Windows Firewall Control (WFC) by BiniSoft.org

Discussion in 'other firewalls' started by alexandrud, May 20, 2013.

  1. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    452
    Location:
    Germany
    To 689957558
    Try to disable automatic updating of Windows and for the period of manual check for updates disable "Secure Rules" and "Secure Profile".
    Automatic updating of Windows for any operating system has already turned into a headache, as it carries telemetry and other troubles. I install them selectively and only offline.
    "Secure Rules" and "Secure Profile"- this is a powerful mechanism, that turns This Computer into My Computer :)
     
  2. focus

    focus Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    430
    Location:
    USA
    I like the look of this potential change.
     
  3. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    470
    Location:
    Switzerland
    @alexandrud

    I would like your suggested version without scrolling too ...
     
  4. Access Denied

    Access Denied Registered Member

    Joined:
    Aug 8, 2003
    Posts:
    927
    Location:
    Computer Chair
    Would it be possible to make the rule creation box have the IP and Ports from the connection log in there when you click customize and create? Say filename.exe is trying to connect to IP 255.255.255.255 on port 269 in the connection log. You click customize and create, then the box pops up with those already in the boxes where they go?

    I know this on the top end of the lazy level, but good question IMO. :argh:
     
  5. Special

    Special Registered Member

    Joined:
    Mar 23, 2016
    Posts:
    238
    Location:
    Canada
    That does look pretty good!
     
  6. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,800
    Location:
    Romania
    This already happens. When you click on Customize and create the window opens with all the details filled in. Tell me, do you use WFC or a cloned version ? :D
     
  7. Access Denied

    Access Denied Registered Member

    Joined:
    Aug 8, 2003
    Posts:
    927
    Location:
    Computer Chair
    For some reason it didn't work right before I posted, It has worked every time since. I don't know why it didn't work that time. :argh:
     
  8. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,800
    Location:
    Romania
    Windows Firewall Control v.5.1.1.0

    Change log:

    - Removed: 'Auto receive updates' functionality was removed from Connections Log, as it consumes a lot of resources and make the entire application unresponsive. I have to make a different approach on this, until then, it was removed.
    - Improved: The Properties dialog layout was updated so that it can fit better on low resolutions.
    - Improved: When opening Rules Panel, the default focused element is now the search box.
    - Improved: The search string from Rules Panel will not be cleared anymore when refreshing the data grid or when changing the filters.
    - Fixed: When Secure Profile is enabled, firewall rules created for executable files located on mounted drives do not apply anymore. The user has to switch manually the profile so that Windows Firewall will refresh the existing firewall rules.
    - Fixed: When the activation dialog is displayed, the Main Panel is displayed always on top.
    - Fixed: When the vertical scroll bar is visible in toolbox in the Rules Panel and Connections Log windows, the border on the right side is missing.
    - Fixed: When an item is selected in the notifications exceptions list, the foreground color is hard to read.

    Download location: https://www.binisoft.org/download/wfc5setup.exe
    SHA1: 7a14860fcd87d9e712dd4f4a06df74238d51f4e5
    SHA256: 8dd301de854a30920c393218ce16fe28c672ec6536553d4734195a2f24130967

    Best regards,
    Alexandru

    Note: This version can update version 5.1.0.0 and the activation status is preserved. However, if you are using an older version, you have to uninstall that version, install and activate this version.

    Note 2: Some "good" antivirus vendors may detect the new version as malware. This is a false positive. Please report these false positives to your antivirus vendors so that they can update their definitions databases. Thank you.
     
    Last edited: Mar 15, 2018
  9. guest

    guest Guest

    Thanx for the update. Two quick questions here:-

    1) While creating a rule if I chose a specific interface type, should I be receiving notifications when I'm on any other interface type rather than the selected one?
    2) Is there a way to prevent ARP spoofing in Windows Firewall?
     
  10. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,940
    Location:
    USA
    I was running 5.1.0.0 and when executing this latest wfc5setup.exe nothing happens after granting permission at the UAC prompt. It may be peculiar to my system. I will reboot and try again.
     
  11. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,800
    Location:
    Romania
    1) Currently, WFC will display another notification anyway because the Interface Type is not used in WFC checks.
    2) Find better neighbors :) Read here more about this subject.
    The first uploaded installer was compressed and it gave some false positives, so I had to remove the compression and upload the uncompressed installer. I have uploaded a new installer on the website which should work. Check the hashes from my previous post, as I have updated them. Please try again and let me know if everything is fine now.
     
    Last edited: Mar 15, 2018
  12. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,940
    Location:
    USA
    The uncompressed installer worked perfectly :thumb:
     
  13. Access Denied

    Access Denied Registered Member

    Joined:
    Aug 8, 2003
    Posts:
    927
    Location:
    Computer Chair
    Updated through the main interface. All upgraded no issues. Thanks for the great program! :thumb:
     
  14. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    452
    Location:
    Germany
    Who else doubts that this will please the whole forum? :D
    alexandrud
    great.gif Thank!
     
  15. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    3,625
    Location:
    Mexico
    :argh: Not me. I agree.
     
  16. Buddel

    Buddel Registered Member

    Joined:
    Apr 28, 2015
    Posts:
    1,063
    Thanks for the new version, which I just got via the internal updater. Good job!:thumb:
     
  17. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    452
    Location:
    Germany
    To alexandrud
    Connections Log and its Properties dialog, Rules Panel and its Properties dialog - 4 windows, and the size of each window needs to be set separately. What is your opinion, if you reduce the number of settings from 4 to 2? In order to change the size of the Connection Log window, the same size is automatically set for both the Rules Panel, and vice versa. Similarly for the Properties dialogs.
     
