Windows Firewall Control (WFC) by BiniSoft.org

Discussion in 'other firewalls' started by alexandrud, May 20, 2013.

  1. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    36
    Location:
    Germany
    With this action, the file properties window opens in the background, not in focus, and completely hides under the notification window.
    222.png
    In this form it is inconvenient and unfriendly. Maybe you need to make the file properties window open in the center of the screen.
     
  2. AmigaBoy

    AmigaBoy Registered Member

    Joined:
    Sep 12, 2015
    Posts:
    34
    Just a rule question: shouldn't the already present WFC rule (bottom of screenshot) include the pop-up rules (top four rules) I'm getting for spoolsv.exe?

    Clipboard Image.png
     
  3. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,206
    Location:
    USA
    I'm just curious, what are your settings and should I change anything to mine?
    Screen capture here and here
     
  4. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    2,726
    Location:
    .
    1980 65.png
    What calls IGMP. Do you allow IGMP traffic. Block doesn't seem to break anything, afaik.
     
    Last edited: Nov 29, 2017
  5. Cache

    Cache Registered Member

    Joined:
    May 20, 2016
    Posts:
    386
    @alexandrud
    I have been finding that from time to time, my "Notifications" becomes deactivated and I have to re-activate by signing in again. I have only recently realised that this happens when I restart my PC after using Shadow Defender. I have tried exiting WFC before entering into Shadow Mode but activation is still disabled when I restart WFC. I normally have Notifications set to "Display notifications" and am currently on 5.0.0.2.

    This seems to be a bug that I would be very grateful if you could kindly address.
     
    Last edited: Nov 29, 2017
  6. Special

    Special Registered Member

    Joined:
    Mar 23, 2016
    Posts:
    59
    Location:
    Canada
    If you don't like Windows performing optimization tasks you can disable them yourself, seems strange to go back to an older version just to cater to some low spec users (weak CPU/Old HD) if this be the case... because disregarding all the benefits of the newer .NET Framework versions is just backwards. Lets go back to 3.X!
     
  7. Bob D

    Bob D Registered Member

    Joined:
    Apr 18, 2005
    Posts:
    1,166
    Location:
    Mass., USA
    Curious, I'm experiencing the same (although not using SD or the like) v5.0.1.19.
    Happens occasionally on boot-up.
    Realized this on my old box & my new replacement puter. Both running Win 7 Pro.
     
  8. Eliot

    Eliot Registered Member

    Joined:
    Aug 8, 2003
    Posts:
    895
    Location:
    Computer Chair
    Got the DNS working behind the wifi router again. I don't understand why it wasn't working before. Now svchost only has port 53 for DNS until I want to enable it for windows updates.
     
  9. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,425
    Location:
    Romania
    The file properties dialog is displayed by calling ShellExecuteEx method from shell32.dll. Unfortunately, this method does not support any parameter regarding position or if the dialog should be displayed on top of other windows. However, if you uncheck the following check box, then the properties dialog will be displayed on top of the notification dialog.
    upload_2017-11-29_23-35-15.png
    In the next WFC version I will disable the TopMost property of the notification dialog before opening the file properties dialog, so it will be more user friendly.
    If you are connected to PUBLIC location, then the last rule will not match the connections for which you see the notification. As a side note, do not use local ports in your custom rules since you can't be sure that a program will use the same local port next time when it will try to make a connection.
    I guess WFC was activated before using Shadow Mode. Next time when this happens, please try to restart WFC service and check again the activation status. Please let me know if restarting the service shows the correct activation status. In the latest version I have updated the code. This scenario should not happen again. Please let me know if you encounter the same problem with version 5.0.1.19.
    It is not about low specifications here. .NET Framework 4.7 overwrites any previously installed 4.x version, the same applies for .NET Framework 4.6, 4.5 etc. If you have installed .NET Framework 4.7 and there are some performance improvements on the controls/assemblies from the framework that WFC uses, then you will benefit from these improvements. If you use .NET Framework 4.5 you will not benefit from all these improvements, but WFC will work just fine. Since WFC didn't use anything that was new in .NET Framework 4.6, I decided to target back version 4.5. If you use Windows 10 you are not affected at all. Since newer versions of the .NET Framework tend to improve especially UWP and .NET portability on other platforms, things about many Windows 7 users don't really care, many Windows 7 users do not want to install newer versions of .NET Framework.
     
