Windows Firewall Control (WFC) by BiniSoft.org

I have configured WFC4 for medium filtering...

now it seems that my LAN traffic in my own subnet is blocked also ...

I cannot print anymore for example ... How to allow LAN traffic ?

Also I cannot make a VPN anymore...

marc

 

^ Question, what is your notifications level set to ?

To see all the blocked connections, right click on the WFC Icon in the task bar

- select Rules Panel
- Select Connections Log
- Make sure that under Display, Connections, "Recently Blocked" is selected
- Click Refresh List

From there you can select a rule and via right click you can add this rule.

 

How can I allow a program no matter what folder it is in?

I am using ninite installer to update my programs, and it creates an executable in temp folder during the updating process, then deletes it after finishing. The temp folder is different every time I run it.

I tried to put an asterix * into my custom rule, but it doesnt work and resets the rule as it was before.

 

Unfortunately not possible. It's by design of Windows Firewall which does not allow wildcards.

Because such cases, we should have the possibility of temp profiles. For example 5 mins low, then reset to medium (if user set medium as standard profile).

I had many installations with temp EXEs or other installation related outgoing traffic.

As workaraound I change the profile manually. But this is not a real solution because you have always keep in mind to change the profile back manually as soon as possible.

Alexandrud, how is the state about temp profiles?

Greetings,
Alpengreis

 

That would be yet another extraordinary feature

A neat implementation would be to add sub-sub-menus to the profiles sub-menu of the notification area menu. While at the same time, keeping the current links for changing the profiles as is, kinda like you did to the manage rules menu entry.

The sub-sub-menu could contain the following options for the filtering-enabed profiles:
- Enable for 1 minute
- Enable for 5 minutes
- Enable for 1 hour
- Enable until next restart

For the "No Filtering" profile, just replace "Enable" with "Disable".

 

I agree this would be a most useful feature as I have lowered to install something and then forgot to raise again. This would be worth another donation to me

 

I will implement a feature named "Install Mode" which will have a single entry in the system tray menu. While Install Mode will be enabled, actually the Low Filtering profile will be in action. The configuration for it will be in Main Panel and after the time that was defined expires, the previous profile will be automatically reverted. I think it is not a good idea to create submenus for each existing option in the context menu. It will overcrowd too much the context menu.

What do you think ?

 

+1 for the "install mode" feature....

 

That's an even neater approach! Looking forward to it

 

Thank you for the answer. I only want to use the learning mode on a freshly installed system, when I know it is clean. I did the same with TinyWall. That's why I requested it.

 

Sounds good, thanks as always

 

100% agreement on an install mode

 

I like the idea of Install Mode. +1

 

Install mode sounds great.

 

+1 Install Mode!

Side question --

Even though I've disabled the ability for programs to create their own firewall rules, programs are still somehow doing it -- but only inbound rules. Why/How might this be?

I'm not even getting the Windows firewall notifications asking me if I want to allow inbound connections to a program now. For example, I just opened up "Team Fortress 2" after many months, it automatically updated itself, and then I watched in WFC as two new inbound rules were created for it without any notification or warning.

Additionally, the "Location" setting for these rules appears to have no rhyme or reason to what's selected -- "Public", "Private", "Doman, Private", "Private, Public", etc. How are these chosen?

My primary network adapter is classified in Windows 7 as a "Home/Private" network. I do have VMware network adapaters that appear to fall under "Unidentified networks/Public", but it's because they're nearly always dormant and unused. I'm wondering if programs are somehow thinking these are the primary adapters (and thus setting "Public").

 

I have been using this for almost two years now, and I must say I am quite happy with it, as it a convinient tool to configure windows native firewall in realtime with custom prompts.
I use it along with WSAC, thus completing WSAC's lack of a functioning outbound firewall in Win8/8.1

 

Stukalide ,I have also reported this for Steam itself and CS:GO.They make their own rules whenever they update themselves and the option doesn t stop them.
I am sure Alexandru will get this fixed

 

Stukalide & Sm3K3R,

You may want to go over the thread at
https://www.wilderssecurity.com/thre...ding-exceptions-to-windows-7-firewall.341173/

 

Sorry, I forgot to mention, that with Low filtering enabled, everything works fine. I have everything set as you described, otherwise it wouldn't work with Low filtering. But if I enable Medium filtering, I cannot see neighbor computers as I have described. Probably my feature request 2 bellow could be helpful in this.

I have also two another feature requests:

1. could it be possible to sort numeric columns in Rule manager as numbers instead of text? It's not a big issue, but it would be handy.

2. could it be possible to add Service column which is in Rule manager also to Connection log? I have a lot of blocked outbound UDP connections from Service host to the remote port 1900 (broadcast remote IP 239.255.255.250), but UDP connections from Service host to this port are allowed for service Ssdpsrv. Maybe these connections are generated by another service, but it's not possible to check that (when I open "Edit and allow/block" dialog for the blocked connection, there is "Any" service).

Thank you for you response and have a nice day!

 

As with the other posts above, I'm having problems with apps making their own rules, WFC doesn't intercept....itunes and calibre happily made successful calls out....I don't use AV's....So there is nothing between WFC and the firewall......I did use Comodo before WFC and it did hook them (so to speak)

 

Have you enabled under options "Disable the ability of other programs ......."

 

I can't reproduce yet the problem with the programs that still manage to register themselves in Windows Firewall, but I think that Itunes, Steam, etc, use their own Windows services (with extra privileges) which create these rules before WFC is started. I'm investigating this.

When you enable File and Printer Sharing and Network Discovery a new set of rules are created by the operating system in Windows Firewall. Do you see these kind of rules enabled in Manage Rules ? These will take care of the problem that you have. Take a look at the screenshots attached.

There are no numeric columns in there. All fields are strings. Even the ones that appear as numbers, are strings because a field can contain more than a numeric value.

This is not possible because the events displayed in Connections Log are the events logged by Windows Firewall in the Security Log. These events don't contain any information regarding the service name.

 

Sorry for the delay in getting back here. Thanks for that reply!

 

A feature request please:
At present, the Profiles pop-up / Selection covers the range from "No Filtering" to "High Filtering", where the latter blocks all connections to the computer.
I would like to request the splitting of the High Filtering to "High Filtering - Global" and "High Filtering - External Only" where the Global blocks everything as the "High Filtering" does now, while the External will block only routable (internet) IP, leaving the LAN connected.
Reason is that I control a few computers on my internal LAN, and those computers can also connect to the internet via a router gateway. If I remotely use the existing High Filtering to quickly block their connectivity to the internet, I also lock myself out of those systems.

 

Something wrong with Low notification mode
Although Low notification mode should add the signed application rules automatically
but When I use opera(both next and developer)it did not add its opera_autoupdate.exe as the allow rules...