Windows Firewall Control (WFC) by BiniSoft.org

+1. 99% of users have a PDF reader, but 100% have a CHM reader.

But you can also launch elevated processes from an unelevated process with ShellExecute's "runas" verb. Normally, wfc.exe won't be running elevated, so the current behavior doesn't help in that circumstance.

 

You can launch another process. This is the same process, this would mean to close it and restart it again, accept the UAC prompt, and then have it elevated.

 

Windows Firewall Control uses it's own mechanism that saves the coordinates of a window when it is closed. These coordinates are restored when the window is reopened. Because the saved coordinates contain absolute values, there are scenarios when these coordinates can't be restored. The default size and position is restored when:

- the window is closed and at least one pixel of it was outside of the screen
- the screen resolution is changed
- a different DPI scaling is used
- the window is closed when a secondary monitor is used and the monitor is removed

 

I saw that in the CHM file, I'm not sure what to say, on the first day I used your firewall, I was able to get both the rule and connection window to save properly on my second monitor, but after that, something happened and they will always default to my primary one no matter how I have them setup when closed. I've just given up and learned to live with this. I can say for certain that all 4 of those points are checked off as being not the issue.

 

Unfortunately that is not really the case. I have a 2nd monitor and if I enlarge the (rule manager) window over a certain size on the 2nd monitor WITHOUT any pixel on the first monitor - even clear under the full size, the window is resetted the next time. That was ALWAYS the case here and is reproducable.

My resolution on both monitors is 2 x 1920 x 1080p.

 

I would like to keep the current design as is. Specifically, looking at the current design's drawbacks list above:

- Inaccessibility of policy files on network shares: does this touch a common scenario among WFC users?
I'd have thought that this might be only relevant to corporate setups, but then at Corporate they have scripts that pull all kinds of files from a central share after boot - can't a WFC policy file (with "ALLOW" access in WFW) be pulled into the local system just the same?

Also, from a security POV of SOHO or home setup, I like the idea that rogue network shares can not influence my local WFC policies.

- Incorrectly retrieves WIN10 Store Apps: Is this can be solved by a helper function, with different credentials (IMHO UAC dialog here is quite OK) that will build the appropriate Rules Names/Description/Group Names and pass them on to the WFC for inclusion?

- Portability: discussed in other comments above. My personal opinion is that I don't need portability. WFC is a system utility, not an application that I repeatedly move from machine to machine. Also, I normally like portable programs in order to avoid contamination of the registry / dropping endless files in various places. This is not the case with WFC.

- Antivirus program interference: can't WFC be whitelisted in the AV program once by the user and by that avoid future interference?

Also, regarding the expected development effort - unless there are many support requests or complaints that the new proposal will resolve, why to engage in a non-trivial re-design effort which does not bring major features to the table?
In addition, there is a high probability that a major design change will bring with it instability and support requsts for a few weeks/months after introduction due to some unforeseen ill effects. Are the expected benefits from the new design worth it?

 

Is there a known problem with importing rules on Windows 10 CU?

I tried to import rules from a previous export and I ended up losing all my custom rules. WFC did not display any message to say the import was successfull or not.

I tried the import from the command line, using the Netsh advfirewall import command, and Windows reported the file was not a valid policy file.

 

What extension has the file that you want to import ? *.WFW or *.WPW ? WFW is a Microsoft format. Importing this format from an older Windows version to a newer version of Windows is supported. WPW extension is an XML format (you can open it in Notepad to take a look) and is used by WFC to export and reimport specific firewall rules. On import, WFC reads the rules properties from the file and creates the rules one by one.
1. Are you able to create a new rule from WFC ? The same code used to create a new rule is also used when importing a WPW file.
2. Have you checked the WFC log to see if there is an exception during the import ?
3. Make sure that your antivirus (including Windows Defender) does not block WFC from creating new firewall rules.

I also use Windows 10 Creators Update on one of my machines and WFC works correctly. The problem must be something on your side.

 

Windows Firewall Control v.4.9.7.0

Change log:
- Important: Starting with this version, WFC is targeted to use .NET Framework 4.6 instead of .NET Framework 4.5 which is outdated.
- Important: Removed support for Windows Vista and Windows Server 2008.
- New: Added '-nogpu' parameter to wfc.exe. This will turn off GPU hardware acceleration when rendering WFC. Use this when connecting remotely to a machine where hardware acceleration is not available.
- New: Added the Action column in Connections Log so that the entries copied to clipboard will contain also the action among the other properties.
- New: When the WFC tray application can't connect to WFC service and the exclamation mark icon is displayed in the system tray, left click on the WFC icon will open the user manual to the Troubleshooting section. Also, a 'User manual' entry is available in the right click context menu.
- Updated: The troubleshooting section of the user manual was updated.