    Last edited: Nov 29, 2017
  10. Cache

    Cache Registered Member

    Joined:
    May 20, 2016
    Posts:
    386
    Thanks for the prompt response. I don't go into Shadow mode that often so it may be a while before I report back but next time I will try restarting the service as you suggested. Thanks for updating the code - I look forward to v 5.0.1.9.
     
  11. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    36
    Location:
    Germany
    OK, its right.

    Now the notification window works on TopMost, but not in focus (grey). I think it should take focus on itself (blue), as in similar products, for example, Outpost.
    Ad
    Is it possible to add the option to save the user-defined window size of the notification dialog, when the computer is restarted?
     
    Last edited: Nov 30, 2017
  12. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,425
    Location:
    Romania
    I do not use Outpost and I do not know what you mean by grey or blue. Please post a screenshot. Regargind the size and the position of the notification dialog, it is always saved when the window closes. Next time when it opens, it uses the previous settings. It doesn't work this way on your computer?
     
  13. pralain

    pralain Registered Member

    Joined:
    Nov 30, 2017
    Posts:
    3
    Location:
    France
    I just install the new version of WFC (I was on 5.0.0.2) and there is a new location appearing in the top of the main window VPN !
    Before that I was using Public for VPN and Private for Home.

    All my rules seems now deprecated and I can't create rule for a VPN connection... Each time I get notifications to create new rules..

    How to create a rule and specify VPN location ? I just have private + public + domain...

    Thanks a lot
     
    Last edited: Nov 30, 2017
  14. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    36
    Location:
    Germany
    This works, but the custom size of the notification window is not saved when the computer restarts.
    The browser is in focus, the notification window is TopMost, but not in focus (the window title is gray). Now it works like this
    1.jpg
    It seems to me, that the notification window should immediately become TopMost and take focus on yourself (the window title is blue, green, etc.).
    2.jpg
     
  15. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,425
    Location:
    Romania
    That label VPN is something that WFC displays if you are connected to a VPN. You can't define VPN as Location for a firewall rule, only Public,Private,Domain or All. That label was there in version 5.0.0.2 too. If you are notified to create a new rule, maybe when you connect now you are not on the Public location anymore ? Anyway, please post here a screenshot of:
    1. The duplicate notification that you receive, to see the details of the blocked connection.
    2. The existing rule that you have defined in Rules Panel, please include all columns to see all details.
    3. The location of Windows Firewall as it appears in Control Panel.
    Thank you.
    Now I understand. I made it this way on purpose because I hate any program that steals my focus when I am writing something in another software. The notification dialog appears on top of other windows so that a user will become aware of it and that's all. He will perform an action or will just leave the dialog to close itself automatically. Stealing focus while you are writing something important is more annoying than losing a notification about svchost.exe :)
     
  16. wanglihong

    wanglihong Registered Member

    Joined:
    Nov 29, 2017
    Posts:
    1
    Location:
    china
    For the UWP applications that often change the pathname, how should rules be made effective?
    Such as: C: \ Program Files \ WindowsApps \ microsoft.skypeapp_12.9.604.0_x64__xxxxxxxxxxx \ SkypeHost.exe
    Of these 12.9.604.0 will often change
     
  17. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,464
    Location:
    Location Unknown
    How does WFC determine if you're running through a VPN? It cannot simply be determined by a TAP, because I'm running Mullvad right now and it's not seen as a VPN according to WFC.
     
  18. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    36
    Location:
    Germany
    Now I understand too! But for "users ordinary" it would be useful. Can you do it optional, "Steal the focus", "Do not steal the focus"? :) Please!
     
