Windows Firewall Control (WFC) by BiniSoft.org

Discussion in 'other firewalls' started by alexandrud, May 20, 2013.

  1. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    572
    Location:
    Lunar module
    Last edited: Jul 19, 2020
  2. myk1

    myk1 Registered Member

    Joined:
    Sep 2, 2012
    Posts:
    124
    Location:
    Belgium
    Sorry, I know, I am stupid, but it is not yet clear (to me!)..
    Do you mean that the implementation is Option 1 and nothing else?
    Or do you mean that the default implementation is Option 1 (but I can choose Option 2 by changing some settings) ?
    Help Alexandru, I am a reg owner of your tool, please explain me!
     
  3. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    572
    Location:
    Lunar module
    v6.3.0.0 - only Option 1 and nothing else.
    The screenshot above are my other question for @alexandrud
     
  4. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    535
    Location:
    Switzerland
    Yes, for you! But there are a lot of fixes which can be really important for others! Also some new features can be also important for others!

    See here:

    The following are NOT complete changelogs. I took just the interesting ones for
    which it makes it really worth for updates!

    What's new in version 5.4.1.0 (03.01.2019)
    - Fixed: After some Windows updates, the Connections Log may remain empty and the
    notifications might not be displayed anymore. The auditing settings will now be
    reapplied on each WFC startup to ensure the functionality.

    What's new in version 6.0.0.0 (26.02.2019)
    - Improved: When changing the profile in WFC, if the inbound connections are allowed,
    which is a security risk, they will be set to be by default blocked. If they are
    already set to be blocked or all blocked (through WFwAS) then their status will be
    preserved.
    - Fixed: The profile reported in WFC might not be accurate on the first run if the
    outbound filtering has different values for different locations.
    - Fixed: The connected location displayed in WFC is displayed as 'VPN' instead of
    'Public' when multiple network adapters are active.
    - Fixed: Checking for updates is made through http instead of https.

    What's new in version 6.0.1.0 (27.02.2019)
    - Fixed: The installer can't continue if another security software is registered in
    Windows Security Center with firewall capabilities.
    - Fixed: In some cases, the connected location is reported Public instead of Private.
    - Fixed: The uninstall process does not always remove all files.
    - Fixed: The tabs width in Main Panel has a fixed width which prevents the tab name
    to be displayed completely.

    What's new in version 6.0.2.0 (04.03.2019)
    - New: The notifications for svchost.exe include now the service name which generated
    the blocked connection under the Name. Creating a rule for svchost.exe from the
    notification dialog will always include the service in the newly created rule.
    - New: Connections Log has now a new column for the Service name which is used by
    svchost.exe. The lookup is made based on the ProcessID, therefore for older entries,
    the exact service name can't be detected.
    - Fixed: The width of some strings from Dashboard was extended to display properly
    when a different language is used.
    - Fixed: Rules properties are not updated in Rules Panel if they are open while
    changing the user interface language.
    - Fixed: Some group names are not displayed correctly in Rules Panel.


    What's new in version 6.1.0.0 (04.01.2020)
    - Fixed: Due to the latest SSL improvements on the hosting server, the check for a
    new version does not work anymore.
    - Fixed: During install/update, after the UAC prompt, for 1-2 seconds is displayed
    the previous page instead of the progress page.
    - Fixed: The uninstaller does not work if the WFC service can not be initialized.
    - Fixed: In some rare cases, the uninstaller may hang during the uninstallation.
    - Fixed: Sorting by Time Generated column in Connections Log does not work.

    What's new in version 6.2.0.0 (24.06.2020)
    - Fixed: Properties dialog is not displayed anymore if two or more Windows services
    have the same Display Name.
    - Fixed: The service name for svchost.exe notifications is detected only for the Windows
    services that are already running when WFC service starts. If a Windows service is started
    after, the notification will not detect the Windows service that triggered the notification.
    - Fixed: Unhandled exception is logged if certain files are missing from the
    installation folder.
    - Fixed: When editing a rule details in the Notification dialog, the rule name
    can be set as one or several empty spaces.
    - Fixed: Properties dialog can't apply changes to a rule if the path of the rule
    is not accessible or not found. This limitation was removed. Also the tooltip was
    updated since a rule with red text does not always mean the file is not found, it can also
    mean the file is not accessible (file located in a folder of another user account,
    encrypted location, etc).
    - Fixed: In Notification dialog the text (Yes, No, Not valid) under Signed property is
    not localized.

    What's new in version 6.3.0.0 (27.06.2020)
    - Improved: Detecting invalid rules is now made at service level instead of UI level,
    meaning that the rules defined for files that are not accessible are not detected
    anymore as invalid.
    - Fixed: Connections Log loading time increased after last update if Security log
    contains older entries for processes that are not running anymore.


