Windows Firewall Control (WFC) by BiniSoft.org

Discussion in 'other firewalls' started by alexandrud, May 20, 2013.

  1. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,679
    Location:
    Estonia
    Yes, but the market share of Windows 10 is just 40%.
    Yes, did you try and does not work? If it doesn't try instead of LocalSubnet to set your local LAN IP range. For example: 192.168.0.1-192.168.0.255
     
  2. daw_10

    daw_10 Registered Member

    Joined:
    Jan 7, 2019
    Posts:
    4
    Location:
    UK
    Thank you very much for your reply. It works, I just wanted a re-confirmation of my procedure to make sure that xyz.exe did not make any hidden connection to the internet. Also thank you for a great program for which you provide excellent support.
     
  3. nzo

    nzo Registered Member

    Joined:
    Feb 9, 2019
    Posts:
    1
    Location:
    New Zealand
    Hi alexandrud,

    My PC is on 24/7. Usually I use WFC set at Medium Filtering. When not using the PC (overnight) I set WFC to High Filtering via right-click on the system tray icon. Is it possible to create a keyboard command so that one can switch between the Medium and High options without doing this via WFC's dialog boxes? It would be faster.

    Thank you.
     
  4. Special

    Special Registered Member

    Joined:
    Mar 23, 2016
    Posts:
    179
    Location:
    Canada
    Pointless, just do it in two clicks.
     
  5. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    344
    Location:
    Germany
    To block the Internet сreate a shortcut for the .bat file with this commands as admin and assign hotkeys to it
    This will add two rules, inbound and outbound
    1.png
    Netsh.exe Advfirewall Firewall add rule name="High Filtering profile - Block inbound connections" dir=in action=block description="Block all inbound connections"
    Netsh.exe Advfirewall Firewall add rule name="High Filtering profile - Block outbound connections" dir=out action=block description="Block all outbound connections"
    Similarly, to unlock the Internet

    netsh.exe advfirewall set allprofiles state on
    netsh.exe advfirewall set allprofiles firewallpolicy blockinbound,blockoutbound
     
    Last edited: Feb 10, 2019
  6. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,679
    Location:
    Estonia
    New features in WFC, not gonna happen anytime soon.
    This will not remove the block all rule that you created in the first place.
     
  7. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    344
    Location:
    Germany
    This remove
    Netsh.exe Advfirewall Firewall delete rule name="High Filtering profile - Block outbound connections"
    Netsh.exe Advfirewall Firewall delete rule name="High Filtering profile - Block inbound connections"
    You can also disable the network adapter(s) with .bat file, work fine.

    Ad
    Which .cmd can "update rules" to change the WFC icon color of the tray?
     
    Last edited: Feb 10, 2019
  8. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    344
    Location:
    Germany
    When create a rule from the alert window for svchost with service, you must first determine the service name by ID, then select this service from the drop-down menu. Is it possible to make this process automatic? For example, PrivateWinTen himself defines and substitutes the service name in the rule.
     
  9. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,679
    Location:
    Estonia
    No. The required code and work are not justified. It is just a false impression that having service based for svchost.exe adds any value of any kind. In reality it is just a waste of time. Once something is broken, the first impulse is to disable outbound filtering to see if this is related, even worse, the firewall disabled entirely. At this point, all these rules are useless. Just leave svchost.exe to connect on ports 80,443 and use your time in a better way. The same applies for rules defined for specific IPs. It is a waste of time. Just allow or block a software entirely. These endless rules customizations don't increase the security at all.
     
  10. myk1

    myk1 Registered Member

    Joined:
    Sep 2, 2012
    Posts:
    78
    Location:
    Belgium
  11. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,679
    Location:
    Estonia
    It is not clear from the screenshots if the Connections Log displays inbound or outbound connections. But I assume that they are outbound connections that appear as allowed while the software is blocked by a block rule.

    1. Check the full details of the allowed connection. Make sure it is not to the localhost, 127.0.0.1.
    2. Enable Secure Profile so that we can make sure that this software does not switch the outbound filtering in Windows Firewall in order to be able to connect.
    3. Rename nvtmru.exe to a different name (extension) and see what is happening. If you really want it blocked, renaming it should not break anything.
    4. Try to filter the Security log and see if you can see this allowed connection. Event ID 5156. Just to make sure that this is a true allowed connection and not a bug in WFC.
    5. Do you have this problem only with this software ?
     
  12. myk1

    myk1 Registered Member

    Joined:
    Sep 2, 2012
    Posts:
    78
    Location:
    Belgium
    Thanks!
    Log is Outbound connections.
    Remote IP is 127.0.01...> ??
     
  13. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,679
    Location:
    Estonia
    Windows Firewall does not filter loop back connections which are always allowed. 127.0.0.1 is always allowed, this is your local computer. The software does not connect to the Internet but to the local machine. No worries about this. Just add nvtmru.exe in the notifications exceptions list and forget about it.
     
  14. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    344
    Location:
    Germany
    Try to remove it from autostart, it seems to be needed only for auto-update. I install for NVIDIA driver only.
     
  15. myk1

    myk1 Registered Member

    Joined:
    Sep 2, 2012
    Posts:
    78
    Location:
    Belgium
    Thanks..
    So: this software is present in my computer. Moreover this soft is installed. And the easiest way it has to to connect to my machine is through my firewall. Quite a new concept for me!!
    Thanks again...
     
  16. JNicoll23

    JNicoll23 Registered Member

    Joined:
    Oct 24, 2009
    Posts:
    22
    Location:
    Scotland
    It's common for programs running on a computer to have to swap information with other programs running on the same computer. Because Windows does its best to isolate programs from each other (so eg they don't share access to the same memory, because if they did they could interfere with each other), there have to be other ways for them to talk in a controlled fashion. One way is to use the same mechanism that's used for talking to the outside world... but keep the conversation entirely inside the machine... which is what you are seeing.
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.