Windows Firewall Control (WFC) by BiniSoft.org

Discussion in 'other firewalls' started by alexandrud, May 20, 2013.

  1. soewhaty

    soewhaty Registered Member

    Joined:
    Feb 28, 2014
    Posts:
    57
    Having issues with Network Discovery and File and Printer sharing radio buttons/toggles under Advanced sharing settings win Win7x64 Ultimate. These toggles seem to be driven by the WFC profiles and I cannot override them. I have the latest WFC v5.0.0.2. I already tried to 'Restore defaults' under Windows Firewall settings in Win7. Also tried starting and setting the following services to 'Auto':
    - TCP/IP NetBIOS Helper service
    - DNS Client
    - Function Discovery Resource Publication
    - SSDP Discovery
    - UPnP Device Host
    but after reboots and whatnot the issue is still there. And the ISSUE is that I must have Network Discovery and File and Printer sharing ENABLED so that I can share my phone's mobile data via hotspot tethering. The only solution at the moment is to select 'No Filtering' profile for WFC but that eliminates the whole purpose of the fw.

    So how can I have WFC on Medium Filtering (my preferred option) and yet still have Network Discovery and File and Printer sharing enabled?

    EDIT:
    OK, managed to enable that stuff while staying on 'Medium filtering'. Here's how:
    1. Connect to a standard WiFi network, NOT to hotspot tethering from phone
    2. Windows firewall settings - Allow a program of feature through Win FW - enable 'Network discovery' and 'File and printer sharing'.
    3. Network sharing center - change advanced sharing settings - enable 'Network discovery' and 'File and printer sharing'
    4. If still fail: Windows firewall settings - 'Restore defaults' (menus to the left) and then redo from step 1. onwards.

    Now that I've succeeded in enabling Network Discovery and File and Printer sharing, however, issues with WFC persist. At least sites load but stuff like Thunderbird, Skype, Viber, etc. does not sync. How's that and why?
     
    Last edited: Nov 24, 2017
  2. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,206
    Location:
    USA
    Thanks :)
     
  3. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,425
    Location:
    Romania
    If you enable File and Printer Sharing and/or Network Discovery a new set of Windows Firewall rules are created by the operating system. They include outbound and inbound rules which are created in a group named File and Printer Sharing respectively Network Discovery. By default, these rules are disabled in Windows Firewall. If it does not work to enable these from Network Sharing Center, try to enable manually the rules from these group.

    However, if you have manually removed these rules, Windows may fail in recreating them since it just enables/disables these rules for enable/disable the functionality of network sharing. In this case, make a partial export of your custom rules, then restore Windows Firewall default set of rules and try to enable again File and printer sharing.

    WFC just enables/disables outbound filtering in Windows Firewall when you change the profile in WFC. That's all. WFC doesn't allow or block any connection.
    When you install WFC, everything remains the same like you didn't install it. However, if you swith to Medium Filtering profile you enable outbound filtering in Windows Firewall, therefore, you just need to set up some rules for the functionalities that you use.

    1. If you use Secure Rules and you don't have these two groups names in the authorized groups list, then these rules will be removed by WFC when the operating system creates them.
    2. If these rules are removed and you try to enable these functionalities, the operating system can't recreate them, even if Secure Rules is disabled.

    To debug connectivity problems, always use Connections Log. It displays recently blocked connections which can help you to find out which rules you still have to create. Pay attention to svchost.exe and System connections too.
     
  4. Eliot

    Eliot Registered Member

    Joined:
    Aug 8, 2003
    Posts:
    895
    Location:
    Computer Chair
    I got a new wifi router and connected my PC to it. I had to delete all rules and start all over. WFC was blocking everything. I had rules for all my programs and it was like they weren't in the rules list. Blocked everything from internet.

    So I deleted all rules and am recreating them as things ask for internet. Not sure why this happened but I thought I would post to see if anyone else had this same issue.
     
    Last edited: Nov 24, 2017
  5. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    4,844
    Location:
    Among the gum trees
    Maybe you changed from a Private network to Public or vice versa?
     
  6. Eliot

    Eliot Registered Member

    Joined:
    Aug 8, 2003
    Posts:
    895
    Location:
    Computer Chair
    I am not sure. If that would cause it, probably was the reason. No idea if my network was Private before but it is Public now.
     
  7. soewhaty

    soewhaty Registered Member

    Joined:
    Feb 28, 2014
    Posts:
    57
    Thank you for the reply. If I understand you correct then I did the following changes. Under WFC settings - Security I hit 'Import group names from the current existing list'. That then populated my list (which prior to that only contained Windows Firewall Control and Temoporary Rules) and then I deleted the excess rules thus just adding File and Printer Sharing and Network Discovery. So with that I now hope that set on Medium Filtering WFC won't ever block those 2. But even as I described in my prev. msg that didn't seem to be the problem. I did indeed succeed in enabling Network Discovery and File and Printer sharing (even without WFC settings - Security and 'Import group names from the current existing list'), however, issues with WFC persist. Sites load but stuff like Thunderbird, Skype, Viber, etc. does not load/sync. Again, those are issues NOT when connected via ethernet/wifi, but ONLY when sharing my phone's data to my notebook pc via hotspot tethering. So what's the cause those problems under those particular conditions?

