 'other firewalls' started by ultim, Oct 12, 2011.

  1. FredB

    FredB Registered Member

    Joined:
    Apr 27, 2020
    Posts:
    5
    Location:
    Australia
    Hi. I tried that but no go.
    It appears wireshark relies on the npcap service. It is stopped and can't be started?
    It worked after tinywall install but on first reboot after install that was when stopped working?

    One other quick question, the blocklists , are they editable at all?
     
  2. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    648
    Location:
    Hungary
    As I said, that was an unrelated suggestion - for the case when you get Wireshark working.

    These are two more clues that TinyWall is not the problem here.

    Not currently but planned for v3.1.
     
  3. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    648
    Location:
    Hungary
    Actually, you "can sort" of edit them even now, or at least get the same functionality by emulating it as a workaround. The method is based on disabling the built-in blocklists and adding your own:
    1. For the port-based: Disable the built-in port-based blocklist, then add a new TinyWall block-rule that blocks your specified ports. In v3.0 you can do this now, because it added the possibility to add rules for the whole machine.
    2. For the domain-based: Disable the built-in domain-based blocklist, disable hosts file protection, and add you own custom hosts file to Windows. You can then optionally re-enable hosts file protection in TinyWall.
     
  4. FredB

    FredB Registered Member

    Joined:
    Apr 27, 2020
    Posts:
    5
    Location:
    Australia
    Thanks for your help.
    Also thanks for for this software really liking it so far.
     
  5. Orlok

    Orlok Registered Member

    Joined:
    May 4, 2017
    Posts:
    12
    Location:
    Nigeria
    Thank you for your response. :)
     
  6. Sm3K3R

    Sm3K3R Registered Member

    Joined:
    Feb 29, 2008
    Posts:
    600
    Location:
    Wallachia
    I have installed TinyWall 3.0.4 on 2 machines.On one it was the update from previous version.

    One with an older Windows 10, maybe from 2016, some AMD AM1 5350 mini machine - used rarely, can t remember exactly the version (to lazy to look), build 10586 and another one with the latest Windows 10, version 1909 , latest build - whatever that may be.

    Now, i ve reported/said, in my porvious posts, the thing related to the rules creation issue (as i see it).
    I also see the window glitch is fixed with the new version.

    What i ve observed in the older Windows 10 is that indeed, when you unblock an app ,in the Connection window, a new window to create a rule will show up and the Windows message in the lower right corner will slide in , in it s annoying way :).This messaging and the noise is something annoying for me i should mention :).As such the latest Windows 10 i have on the second machine, does not have the messaging active, as either way it behaves and looks differently, from the 2016 Windows 10 version (don t know if it s better though - less annoying - as it spams useless info as well).

    So to clarify a little, on the main machine, with the newer Windows 10- spytodate, the messaging is off and as such i do not receive a pop-up with a window to create the network rule for the app, when i choose unblock.Thus my previous posts in relation to the custom/granular rules making.
    So the experience with the app may be different on different Windows 10 versions.

    Had to clarify this to not look like a moron. :)
    So for me, on my newer machine, that way of making the rules, described previously, is what i can do as it is now.So adding that option there may be needed for some people that use different settings..

    Other than that the version looks stable, no crashes yet.

    Easier to make rules on the older Windows 10 versions though :)
     
    Last edited: May 3, 2020
  7. Sm3K3R

    Sm3K3R Registered Member

    Joined:
    Feb 29, 2008
    Posts:
    600
    Location:
    Wallachia
    More feedback and questions:

    1.How should the Password protection section behave ?

    I have set a password, but the Enable checkbox stays unchecked after reopening the window, even though, on the older Windows build install(detailed in previous post) at least, a message/notification tells me that the settings of the firewall were updated.
    Looks like nothing changes, the password is not enforced in any way and I can do modifications in the firewall settings without any problems.

    2.A double click, on the firewall taskbar icon, wouldnt be better suited to open the Main window - Manage ?

    If there is info needed, regarding some windows services settings, i can share without any problem.

    There is magic in this firewall -it BLOCKS.
     
  8. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    648
    Location:
    Hungary
    Even if you don't see the popup messages, you'll get a chance to customize every new rule from the Connections window (and others too), if you enable "Prompt for exception details ". This option makes the rule customization dialog show up automatically and is independent of the messages or whether you have them enabled in Windows or not. ;)

    The checkbox for the password in the Manage window is not an enable/disable switch, mind you. You check it when you want to change the password (add, remove, or modify). So it is normal that it is disabled every time you open the Manage window.

    When a password is set, a new option in the tray menu will show to Lock or Unlock TinyWall (depending on the current state). You can tell if TinyWall has a password set depending on the presence or absence of this menu item. When you freshly set a new password, the firewall is in the unlocked state, this is why you couldn't observer any difference in behavior. But you could set it to locked using the new menu item, and after that you need to unlock it first before you are allowed to change any settings. TinyWall will also automatically lock itself (without you telling it to) after a few minutes of user inactivity and also after each reboot. I just tried, it works wonderfully.