  19. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,425
    Location:
    Romania
    If you enable to see Extended properties column (from right click context menu on columns header) you will see that some Windows 10 firewall rules will have this check box checked. This means these rules have some extra properties which are not displayed in WFC, usually an application package. They appear in WFwAS. For Windows Store applications, you will not see a Program set for them because Windows Store applications use Application packages.
    1. Open WFwAS (wf.msc) and create your rule for a specific Application Package. Leave the Program property empty.
    2. Editing an exiting firewall rule from WFwAS works only if the Group name of the rule is empty.

    upload_2017-12-1_12-10-13.png
    Here you can see the values of the Location that are returned by FirewallAPI.dll. However, when you are connected to a VPN, the call to this method returns 6. This is when WFC shows VPN. It may bot be very accurate with some VPN providers. I have tested with AirVPN and TunnelBear.
    I do not see any improvement by having the focus by default on the notification dialog since you need the mouse to easily navigate in the notification dialog. The answer is no to this enhancement.
     
    Last edited: Dec 1, 2017
  20. pralain

    pralain Registered Member

    Joined:
    Nov 30, 2017
    Posts:
    3
    Location:
    France
    Hello,

    The VPN is AIRVPN, it's a public connection and the private connection is my home connection. If I configurer manually in windows firewall it works.

    1. https://s17.postimg.org/pcr6mcx8b/from.png https://postimg.org/image/e0el4lbor/

    2. https://s17.postimg.org/e0el4lbor/Rules.png https://postimg.org/image/pcr6mcx8b/

    I show you here the problem with Qbitorrent but I have the same problem with System and Svchost !

    3. Doesn't understand what is it...

    Is there a way to download and old version of WFC ?

    Kind regards,
     
  21. AmigaBoy

    AmigaBoy Registered Member

    Joined:
    Sep 12, 2015
    Posts:
    34
    One final (hopefully!) request for your great WFC. Sorry if I've already posted this, don't remember. It'd be great if we could get notifications when a firewall rule is added/created/deleted/modified by other software, whether 'Secure Rules' is enabled or not.

    After starting to use the Windows Firewall fairly recently, I was impressed (not in a good way) at how easily programs can manipulate WF rules and basically do whatever they want without asking the user.
     
    Last edited: Dec 3, 2017
  22. pralain

    pralain Registered Member

    Joined:
    Nov 30, 2017
    Posts:
    3
    Location:
    France
    Problem solved, it seems that Qbittorrent was searching inside my network... that was an ipv6 i couldn't tell it was inside...

    thanks again
     
  23. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,425
    Location:
    Romania
    Check my answer here on how to define working inbound rules for torrent clients. However, for your scenario, outbound connections are blocked, not by WFC.
    You say that if you "configure manually in windows firewall it works". How you do it ? Whatever you do, some sort of firewall rules are created. These rules should also be displayed in Rules Panel. How are these rules different than the rules that you create from WFC ? Maybe these outbound rules are created for specific protocols, one rule for TCP and one rule for UDP protocol ?

    The website offers for download only the latest version. Anyway, the problem that you have is not related to the latest version of WFC. That VPN displayed in Main Panel is just a label which is not used in any logic.
    I wanted to display such info in WFC. Unfortunately, the events logged by Windows Firewall are not very reliable. Some of them are triggered 6 times for the same action. I made WFC to receive all of these but it used a lot of CPU since they are so many. Currently, this kind of feature is not feasible.

    Anyway, you are interested which programs (that have administrative privileges) are messing with your rules, take a look in the following category of Event Viewer.

    upload_2017-12-3_20-13-51.png
     
    Last edited: Dec 3, 2017
  24. AmigaBoy

    AmigaBoy Registered Member

    Joined:
    Sep 12, 2015
    Posts:
    34
    Thanks alexandrud, that's great info on the EV. I had searched there before but couldn't possibly find that. It's a good weapon to know exactly which process/application does this, so we can block it (or even uninstall it).
     
  25. AmigaBoy

    AmigaBoy Registered Member

    Joined:
    Sep 12, 2015
    Posts:
    34
    Perhaps a less-than-perfect, dumber "logging" method could be used? For example, WFC could simply monitor the total number of rules and give a notification when that number changes ("Your rules have changed from 500 to 503"). It's sloppy, but could be of help to some. Just an idea. :)
     
Loading...