    Also, an important side question – WFC settings / Rules – is it not best to set it to 'Outbound and Inbound' so that I have control over my apps/system in both directions – what comes in and what comes out. Why is this ‘Not recommended’, as it says there?
     
  8. Eliot

    Eliot Registered Member

    Joined:
    Aug 8, 2003
    Posts:
    895
    Location:
    Computer Chair
    I am trying to give svchost.exe access for only DNS. When I click on the rule and go to properties, I go to protocol and there is no DNS in the list. Can you please fix this?

    Apparently this cannot be done when you are behind a wifi router, that is connected to a cable modem LAN. Of course which has internet access for your PC.

    This worked before I got the wifi router.
     
  9. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,425
    Location:
    Romania
    1. Regarding the first problem, I can think only about the Location of the rule. How are defined your rules for Thunderbird, Skype, Viber, etc ? Are they defined for Private location only ? When you connect though your phone, are you on a Public location ?
    2. By default, in Windows Firewall, all programs without an allow inbound rule are denied to accept incoming connections. Use Medium Filtering profile and consider creating only outbound rules to allow the programs that you want to allow connecting to the Internet. Inbound rules are usually required for server applications and should be created only on very few scenarios. You don't want the Internet to connect to your computer (inbound), but you want you to connect to the Internet (outbound). For example, your browser does not need access to your computer. Why would you want allow receiving unwanted packets on your machine ? The same applies for most programs. Indeed, for network discovery, file and printer sharing, you need some inbound rules, but otherwise, you don't.
    The protocols list never contained an entry called DNS. This is not possible. Are you able to create such a rule from WFwAS ? Post here a screenshot of such a rule. Thank you.
     
  10. Eliot

    Eliot Registered Member

    Joined:
    Aug 8, 2003
    Posts:
    895
    Location:
    Computer Chair
    This was the rule I had before I placed my PC behind a wifi router. It worked perfect and DNS requests were working. I could browse the web with svchost disabled for total OUT going access.
     

    Attached Files:

    • dns.png
      dns.png
      File size:
      42.2 KB
      Views:
      24
  11. JNicoll23

    JNicoll23 Registered Member

    Joined:
    Oct 24, 2009
    Posts:
    20
    Location:
    Scotland
    I don't understand why you say "with svchost.disabled" when your rule screenshot shows an ALLOW rule for svchost. Also, that rule worked for UDP traffic being sent to port 53 at 8.8.4.4 or 8.8.8.8; I wonder if by any chance the DNS servers you're using now (perhaps those on your wifi network?) are at a different address?
     
  12. Eliot

    Eliot Registered Member

    Joined:
    Aug 8, 2003
    Posts:
    895
    Location:
    Computer Chair
    The rule is enabled because I cannot access the internet without it now. I just imported my old DNS rule that I used before to show it here.

    Before I had the DNS rule enabled and the other one disabled. Internet worked fine (DNS). Now if I disable that rule and leave only the DNS rule enabled, internet does not work.

    DNS servers are the same.
     
    Last edited: Nov 27, 2017
  13. AmigaBoy

    AmigaBoy Registered Member

    Joined:
    Sep 12, 2015
    Posts:
    34
    A request: when this window appears: "Rules with no group defined were detected. To preserve them, do you want to add... etc."
    a 'Cancel' option would be helpful. I know there's a Cancel option in the previous step of this operation but still, it'd be nice.
     
  14. PrinceYann

    PrinceYann Registered Member

    Joined:
    Nov 29, 2015
    Posts:
    25
    @OFF-TOPIC

    Warning about W10 1709 (in case this happens to other Windows' users): on the About page of the modern control panel, I see a red X icon for 'Firewall & Network Protection' and the Security Center says that the firewalls are off, offering a button to turn them on. Clicking that button deletes all firewall rules and replace them with default ones. That message is misleading, as the firewall is on, which can be confirmed if you click to view the details, but then there is the message "Firewall is using settings that may make your device unsafe", this time offering a button to "restore settings".

    Stay away from these buttons and make sure you periodically backup your firewall rules.
     
  15. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    36
    Location:
    Germany
    Perhaps such a question was. When you install Windows Updates in Windows 10, automatically creates some new firewall rules. How can I prevent this unauthorized action?
     
