Windows Firewall Control (WFC) by BiniSoft.org

HI @aldist @alexandrud
make it sense let wfc run with privilege rights (administrator )?
on my w10 it runs with normal priviege
but Aldist WFC (with secure mode ON ) disabled almost every default windows rules !
I have tried to export my rules
after I have selected restore windows firewall default set of rules and restore windows firewall control raccomanded rules
i have checked , almost every windows firewall defult set are disabled and marked with a U
why?

thanks a lot Aldist for your help , really appreciate it a lot!
take care

 

This is how it should be, WFC should run without elevate privileges.

It will disable existing rules and new rules if they are not part of an authorized group. Check the disabled rules, if you find the correct rules among them, use the context menu (right mouse button) to move it to the authorized group and delete the U prefix in the rule name.

Probably should have disabled Secure Rules before restoring the rules, but I'm not sure.
I'm glad if I could help you at least a little bit.

 

wfc.exe should be executed as standard user. It does not require elevated privileges. Nothing will change if it is executed with elevated privileges. It doesn't work better
You should have disable Secure Rules when restoring Windows Firewall default rules because the groups of those rules were not in the list of authorized group names. You can repeat the steps again with Secure Rules unchecked until you import these group names into the authorized group names.

 

hi @alexandrud

do you think could be added a global shortcut to switch low filtering <-> medium filtering ?
in short or 2 global shortcut to activate low filtering and medium filtering , or a global shortcut to switch between them?
thanks a lot

 

This already exists, use batch files to switch filtering profiles.

 

hi
but it's not a global shortcut , would be better have in wfc a global rule to swtich
a file bat is not a global shortcut , i have alway to clisk twiche
while with a shortcut i can switch between them before run a program or even during a game
thanks

Hi @alexandrud

A)
I have create 2 authorized groups
1) windows firewall authorized
2) my rules

I have disabled secure rules -> delete all the rules -> restored windows firewall default set of rules and restored windows firewall control raccomanded rules and import my select rules (i have exported them before)
I have selected all windows firewall default set of rules and restored windows firewall control raccomanded rules -> add to group -> windows firewall authorized
and I selected all my rules and -> add to group -> my rules

enabled Secure Rules
is it a good idea ?
B)
or is better avoid to create 2 authorized groups -> disabled secure rules -> delete all the rules -> restored windows firewall default set of rules and restored windows firewall control raccomanded rules and import my select rules (i have exported them before)

Select all and authorize group
which is better A or B ?
thanks alexandrud

 

When I 'restore' windows default rules & WFC recc. ones, and click import group names from current existing rules, I get a rather long list (around 75 for me) of new groups Starting with Windows Firewall Control and ending with the WLAN ones as in the screen clip just above the blue control line you click, when you switch to secure profile and rules, allowing Windows store rules.

 

hi
i have create 2 authorized groups thinking to avoid fill up the WFC authorized groups with lots of entries

 

The options are equivalent.

Create one or two AHK (AutoHotKey) scripts that will execute the desired batch files using the global hotkeys you assign in the script. If one script, it should work in trigger mode, if two scripts, they should work in single mode.

 

@alexandrud
hi
about secure rules , do you think could be added a warning or a popup displayed if a rule (or more) was changed ?
it will very very useful and much secure ,because at least we don't have to search for U -
thanks

 

You have a set of your rules. Any rules you create after that will be at the top of the list of rules, including those with the prefix U, so you won't have to search for anything.
Instead of disabling unauthorized rules, you can choose to remove unauthorized rules, and then those rules will never appear in the list of rules.

 

after an update , i 'm sure windows will change many rules set
well let @alexandrud answer , maybe he is interested
thanks aldist ,honestly i have disabled secure rules , bored about U - , and i have found some in the default firewall rules not at the top ,but in the middle

 

It could be added, but I won't add it because it can be used to disable the outbound filtering of Windows Firewall too easy. Then someone else will want a global hot key to disable Windows Firewall, one to... and so on. Switching the profile should not be very easy so that the user is more aware of the current filtering mode. It is easy to press a hot key combination while watching a full screen movie and disable by mistake Windows Firewall.

