Windows Firewall Control (WFC) by BiniSoft.org

Discussion in 'other firewalls' started by alexandrud, May 20, 2013.

  1. popescu

    popescu Registered Member

    Joined:
    Sep 1, 2018
    Posts:
    147
    Location:
    Canada
    "What's new in version 5.4.0.0 (01.08.201:cool:
    - Reverted: Secure Rules feature was reverted to the old implementation from version
    5.0.2.0. The implementation from versions 5.1.x.x-5.3.x.x creates too many problems
    than it solves
    ."

    So, is OK to use version 5.3.1.0 or should we go with 5.4.00
     
  2. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,841
    Location:
    Romania
    There is a long discussion in this topic about the two implementations. Both of them are OK.
     
    Last edited: Dec 21, 2019
  3. kronckew

    kronckew Registered Member

    Joined:
    Aug 27, 2006
    Posts:
    325
    Location:
    CSA Consulate, Glos., UK
    Any reason why you don't use the current version of WFC 6.0.2.0?

    p.s. - I'm using Acrylic DNS proxy service v.1.1.1 to handle all my DNS requests over https (DOH) via cloudflare servers for Firefox and Google chrome. it also has it's own acrylichosts.txt file for blocking domains much like the windows HOSTS file, except it allows wildcards for host names/domains and also regualr expressions. It's a 32 bit prog but works well on 64 bit. You can also use it as your own personal networks dns server and connect to it from other pc's on your local net. There are other DOH servers like Google's if you'd rather not use cloudflare. It can also use other traditional dns servers as fallbacks if desired. (I also use MBAM Pro to suppliment Windows defender)
     
  4. 3x0gR13N

    3x0gR13N Registered Member

    Joined:
    May 1, 2008
    Posts:
    794
    I've been having a weird problem with notifications. Sometimes only the default Windows firewall notification would appear without WFC popping up and sometimes both WFC and Windows would notify me about a connection, like here:
    Screenshot (2).png
     
  5. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    3,115
    maybe you should tick "private networks" too - this belongs to windows settings.

    "public" network is when using a direct dial-up connection, when using a router "private" should be selected in network settings, because the connection to router is private, after router it is public but this is not windows related - windows has only "private".

    selecting "private" has also benefits in other windows functions which are blocked in "public" connections
     
  6. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    488
    Location:
    Switzerland
    This Windows Firewall message is for INBOUND connection, the WFC message is for OUTBOUND connection ...
     
  7. 3x0gR13N

    3x0gR13N Registered Member

    Joined:
    May 1, 2008
    Posts:
    794
    Yep, you're right. I completely forgot about that...
     
  8. popescu

    popescu Registered Member

    Joined:
    Sep 1, 2018
    Posts:
    147
    Location:
    Canada
    Idea about how to group rules belonging to the same application.

    Create "duplicates" of the rules you want to have together and these will be created on top, one after the other, and delete the originals which are scattered all over the place
     
    Last edited: Dec 25, 2019
  9. popescu

    popescu Registered Member

    Joined:
    Sep 1, 2018
    Posts:
    147
    Location:
    Canada
    What rule (s) do I need in WFC for "network discovery"o_O

    If I choose "no filtering" I can see my network drive.
    With "medium filtering" I get from Windows "network discovery not enabled" and nothing to allow or deny from WFC
     
  10. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    489
    Location:
    Lunar module
    WFC during installation offers to establish the recommended rules for the network discovery, try to extract them.
     
  11. popescu

    popescu Registered Member

    Joined:
    Sep 1, 2018
    Posts:
    147
    Location:
    Canada
    I have the "recommended rules" in WFC , yet I cannot "discover" my network unless I choose " no filtering"
     
  12. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    488
    Location:
    Switzerland
    @popescu

    PERHAPS you can fix it as following:

    1) Ensure that the secure rules is disabled in WFC.
    2) Optional: set WFC profile to Low
    3) Open the related OS setting (I assume you use Win 10) like this (it's in german here, but you should know this window nevertheless):
    NetworkDiscover.PNG
    Switch there to OFF (if it's on already) and then "back" to ON on the related network location (here in the example it's for the private location).

    I can't test it out here (at the moment), but it could be worth to try it out. So, I hope that helps!

    Try again to discover ...

    Regards.
     
  13. popescu

    popescu Registered Member

    Joined:
    Sep 1, 2018
    Posts:
    147
    Location:
    Canada
    Thank you for your answer!

    I tried this before , but the settings will not stay "ON ; I switch it to ON, I get UAC confirmation, I input my password but if I check it back is "OFF" again
    However, if I set WFC to "no filtering" , I can discover the network devices, even though "network discovery" is set to OFF.
     
    Last edited: Dec 31, 2019
  14. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    488
    Location:
    Switzerland
    @popescu

    Ok.

    Here my related setting for outgoing conns:

    Disc_Outbound.PNG

    If that isn't a help, you could try to save your complete policy first, then switch "back" to the default setting with the WFC rules and try again.

    PS: Because it's not allowed here to upload a WPW (WFC exported partially firewall policy) or ZIP, you will find the related partiallly policy as TXT. Attention it's in GERMAN language - however: you can rename it to WPW and import within WFC (current release).
     