  16. JNicoll23

    JNicoll23 Registered Member

    Joined:
    Oct 24, 2009
    Posts:
    20
    Location:
    Scotland
    Are you certain that the DNS servers are the same? The settings in Windows (here anyway) for DNS servers for my wifi router and my ethernet connection are different. (I didn't intend them to be, but they are - I must have altered the definitions for the connection I was using one day and not altered the other set.) Have you used ipconfig /all to make sure they are what you think, once with the ethernet adaptor in use and once with wifi in use? If your old rule - with 8.8.4.4,8.8.8.8 specified - was for pre-wifi use, it's likely that those DNS servers are only defined for an ethernet adaptor, but you'll be using the wifi adaptor now. It's maybe using the DNS servers it's told to use (by DHCP?) by your router, probably those of your cable provider.
     
  17. Eliot

    Eliot Registered Member

    Joined:
    Aug 8, 2003
    Posts:
    895
    Location:
    Computer Chair
    They are all the same. I have double and triple checked. Even with ipconfig/all they all show as 8.8.8.8 and 8.8.4.4

    I am hardwired into the wifi router on the same PC. Not wireless now and was not before either. It has to be the way the wifi router works being connected to a cable modem LAN as well.
     
  18. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    435
    Location:
    Switzerland
    Ok, thanks for info. One question: where did you made the click to view the DETAILS exactly (I'm not really sure about that)? If possible you could make a little picture ...
     
  19. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,425
    Location:
    Romania
    This change requires a more complex update since that dialog currently supports only two buttons. I will do it in the future.
    Secure Rules feature from the Security tab. Open the user manual and read about how it works.
     
  20. PrinceYann

    PrinceYann Registered Member

    Joined:
    Nov 29, 2015
    Posts:
    25
    On the 'Windows Defender Security Center', there is a tab for "Firewall & network protection", you can click on the left side or, if on the "home" tab, click on the big button that also links to that tab.
     
  21. JNicoll23

    JNicoll23 Registered Member

    Joined:
    Oct 24, 2009
    Posts:
    20
    Location:
    Scotland
    If you've only ever used a wired connection to the router then the fact that it's wifi-capable should be irrelevant. And the router connection to the outside world via cable modem is what I use too, also I think irrelevant - certainly as far as DNS requests leaving your PC are concerned. If the different firmware in the router (compared to your old router) is intercepting DNS and doing its own lookups (or if the old one did that) I can't see how that would affect DNS lookup requests leaving your machine.

    Do you see eventlog records describing DNS requests being dropped?
     
  22. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,425
    Location:
    Romania
    Windows Firewall Control v.5.0.1.19

    Change log:
    - Reverted: Due to many requests, the required .NET Framework version is now back 4.5 instead of 4.6.
    - New: Pressing right click on the program name in the notification dialog will open the file properties dialog. 'Check this file' was moved to the left click on the program icon.
    - Fixed: Creating a new rule fails if the name or description contain invalid characters. WFC will automatically remove invalid characters, allowing the creation of the rule.
    - Fixed: Randomly, the program appears inactivated even if it was activated before restarting the operating system.
    - Fixed: Leaving Connections Log window open for several hours with 'Auto receive updates' enabled may lead wfc.exe to consume several GB of memory. From this version, older entries will be replaced with new entries. If there are 30 new entries received, 30 oldest entries will be first removed, and then the new entries will be added on top of the list.
    - Fixed: In Rules Panel and Connections Log, once you make a selection, you can't deselect the last entry if you press outside of a valid selection.
    - Improved: The logging was extended with all details of a rule which fails to be created, modified or deleted, to be able to catch all scenarios when these failures may occur.
    - Updated: The user manual was updated with new screenshots and updated topics.

    Modified translation strings
    816 = Open file properties
    817 = Copy path to clipboard


    Download location: https://binisoft.org/download/wfc5setup.exe
    SHA1: a0fa9ea43483bda81a59a3cd9211022d026b126c
    SHA256: 96a10c50b43667c8eaf8f4f839f61939e8068ed5c237a8c61235d121b60de5bb

    Best regards,
    Alexandru
     
    Last edited: Nov 28, 2017
  23. Special

    Special Registered Member

    Joined:
    Mar 23, 2016
    Posts:
    60
    Location:
    Canada
    Why this? Reverted: Due to many requests, the required .NET Framework version is now back 4.5 instead of 4.6.
     
  24. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    435
    Location:
    Switzerland
    All right, then it's clear now, thank you.
     
  25. Circuit

    Circuit Registered Member

    Joined:
    Oct 7, 2014
    Posts:
    513
    Location:
    Land o fruits and nuts
    4.6 is always doing something in the background when computer is suppose to be idle I think recompiling files or something like this. Uses a lot of memory.
    EXE RaderPro was always popping up a notice about mscorsvw.exe.
    4.5 is quiet.
    Thanks for making the change!
     
Loading...