    I suggest you try the password lock feature first on the machine where you didn't disable notifications in Windows. This way you can clearly see the messages when TinyWall asks you to unlock it first. You don't need these messages if you know what is going on, but if you have never used this feature before, without these messages it could be a bit confusing I guess.

    I cannot for technical reasons. I can either define a single-click or double-click action, but not both. This is might be only a framework limitation but I need to live with it.
     
  9. Sm3K3R

    Sm3K3R Registered Member

    Joined:
    Feb 29, 2008
    Posts:
    600
    Location:
    Wallachia
    "Prompt for exception details " is Enabled on both machines :) Nothing shows in the newer machine tweaked to be as silent and peaceful as it can be :)
    Is there a windows service that is required to be ON in relation to this interaction ?

    On the newer W 10 machine i ve played with the password thingy and , AFTER A RESTART , i have observed a Unlock/Lock option, at the right click menu.A computer restart was needed to see the option in the menu.As i was playing with the firewall modes, to check connections made at start-up, firewall being in the Block ALL mode, i could not switch back to the Normal Mode, only then i ve spotted the Unlock option :)
    So after a computer restart it was working in someway.

    Thank you for the responses and feedback.
    Keep in mind that i am able to use your software just fine, as it behaves for me.I can make my rules, even if some non-essential features are limited.
    It blocks, it works, and it can be enhanced, no doubt, in the future. :)
     
  10. boootloader

    boootloader Registered Member

    Joined:
    May 10, 2020
    Posts:
    1
    Location:
    europe
    First of all I want to thank the creator of this nice free firewall. This "TinyWall" firewall reminds me of Sygate, another nice firewall which I used on WinXP, but unfortunately is no longer supported by the new versions of Windows. Sygate had a very nice graphical interface.
    I have a question regarding TinyWall. I don't have an explanation why an .exe file (let's say xxx.exe) which previously I permanently blocked in the Firewall Setting, is shown simultaneously in all 3 connections windows.
    For example, I can see xxx.exe with state "Listen" in "Show open ports", I can see xxx.exe with state "Established" in "Show active connections", and I can see xxx.exe with state "Blocked" in "Show blocked apps (in last 2 mins)".
    I appreciate to get a detailed explanation of the 3 states of the firewall. Blocked, no doubts I understand what is doing, but Listen and Established states, is not clear to me if xxx.exe is communicating somehow with the external world, even I permanently blocked it, with "always block all traffic". Thank you.
     
  11. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,023
    Location:
    The Netherlands
    I have 2 questions. Lately I'm having problems with Instagram, pages don't load correctly, can TinyWall interfere with website loading in theory? Also, I have been checking the connections log from WFC, and lately it seems that a lot less connections are being blocked, normally I would see at least 100 connections being blocked (spread over several days), now I get to see only about 10 connections, do you have an explanation for this?
     
  12. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    648
    Location:
    Hungary
    Hi,
    I can only guess unless you send me a screenshot of your Connections windows, but my guess is that the listening and established sockets you see are for loopback connections. TinyWall doesn't filter loopback traffic because it never leaves your computer. A loopback connection is used only to communicate between processes within your machine and is nothing else than a glorifies IPC mechanism that shouldn't go through firewalls (it is common even for offline/non-networked apps to use it).
     
  13. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    648
    Location:
    Hungary
    In theory yes, but it is very unlikely. I can only imagine 3 cases:
    - If the website needs an external browser plugin whose executable is blocked by TinyWall (browsers today don't work like this usually, so very unlikely)
    - If the website uses a non-standard port or webrtc, and you've wrongly constrained your browser's ports in TinyWall (you probably didn't specify ports in TinyWall anyway, and even if you did, I don't think Instagram needs anything else than 443)
    - If the ad-blocklist integrated in TinyWall blocks an online ad on the website, and the site runs adblocker detection scripts (if this is the case then the website usually tells you and doesn't just show corrupted pages).

    I don't think a popular site like Instagram would fall in any of these categories, but I don't use it, so I don't know. I'd say, 99.9% TinyWall is not your problem.

    Could be anything and we cannot even guess, without knowing what was there before that isn't anymore. This is probably a good thing though. Be glad :)
     
  14. Sm3K3R

    Sm3K3R Registered Member

    Joined:
    Feb 29, 2008
    Posts:
    600
    Location:
    Wallachia
    In relation to Rasheed187 i could add some info.Windows 10 is indeed a strange operating system.

    Tinywall uses the filtering platform so as such Windows Firewall itself can be safely turned off, so I did that to get better/lower latency.
    I have removed WFC as well, which is an interface for the Windows Firewall itself.

    I have observed a strange thing with Origin-EA-s software, on the W10Pro 1909.For the Friends/chat to work an Outbound Remote TCP 9000 port Allow rule must be made in the firewall (any firewall).Sometimes this rule does nothing and it s random.Seen the problem with the Windows Firewall alone.So some apps work and some not.Origin uses some internal software proxy of some sort.
    Strange network issues(lack of connectivity) has been observed without Tinywall on an older W10 machine .It s like randomly between the internet and the PC another network filter shows up.

