Windows Firewall Control (WFC) by BiniSoft.org

Discussion in 'other firewalls' started by alexandrud, May 20, 2013.

  1. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    691
    Location:
    Switzerland
    @alexandrud

    Thank you for new version! Searching in descriptions works now.
     
  2. ahzs

    ahzs Registered Member

    Joined:
    Jan 25, 2021
    Posts:
    4
    Location:
    World
    Is it possible to please add a feature that automatically adds the rules that are in the "*Experimental feature (version 6.9.x.x)" guide, even if the user does not have admin rights.
    Until I click on the "Request Elevation" button, the new rules are not automatically added. Thank you!
     
  3. AmigaBoy

    AmigaBoy Registered Member

    Joined:
    Sep 12, 2015
    Posts:
    233
    A minor, unimportant annoyance:

    I often go to Sleep mode while WhatsApp is open - the Store App, they only have that now. When waking up the System, a WFC notification will often appear while in theory it shouldn't. I assume this has something to do with the peculiarities of Sleep.

    edit: I see nothing in the Connections Log.

    Not sure when this started to occur. The first rule here is the one I created -as an example- from this notification:

    WFC Sleep.png
     
    Last edited: Apr 22, 2024
  4. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    3,506
    Location:
    Flat Earth Matrix
    Have you tried to mute the audio? Have you tried to disable hardware acceleration? Just to rule those out.
    My guess would be that WFC calls for network settings to see what connection is being used and also for windows firewall management, which can cause a lag, like when you try to open wf.msc directly.
     
  5. yeL

    yeL Registered Member

    Joined:
    Aug 10, 2015
    Posts:
    319
    I just tried it now and muting the audio and disabling HW acceleration did not solve the problem.
    Opening wf.msc directly doesn't trigger this behaviour. It only happens when launching WFC GUI.
     
  6. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,493
    Location:
    Romania
    It is possible, but I will not change this. No elevation, no automatic rules.
    Do you have any other NET Framework software on your machine? If so, try to open first that software while you have some video playback. The only thing that WFC UI may do on first run is to make the OS load certain NET Framework assemblies which weren't loaded yet. Once loaded after the first run, this does not create problems anymore since they are already in memory. Do you have any codec pack installed on this particular machine for video playback?
     
  7. yeL

    yeL Registered Member

    Joined:
    Aug 10, 2015
    Posts:
    319
    @alexandrud to be honest, I don't know which applications require NET Framework. Could you give me some examples so I can try?

    No codec packs, just native W11 and I'm using mpv for multimedia software.
     
  8. mluck94

    mluck94 Registered Member

    Joined:
    Apr 22, 2024
    Posts:
    2
    Location:
    United States
    In the Windows 10 Mail app, clicking the sync button to load new email causes generation of a rule with a Service property that doesn't appear to work right for me: OneSyncSvc_e9df7,PimIndexMaintenanceSvc_e9df7,UnistoreSvc_e9df7,UserDataSvc_e9df7

    https://i.gyazo.com/d130c98e3753330c4c6af0a5ac779c00.png

    Despite having this rule allowed it causes the Mail app sync to continue to be blocked which can be seen in the log:
    https://i.gyazo.com/eb6969118f19bc6b195674416453d5c7.png

    https://i.gyazo.com/83f99aff1fd065c1e9fad79d89c7c8e4.png

    The only way I was able to get around this and allow mail sync was to edit the rule and choose "Apply to all programs and services" but I don't really want to allow all svchost stuff if I can avoid it. Any ideas? At the end of the day I can move on to a different mail app but I am trying to stay "native" while still giving least privilege to things where I can. Thanks :)
     
  9. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,493
    Location:
    Romania
    Try this one https://biniware.com/brun
    Open your video playback as usual, start and open the UI of brun.exe and check the behavior. Then open for the first time wfcUI.exe. When does the video hang?

    Evidently, this service name is not valid OneSyncSvc_e9df7,PimIndexMaintenanceSvc_e9df7,UnistoreSvc_e9df7,UserDataSvc_e9df7 and does not work. Try to restrict your rule to port 993 or any other ports used by the mail server.
     
    Last edited: Apr 23, 2024
  10. yeL

    yeL Registered Member

    Joined:
    Aug 10, 2015
    Posts:
    319
    If I open the video playback first and after the UI of brun.exe, then the behaviour is the same as wfcUI.exe, it freezes for a second as I showed before. After that, wfcUI.exe opens without freezing on the first run.
     
  11. zeeter82

    zeeter82 Registered Member

    Joined:
    Aug 27, 2023
    Posts:
    6
    Location:
    VA
    So I did confirm that either a WFC update or a Win11 build update (Canary) reset everything and I lost all my custom rules that were added. I'm also seeing a ton of stuff that would need to be added now to allow some apps to work (stuff that I didn't have to add before - seems to be a lot of Microsoft related OS/Office processes) - for me to use medium filtering.

    Is anyone else using WFC on Win11 Canary?
     