    And also the developer itself does always recommend to use the latest version:
    https://www.wilderssecurity.com/thr...c-by-binisoft-org.347370/page-90#post-2574158
     
  5. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,934
    Location:
    Romania
    Second screenshot, Secure Rules is disabled, there is no concept of unauthorized rules with Secure Rules turned off. The answer is yes to both questions.
    Read again my post from here. The other variation of Secure Rules was available only in WFC versions 5.1.0.0 [04.03.2018] - 5.3.1.0 [24.04.2018]. There is no hidden setting to re-enable it. The current WFC version does not have it.
     
  6. myk1

    myk1 Registered Member

    Joined:
    Sep 2, 2012
    Posts:
    124
    Location:
    Belgium
    Thanks.. I had read your post. But inside the post you ask the question 'Let's ask the users which Secure Rules do they prefer.' So it is was not clear (at least for me) that the choice would be Option1 !
    By the way:
    I've been using your program for a long time. I understood at first that you developed it because you found the Windows 10 firewall not very user-friendly and that the purpose of your tool was to make it easier to use.
    While browsing all the topics in the forum, I wonder whether this first goal is not a bit forgotten. Don't you have the impression that your tool is becoming a little "complicated" to use? This is not a reproach, but do you really think that your software is still within the reach of an amateur?
     
  7. ravenise

    ravenise Registered Member

    Joined:
    Jul 18, 2009
    Posts:
    92
    Thanks for keeping it in your list of things to do, it is greatly appreciated. Really! Thank you. Is there a means of implementing this now with a scheduled task at commandline directed to wfc, for example, run scheduled task, 1 pm every day, load wfc.exe -createrule (5 minute rule) etc.?

    Thanks
     
  8. myk1

    myk1 Registered Member

    Joined:
    Sep 2, 2012
    Posts:
    124
    Location:
    Belgium
    >>this is not a good answer, as far as I have understood!
     
  9. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,934
    Location:
    Romania
    I developed WFC because creating firewall rules in Windows Vista was not user-friendly. In WFwAS you have to follow a strict wizard with many pages to just allow one executable file. The same applies to Windows 10. It is normal for a software to evolve over time with new features. Yes, it will become more complex but in the same time it will provide more flexibility. If some features are too technical, they are optional anyway and may not be used. There is a user manual which explains all of them. But, once a user decides to create/edit/remove firewall rules by himself, then he must become a little technical, otherwise it would be better to just leave Windows Firewall in its default state. WFC was never aimed for amateurs, it is a tool for power users.
    You can create your desired rules in some specific groups. You can use Task Scheduler to execute netsh.exe to enable/disable these group names at specific hours.
     
  10. user_2020

    user_2020 Registered Member

    Joined:
    Jul 21, 2020
    Posts:
    1
    Location:
    Germany
    Hello guys,

    I love this firewall and I'm using it for years now, but there is one big problem, which is makes me frustrating more and more with every day- the Windows network discovery.

    I checked almost every settings, but- Windows network discovery doesn't work.
    Maybe I have to allow svchost.exe which is responsible for the network discovery task...?
    If I turn off the WFC, it works :|

    I'm asking this, because I'd like to connect to a printer via our local network at home, but I can't find my printer if I'm trying to add it.

    I also tried to look, which program wnat's permission if I'm trying to add the printer- but still, no connection.

    Maybe this has been asked before, but... I really don't know how to move on.
    Do you know how I could move forward to enable the network discovery in windows? Because the firewall permanently turns off this function. Or should I reset the firewall settings of WFC? I read in the manual that svchost or some other useful functions (like maybe network discovery) are incluced in the basic firewall settings? Maybe I deleted it...?

    Hope we can find a solution :)
     
  11. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    14,302
    Location:
    UK
  12. ravenise

    ravenise Registered Member

    Joined:
    Jul 18, 2009
    Posts:
    92
    Incredibly useful! Thank you!
     
  13. myk1

    myk1 Registered Member

    Joined:
    Sep 2, 2012
    Posts:
    124
    Location:
    Belgium
    Hello,
    I have just installed the last version.
    According to the manual I should have a set of prefixed rules...
    (see: These rules are prefixed with WFC and can be easily distinguished in Rules Panel)

    toto.jpg
    I can't find any.
    What is there to think about?
    Thanks!
     
  14. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    572
    Location:
    Lunar module
    Perhaps we are talking about this, set the options as in screenshot 1
    Then the unauthorized rules will receive the U - prefix and will be disabled
    ScreenShot_169.png
     
  15. myk1

    myk1 Registered Member

    Joined:
    Sep 2, 2012
    Posts:
    124
    Location:
    Belgium
    o_O??
    I am talking about this: (from the user's guide)
    Windows Firewall Control recommended rules is a minimal set of firewall rules which can be used with Windows Firewall while the following functionalities are still available.
    ....
    These rules are prefixed with WFC and can be easily distinguished in Rules Panel.
     