  18. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,800
    Location:
    Romania
    NO. I use two monitors and I never use the same size for Rules Panel and Connections Log. Properties dialog has two instances because of the same reason. The current implementation takes care of the size, position and window state. If they will both have the same values, then the windows will open one on top of the other.
     
    Last edited: Mar 16, 2018
  19. Special

    Special Registered Member

    Joined:
    Mar 23, 2016
    Posts:
    238
    Location:
    Canada
    I was looking over some of the "recommended" rules and still don't know what some of them do and the manual isn't any help, I get that two are used for the PING command, but what's the use case for it? Why do I need or would want to do it? Same thing with the Printer Sharing stuff, any point if I'm not on a network of any kind. Can we have some discussion on these and maybe give an example of what it's used for and an example of what you can't do if the rule is no longer there.

    WFC - Core Networking - DNS (UDP-Out) -
    WFC - Core Networking - Dynamic Host Configuration Protocol (DHCP-Out) -
    WFC - File and Printer Sharing (NB-Session-Out) -
    WFC - File and Printer Sharing (SMB-In) -
    WFC - File and Printer Sharing (SMB-Out) -
    WFC - File and Printer Sharing (Spooler-Out) -
    WFC - Internet Control Message Protocol (ICMPv4-In) -
    WFC - Internet Control Message Protocol (ICMPv4-Out) -
    WFC - Internet Control Message Protocol (ICMPv6-In) -
    WFC - Internet Control Message Protocol (ICMPv6-Out) -
    WFC - Network Discovery (NB-Name-In) -
    WFC - Network Discovery (NB-Name-Out) -
    WFC - Network Discovery (SSDP-In) -
    WFC - Network Discovery (SSDP-Out) -
    WFC - Windows Firewall Control Updater - WFC "check for updates", not needed you prefer to download the .exe from biniSoft.org, etc.
    WFC - Windows Time Service - Windows can't sync time otherwise.
    WFC - Windows Update - Windows can't fetch updates.
     
  20. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    452
    Location:
    Germany
    Necessary:
    WFC - Core Networking - DNS (UDP-Out) -
    WFC - Core Networking - Dynamic Host Configuration Protocol (DHCP-Out) -
    It is necessary if you use the ping command:
    WFC - Internet Control Message Protocol (ICMPv4-In) -
    It is necessary if you use automatic WFC update:
    WFC - Windows Firewall Control Updater - WFC "check for updates", not needed you prefer to download the .exe from biniSoft.org, etc.
    It is necessary for automatic time synchronization:
    WFC - Windows Time Service - Windows can't sync time otherwise.
    Enable only for the period of checking for Windows updates:
    WFC - Windows Update - Windows can't fetch updates.
     
  21. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,800
    Location:
    Romania
    If your computer is the only one in your home network, you can disable/remove the rules related to "Network Discovery" and "File and Printer Sharing". These rules are required if you want to browse your network devices/computers. ICMP rules are required to send or receive ping commands, they are useful to debug network connectivity problems. They can also be removed.
     
  22. Access Denied

    Access Denied Registered Member

    Joined:
    Aug 8, 2003
    Posts:
    927
    Location:
    Computer Chair
    edited into your quote for them.

    also for @alexandrud about the network discovery. it will not accept those rules if they are not in the group name windows firewall adds them with. I meant to post about that a while back and forgot. It started a few windows updates ago.

    by accept, I mean it will not work until they have the group name given when added from windows firewall itself.
     
  23. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,800
    Location:
    Romania
    I will update my Windows 10 :) to see how it works. If this is something new, then these rules must be left in their group names. Note that these rules are copies of Windows Firewall default rules. I will check this.
     
  24. Access Denied

    Access Denied Registered Member

    Joined:
    Aug 8, 2003
    Posts:
    927
    Location:
    Computer Chair
    I just added back the recommended rules on my PC. It is current and fully updated. Network Discovery fails to turn on with them added in. I would have to disable Secure Rules, open WFWAS and add them in by adding a rule for it. Then add the Group name to the Secure Rules section. Then it works. ;)

    EDIT: I think all the file sharing rules are the same. I don't have a second PC to test it with setup atm.
     
    Last edited: Mar 16, 2018
  25. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,800
    Location:
    Romania
    I have a question for all WFC users which may solve the Connections Log auto update functionality. What I have in mind:

    1. The refresh button gets removed.
    2. The possible filters that will remain are Recently allowed/Recently blocked and Inbound/Outbound.
    3. All other combo boxes are removed.

    - When you open Connections Log, based on the selected filters from 2) the view starts receiving new entries from that point on. So, Connections Log won't display past connections (loading time is removed). It will start receiving new entries from the point it was opened.
    - If you change the combo boxes, it automatically starts receiving new entries based on the new selection. The existing displayed entries are not removed.
    - If the user wants to see a limited set of items, for example what connects on port X, or to address Y, or program Z, he can use the Search text box to filter the items.
    - A new button "Clear list" is added so that the user can clear the displayed entries if there are too many entries loaded.

    What do you think?
    Are there users that actually use the current functionality in which you wait 1 minute or more to load 20000 entries in Connections Log window?
    I think the new approach will be more useful and faster to use.
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.