    Last edited: Apr 23, 2024
  12. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,493
    Location:
    Romania
    Just as I thought. This is related to NET Framework or to a system utility (sound configuration, etc) bundled with your drivers which may also use NET Framework. I would try to repair/reinstall NET Framework 4.8.1 on this machine. If this does not solve it, then you probably can't really do anything to fix it.
    It is always a good idea to make a backup of your rules from time to time if this is important. I personally don't do backups but it takes me 2-3 minutes to create all the rules I really need.
     
  13. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    3,506
    Location:
    Flat Earth Matrix
    Does not WFC use .NET Desktop Runtime 8 now?
    Code:
    winget install Microsoft.DotNet.DesktopRuntime.8
     
  14. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,493
    Location:
    Romania
    No, the official releases are still targeting NET Framework 4.6.2. But the code base was upgraded so that it can be compiled targeting .NET 8 besides the existing NET Framework 4.6.2.
     
  15. vvirvol

    vvirvol Registered Member

    Joined:
    Apr 24, 2024
    Posts:
    3
    Location:
    Cyprus
    Good afternoon

    I want to specify in the rule through the * symbol the path to the folder, which can change, because the program is constantly updated.
    For example, Discord C:\Users\myusername\AppData\Local\Discord\app-*\.

    How do I do that? Help me, I'm tired of creating a new rule every time.
     
  16. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,493
    Location:
    Romania
    Unfortunately, Windows Firewall itself does not support wildcards and WFC can't add support for this. Please check the experimental feature which I described here.
    Create a notification exception C:\USERS\[YOURUSERNAME]\APPDATA\LOCAL\DISCORD and WFC will automatically create a new allow rule if the path of the executable changes. From time to time you will have to manually delete the old rules which will become invalid due to the path change.
     
  17. vvirvol

    vvirvol Registered Member

    Joined:
    Apr 24, 2024
    Posts:
    3
    Location:
    Cyprus
    Thank you! It works!
     
  18. yeL

    yeL Registered Member

    Joined:
    Aug 10, 2015
    Posts:
    319
    I disabled audio in the BIOS but it didn't help. Tried messing with NET Framework but it seems to be installed just fine. This is what it looks like when checking Windows Features:

    Untitled.png

    Anyway, I seem to be alone in this, so it must be a problem with my system. No point in continuing here as it seems to be off topic at this point. I appreciate all your replies.
     
  19. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    3,506
    Location:
    Flat Earth Matrix
    NET framework task can cause pretty high usage, that is the reason I started to disable it. It is not needed for anything.
    Code:
    schtasks /Change /TN "Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319" /Disable
    schtasks /Change /TN "Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64" /Disable
    schtasks /Change /TN "Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical" /Disable
    schtasks /Change /TN "Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical" /Disable
     
  20. mantra

    mantra Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    6,252
    hi alexandrud
    about wildcards , for example for ip 122.7.*.* , or ports 3*
    but do you think could wfc create many firewall rules for example let a software comunicate only to the ip 122.7.*.* and create lots of rules to block everything before and after 122.7.*.*?
    and maybe create a group and move all of them inside?
    thanks
     
  21. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    1,155
    Location:
    Lunar module
    Only one EXPERIMENTAL option is available, no other wildcards are allowed.
    Split the whole address range into three parts: blocked range 1 - allowed IP - blocked range 2
    Example: A program needs to allow access only to the remote address 80.10.10.10
    Create two Deny rules, specifying the remote address range 1.1.1.1-80.10.10.9 in the first one, and 80.10.10.11-255.255.255.255 in the second one.
     
  22. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,493
    Location:
    Romania
    WFC could do this, but it will bring a lot of complexity in code and rules management. Not feasible.
     
  23. ahzs

    ahzs Registered Member

    Joined:
    Jan 25, 2021
    Posts:
    4
    Location:
    World
    I understand that from a security standpoint, it makes sense. But there are cases where this feature would be useful.
    Would there please be a way to add an option to the settings where the automatic addition of rules would also work for non-admins?
    Users often don't have admin rights, but we have to deal with MS Teams, Edge view and other applications that change paths.
    I'd be happy to pay you for this feature as well.
    Thank you
     
  24. AmigaBoy

    AmigaBoy Registered Member

    Joined:
    Sep 12, 2015
    Posts:
    233
    Sorry if this has been asked before. Would it be possible to exclude specific processes from getting registered in the Connections Log entirely, or is this strictly Windows-related? This is mostly about blocked processes. Some few, annoying programs keep attempting to connect when blocked by the WF, even dozens times per second. This doesn't seem to occur when there's no Internet at all, e.g when the network adapter is disabled. They seem to specifically "hate" getting blocked by the WF.

    Except from flooding the Log, this isn't really a major issue. Haven't noticed increased CPU usage in such cases, with one exception:

    The older Logitech Gaming Software. Its insane number of attempts bring the WFC service down with constant, high CPU usage. Sure, allowing it to connect solves it, and I don't even know if preventing it from getting logged would solve this anyway. In this particular case, adding a notification exception doesn't make a difference.
     
    Last edited: Apr 25, 2024
  25. AmigaBoy

    AmigaBoy Registered Member

    Joined:
    Sep 12, 2015
    Posts:
    233
    I've been successfully dealing with these exact applications, using the experimental feature linked by alexandrud a few posts above. Try it.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.