  16. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    535
    Location:
    Switzerland
    @myk1

    Your rule screenshot are INBOUND RULES only. Please switch to OUTBOUND rules!
     
  17. myk1

    myk1 Registered Member

    Joined:
    Sep 2, 2012
    Posts:
    124
    Location:
    Belgium
    Here they are:
    azerty.jpg
     
  18. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    535
    Location:
    Switzerland
    Yes, but that's only a part of all your rules, you know ...

    Click on column "Name" and sort alphabetically AND/OR type "wfc -" (without the quotation marks) in the "Search" field ...

    PS: Generally: new rules would be anyway at the top and not at the bottom of the list, if no sorting is selected.
     
  19. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,934
    Location:
    Romania
    You have to select the following check box (checked by default) to create them during installation:

    upload_2020-7-22_23-1-42.png

    Or if you did not had this check box checked, or if you have removed these rules, use the context menu from Rules Panel to recreate them:

    upload_2020-7-22_23-2-52.png

    Then you will find them:

    upload_2020-7-22_23-4-11.png
     
  20. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    535
    Location:
    Switzerland
    @alexandrud Ahh yep, I assumed he HAD added the recommended WFC rules already ... we'll see :)
    @myk1 NOW you should be really able to solve that hopefully. Else do not hesitate to ask further, no problem!
     
    Last edited: Jul 23, 2020
  21. myk1

    myk1 Registered Member

    Joined:
    Sep 2, 2012
    Posts:
    124
    Location:
    Belgium
    Hi Alexandru,
    Thanks for your answer.
    I own WFC since version 3.xx and I'm active on the forum since 2012. My first request was to ask you whether the windows of your software could be resized!
    My last installed version of WFC was 5020.
    I work with my computer, and I don't have time to constantly update all the softwares that need (need? really need?? ask?) to be updated (not to mention Windows 10..). That is why I had a little bit forgotten you and that is why when I saw all the enhancements since version 5020 I was quite surprised!
    In version 5020 I had no WFC-prefixed rule (I mean, of course, at the display).
    During the installation of the version 6.3.0.0 I have restored my old rules (coming from 5020). And -as you can see (picture1)- there are no line starting with WFC in the rules panel.
    I have applied the process you advise, and indeed, a series of rules starting with WFC have appeared (picture 2).
    Then I had a look to duplicate rules. Some (new) duplicates rules have appeared: the 'genuine' rule and a new one starting with WFC (picture 3). No reason to worry about, but a few questions.
    The 2 first rules are the same, ok. Third and fourth, are they the same?
    EDIT:
    Third rule:
    Properties of the first one:
    Allow your computer to send PING command to verify that a particular IPv4 address exists and can accept requests.

    Properties of the second:
    Outbound rule to allow NT Kernel & System (System)
    --------------------------------------------------------------------------------------
    Fourth rule:
    Properties of the first one:
    Allow your computer to send PING command to verify that a particular IPv6 address exists and can accept requests.

    Properties of the second:
    Outbound rule to block NT Kernel & System (System)

    ******Before****
    pic1.jpg

    **************************After the 'restore recommended rules' ***********

    pic2.jpg
    *********Duplicate Rules*************

    picture 3.jpg
     
    Last edited: Jul 23, 2020
  22. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    572
    Location:
    Lunar module
    The third and fourth rules are also the same, both are DHCP rules. Open the properties of these rules and compare, they are the same.
    And duplicates appeared because the recommended rules are added to the existing ones, and do not replace them.
    And you've probably noticed that windows can be resized.
     
  23. myk1

    myk1 Registered Member

    Joined:
    Sep 2, 2012
    Posts:
    124
    Location:
    Belgium
    No, far too difficult for me.
     
  24. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,934
    Location:
    Romania
    Please take a look here: https://binisoft.org/pdf/guides/Malwarebytes-WFC-User-Guide.pdf#page=24
    Off course you have duplicates, as WFC does not invent new rules. This rule set is a minimum required, so that you can remove Windows Firewall default set of rules and start with a small amount of rules on top of which you can add your custom rules, for your browser, music player, etc. Instead of starting with 400+ rules, you start with 16 rules.
     
  25. myk1

    myk1 Registered Member

    Joined:
    Sep 2, 2012
    Posts:
    124
    Location:
    Belgium
    Hello, well, thanks for the answer. I know you regularly say that users ask questions and then read the manual, but that's not my case. It wasn't easy to guess why I didn't have the WFC prefixed rules.
    That said, the latest version of WFC-control gives me a dashboard with 'public' as location (see image). I am connected via Ethernet and of course the network settings are set to 'private'. There is a VPN in my PC but not active (even the service is stopped).
    Normal ? Paul

    public.jpg
     
    Last edited: Jul 25, 2020
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.