    It would be interesting to know how is the Windows 10 network stack working .
    Lately they ve add-ed all kinds of autopilot stuff, so it has a mind of it s own regarding networking as well, most probable.

    Maybe, maybe, the windows defender network filtering is much more active than it looks, even if you disable the windows firewall by yourself, thus the OS to update itself as it wishes :)
     
  15. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,023
    Location:
    The Netherlands
    Thanks for the info. I also didn't think that TinyWall was the problem, but I was running out of clues. I upgraded Vivaldi, deleted cookies and disabled all extensions but it didn't solve the problem. But seems like the problem is gone for now, I'm guessing Instagram fixed their website. However, I believe that Vivaldi's cache is perhaps corrupted, because I just saw that some other site isn't displayed correctly either. Perhaps it's a Vivaldi+Sandboxie thinghy.

    Strangely enough I'm now all of a sudden getting to see more blocked connections. Normally I get to see blocked connections from mostly vivaldi.exe, explorer.exe and svchost.exe, probably because I'm using Spybot Anti-Beacon which blocks stuff related to phoning home. BTW, I didn't find any setting in TW related to ad-blocking?

    https://www.safer-networking.org/products/spybot-anti-beacon/
     
  16. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,023
    Location:
    The Netherlands
    And BTW, how to allow Internet Explorer to make outbound connections? I couldn't do it via TinyWall when I tried to test something in IE.
     
  17. megaman123

    megaman123 Registered Member

    Joined:
    May 21, 2020
    Posts:
    2
    Location:
    earth
    Hi, im having a problem with ram usage. The usage is insane, see pic:

    https://i.postimg.cc/vZ6Dn0mF/tinywall.png

    1402MB for a lightweight tinywall program? o_O

    What is going on? I have updated to latest version, it always takes too much ram. If I can't find a solution, I will have to resort to Simplewall, I have heard its similar. I really love Tinywall, knowing everything its blocked by default, and it doesn't bother me with notifications every second, but this ram usage is nonsense.
     
  18. fblais

    fblais Registered Member

    Joined:
    Jul 31, 2008
    Posts:
    1,259
    Location:
    Québec, Canada
    Put it in learning mode?
     
  19. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,023
    Location:
    The Netherlands
    Didn't think about this, but I prefer not to use "Auto Learn" mode. To clarify, I gave both of IE's processes outbound access via "whitelist by process", but it didn't work.
     
  20. Heimdall

    Heimdall Registered Member

    Joined:
    Jul 29, 2009
    Posts:
    185
    Hey ultim. I've recently installed TinyWall on 1909 and have "Prompt for exception details" enabled but I never get any 'pop-ups' for modifying or creating a rule when unblocking from the connections window. Is there something else that needs to be enabled?

    Thanks.

    Edit: I can get notifications through Windows Notifications but that's pretty awful.

    Edit2: I found it. I didn't realise I had to select the TW tray icon after unblocking in the connections window to activate the rule dialogue.

    Edit3: I have an additional question. I'm seeing system blocked in the connections window. The actual detail is:

    system - 0 - ICMPv4 - pc address - 0 - router address - blocked - out.

    I have tried with Filtered ICMP traffic checked and unchecked under Special Exceptions, I also have Unblock LAN traffic selected. I understand what the traffic is just not sure why it's being blocked? Also, when creating rules, there's only options for TCP and UDP.
     
    Last edited: May 22, 2020
  21. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    648
    Location:
    Hungary
    Oh, wow, yes that is insane and not normal. First time I see something like that. Memory usage is constantly around 42MB on any of my systems. I'll get back to you shortly...
     
  22. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    648
    Location:
    Hungary
    Standard procedure when you have problem whitelisting something is to try using the program once, then immediately after that fire up the Connections window, enable showing blocked connections and see what was blocked then unblock it.
     
  23. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    648
    Location:
    Hungary
    Hi,
    Nah, you shouldn't need to select the tray icon or anything for the window to pop up when "Prompt for exception details" is enabled. So I just tried it myself... and whoops it seems this feature is broken. @Sm3K3R , now I think you were also affected by this bug, sorry for not realizing it sooner.
    Will be fixed in 3.0.5 soon, which btw also brings really sweet optimizations. I'll also try to cram in the fix for @megaman123 's report, assuming I can find it quickly enough.
     
  24. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    648
    Location:
    Hungary
    The real problem I'm having is as users migrate from v2 to v3, I get more and more reports of TinyWall's icon being in "Unknown" state after booting to the desktop. I have enough reports about this to make me feel really uncomfortable, but I just cannot find a cause for it for weeks now. I also cannot reproduce on any of my machines or OSes. If anybody has this issue and would be willing to give me TeamViewer access to inspect and debug, I'd really appreciate it. Please PM me if you can help.
     
  25. ultim

    ultim Developer

    Joined:
    Oct 12, 2011
    Posts:
    648
    Location:
    Hungary
    @megaman123
    No I won't, because I believe I already reproduced (and solved it) :) Fix in next release. Happened when a lot of processes are started and stopped in a short time.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.