    Attached Files:

    Last edited: Dec 31, 2019
  15. mesit0

    mesit0 Registered Member

    Joined:
    Jan 4, 2020
    Posts:
    4
    Location:
    Earth
    I am sorry for quoting a very old message, but I reach to this message searching how to create a rule for windows store, or xbox game pass games.
    But when I go to firewall windows gui and open a blank rule, the button where to select the application package is greyed out and I cant select, in the same tab I could select a service, but the application package is off, how I turn this option? Otherwise I cant create manually a rule for application package.

    Thanks.
     
  16. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,841
    Location:
    Romania
    If you create a new rule from WFwAS you should be able to select the application package, since the rule has no group set. If the rule has a group name set, then WFwAS does not allow you to edit many properties of it (greyed out). First create it and then open it for editing in WFwAS. This is the proper way to define a rule for an application package. But, when you launch certain Windows Store apps, they will try to create their own rules. Just disable Secure Rules for a while, launch your apps and you should have the required rules for them. There is no need to create manually those rules. If you already have them but you want to modify them, in WFC Rules Panel, set their group name to empty and then you can modify them in WFwAS.
     
  17. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,841
    Location:
    Romania
    Windows Firewall Control v.6.1.0.0

    Change log:

    - New: Added keyboard shortcuts for the Notification Dialog. For more information please refer to the 'Keyboard shortcuts' section from the user manual.
    - New: Added 'Select All' context menu item for all text boxes.
    - Fixed: Due to the latest SSL improvements on the hosting server, the check for a new version does not work anymore.
    - Fixed: During install/update, after the UAC prompt, for 1-2 seconds is displayed the previous page instead of the progress page.
    - Fixed: The uninstaller does not work if the WFC service can not be initialized.
    - Fixed: In some rare cases, the uninstaller may hang during the uninstallation.
    - Fixed: Sorting by Time Generated column in Connections Log does not work.

    Download location: https://www.binisoft.org/download/wfc6setup.exe
    SHA1: d3c3da6f1e35e923918d3d70fe5b347a87318479
    SHA256: bc929e6642656c49071519248de410d4da5dff7c667e6e88fd2619f761413b8c

    Important note:
    The hosting company updated yesterday their SSL policy. As a result, any existing WFC version can't connect anymore to the binisoft.org website. The code inside WFC had to be updated to use a different security protocol. Please download the new installer and install version 6.1.0.0. as an update over your existing version or as a new install.


    Looking forward to read your feedback,
    Alexandru

    Something important broke and a new version was released. As you can see, WFC is not abandoned. We do not have more often releases for WFC, like in the past, because I am now involved more on other projects which have higher priority than WFC development.

    Happy New Year!
     
  18. syrinx

    syrinx Registered Member

    Joined:
    Apr 7, 2014
    Posts:
    427
    /me sends a kiss your way
     
  19. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    8,470
    Location:
    U.S.A. (South)
    Bravo!! Thanks for all your efforts!!
     
  20. mesit0

    mesit0 Registered Member

    Joined:
    Jan 4, 2020
    Posts:
    4
    Location:
    Earth
    I do exactly as you describe, but the application package button is disabled, actually I have several rules with empty group name that i can edit every option of them, except application package. I am on latest Windows 10 Pro version.
     
  21. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,983
    Location:
    USA
    Smooth update to v6.1.0.0 - no reboot required :thumb:
     
  22. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,841
    Location:
    Romania
    I can't reproduce this on my side. See the screenshot below. I just removed the group name of some random outbound and inbound rules. I can change the application package as seen below.

    upload_2020-1-5_17-56-14.png
     
  23. ertertkl

    ertertkl Registered Member

    Joined:
    Jan 8, 2020
    Posts:
    1
    Location:
    Moon
    Are there any plans to add support for whitelisting whole directories? I'm interested in allowing everything from Windows directory.
    I found that Windows Firewall doesn't support it, but maybe WFC could autocreate allow rule instead of displaying notification for all programs from specific folder?
    p.s: Sorry if this was already asked a lot. It's just quite annoying when most of notifications are about system apps.
     
  24. al3xwild

    al3xwild Registered Member

    Joined:
    Dec 7, 2019
    Posts:
    7
    Location:
    where the streets have no name
    hi

    i use the 5.3.1.0 version.

    These day i had random "id event 1014"(dns related) so i checked the wfc log.

    I use opendns server.

    i have 2 block on port udp 53,443

    08/01/2020 18:36:49 | 3524 | Opera Internet Browser | C:\users\alex\appdata\local\programs\opera\66.0.3515.27\opera.exe | Block | Out | 192.168.0.2 | 51839 | 216.58.208.163 | 443 | 17
    08/01/2020 18:36:46 | 3524 | Opera Internet Browser | C:\users\alex\appdata\local\programs\opera\66.0.3515.27\opera.exe | Block | Out | 192.168.0.2 | 56058 | 208.67.220.220 | 53 | 17

    Should i allow the ougoing all traffic from these udp ports?

    thanks ^^
     
  25. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,841
    Location:
    Romania
    Not possible. Windows Firewall rules are applied per path basis. You can't define wildcards and WFC can't add support for this. Just use Learning Mode for a few days and then disable the notifications, check the rules that were created, keep the ones that make sense and forget about notifications. Allowing an entire folder could be dangerous, let's say you allow by mistake C:\Program Data, then all programs that do not require admin rights could connect to the Internet. Not a good idea.
    Yes and no. Did you notice that a required functionality does not work ? Then yes. Everything as expected ? Then, no.
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.