No, popups are in general annoying and can be missed if you are not in front of your computer. Does it help to search for "U -" rules ? You can set Secure Rules to delete these unwanted rules and forget about them. I recommend you to check the Windows Firewall Control recommended rules: https://binisoft.org/pdf/guides/Malwarebytes-WFC-User-Guide.pdf#page=23 Based on this minimal set of rules, start creating your custom rules for the program that you actually use and want to connect to the Internet. The unwanted ones, just add them in the notifications exceptions list when you are notified about them and forget them.

 

hi @alexandrud

Windows Firewall Control recommended rules are only 17 rules
i keep disabled secure rules , there are legitim softwares that use temporaney exe or dll to keep updated and working , with few reboot , wfc with secure rules does fill my rules up with lots of the same rules with the U - , they are really boring
at least a whitelist could be usefull
tahnks alexandrud

 

The WFC recommended rules are only a minimum set, you must add many rules of your own to ensure your security.
A lot of your legitimate software doesn't need Internet access at all if the user is thinking about their security.
From my point of view, there is no need to disable Secure Rules, you have been written above two-three times, if you don't like the U prefix, enable the option to remove such rules or put the application in notifications exceptions.
You should build up your rule set and work with it happily ever after, hardly ever seeing any firewall alerts, since you have everything regulated by your rule set.
That's about it, except when you update Windows Defender its path will change and you will have to fix that path in the rule.
@alexandrud
You promised to implement an automatic fix for an existing WFC rule when a Windows application changes path during an update, is this still in your plans? Are you planning to release a new version of the WFC in the near future?

 

It is still on the roadmap but I really don't have time for it. A new WFC release is not planned in the near future. Last version is from May 2021, still recent.

 

hi @alexandrud
but with this settings , could be deleted rules made by me to block some program ,could not it ?
thanks

 

We have already discussed this. You have Secure Rules enabled. Your rules that have an authorized group will not be deleted. You create a new rule and put it in an authorized group - it will not be deleted.
There is no risk that your rules will be deleted if they belong to an authorized group.

 

Hi
yes but will be disabled or deleted!
I made some rules for security and block some programs
they could change this rules , and with secure on , well wfc will disable and remove it or them
thanks

 

You have blocked some programs by creating rules rule1 & rule2 and enabled Secure Rules, all is well.
Now some programs will try to create new rules rule3 & rule4 - they won't be able to do that, rules rule3 & rule4 will be instantly deleted or disabled. But rule1 & rule2 are still good and working, and you are still protected.
When programs try to create their own rules, it is bad, it is evil, the user has to control it.

 

hi
are you sure my rules are protected?
because i wanted to make a test , and the program changed my rule (2 rules)
do you think wfc +tinywall or wfc +simplewall could work?
thanks

 

No, WFC + those programs will not work because those are using their own set of rules which are not Windows Firewall rules.
If you create your custom rules from WFC, they will be automatically created in the group named "Windows Firewall Control". Secure Rules will skip these rules when checking for unwanted rules. Which program changed your rules ? Post a screenshot of your rules that were changed and specify which software changed them. Thank you.

 

I'm sure your rules are protected. Two firewalls is wrong and harmful. Add to today's problems the headache of setting up SimpleWall, which has an unclear and confusing interface, and having to maintain two sets of rules when you don't understand which firewall is blocking your application.

 

I receive this request a lot, so I want to ask you all, how do you see this feature ?

- Global hotkey that toggles between Low Filtering and Medium Filtering.
- If Revert profile is used, it will have priority over this. If you have Revert profile enabled and you use this hotkey toggle to set Low Filtering profile, then Revert profile will set Medium Filtering/High Filtering back after the specified time.
- I was thinking to add also a visual notification when this global hotkey is pressed and the profile changes, something similar to this one, but with a different message:



Sounds useful ? Anything else that should be included in this feature ? Since WFC releases are not so often, I don't want to publish a new release and then to receive feedback that it should have been the other way. Share your feedback before implementing it. Thank you.

 

No problem, I understand - thanks for replying and sorry about the long delay in responding (I don't login on some of my mail accounts that often). I still use (and like) WFC and didn't experience those Sleep issues anymore, so it's all good. Many thanks for providing such a useful application to users, very nice work!