Download location: https://binisoft.org/download/wfc4setup.exe
SHA1: b3e193b72027879e693b46a390aec82c653249e6
SHA256: 90a61add821b4af52ba8e6c3f2a2460df514b859d101d103233aa121fddbe648

For Windows Vista and Windows Server 2008 users, the latest version that is supported on these operating systems can be downloaded from here: https://www.binisoft.org/download/old/4960/wfc4setup.exe

Best regards,
Alexandru

 

Is the User Manual bugged for anyone else after the newest update? All the images on it are non existent.

http://i.imgur.com/ZzHnn9X.png
http://i.imgur.com/TPxPp6h.png

Every page is like so...

 

Seems okay for me...

http://i.imgur.com/NH8qFLR.jpg


http://i.imgur.com/duec3xp.jpg

 

Does anyone have any rules to prevent Windows 10 store from phoning home, auto downloading apps, cortana, etc?

 

Here's a solution that supposedly works. It comes from a well respected member but I haven't tried though, as I have never used Windows 10 before:




I suggest to login at MDL forums to see full information:
https://forums.mydigitallife.info/t...on-truly-block-everything.64640/#post-1131004

 

Just want to quote myself and say this was fixed with a reboot of the system.

 

Hi is anyone else here on the latest Insider build of Windows 10 and using WFC?
On my system WFC is unable to change the state of the Windows Firewall. Also I cant delete any rules. They just get renamed to a random GUID?

I don't expect any help just want to know if others are experiencing the same issues on build 16176.

 

I just had time to install this build. Indeed, the profiles can't be switched from WFC. Probably they have changed/removed something, because netsh will become obsolete in the future while they try to enforce the use of PowerShell. I will take a look at this in the following days.

 

Thanks for confirming my findings. Nice to know it's not just me!

 

+1

 

Yes,It can't change the WFC level also and create many weried list name on random GUID
I'm on build 16179

 

Thanks

 

Are notifications no longer displayed for inbound notifications?

I'm setting up a new system and haven't received and inbound connection attempt alerts. It's been some time since I've set up the program from scratch but I'd swear I used to get notifications for incoming connections. I just double checked my settings and I'm not seeing anything regarding it. Was this feature removed?

 

I have a question, I noticed that sometimes outbound connections from my browser and video downloading tools are blocked even though there are no blocking rules made via WFC. I can see the blocked connections via the "Connection Log". So must this be caused by other tools?

 

WFC never displayed notifications for inbound blocked connections. The notifications displayed by Windows Firewall Control are for outbound blocked connections and they work only when Medium Filtering profile is used. When enabling Medium Filtering profile, the outbound filtering is enabled in Windows Firewall and this means that all programs without an allow rule are blocked by default.

Windows Firewall itself displays security alerts for programs, other than Windows services, that attempt to listen for unsolicited incoming traffic and the incoming traffic is blocked. These security alerts can be enabled/disabled from Windows Firewall and are not configurable from Windows Firewall Control.

This can be a custom hosts file or a program like PeerBlock that blocks IP addresses based on a blacklist. All blocked connections are logged in the Security event log and will generate new notifications even if they weren't blocked by Windows Firewall. The Connections Log contains the entries filtered from the Security log of the system. The same entries are the source of notifications displayed by Windows Firewall Control.

 

Thanks for the info!

 

UPDATE: After further investigations:

A. I updated the code to change the profile by using Windows Firewall API instead of using the netsh command which seems to be deprecated in Windows 10 Redstone 3 build.
B. Unfortunately, WFC can't delete any firewall rule in this version of Windows because the same Windows Firewall API is broken. Any call to NetFwTypeLib.INetFwRules.Remove will result in an ArgumentException with the result Value does not fall within the expected range. I tried everything that I know, but without success. It seems that this method doesn't work anymore. As a result WFC can't remove firewall rules anymore in this Windows build.

There are three possible ways to resolve this:
1. Microsoft fixes the Remove method so that it will work again like it worked in the past. I doubt it, since I already reported them some bugs that I found in Windows Firewall API a few years ago and the same bugs are also present in Windows 10.
2. WFC can delete a firewall rule by invoking PowerShell through a batch file, which sucks, to avoid the installing of the latest PowerShell SDK which sucks even more. But, PowerShell can have an execution policy set, so this solution may not always work.
3. I do not add support for this Windows build.