Windows Firewall Control (WFC) by BiniSoft.org

Discussion in 'other firewalls' started by alexandrud, May 20, 2013.

  1. MrElectrifyer

    MrElectrifyer Registered Member

    Joined:
    Jul 24, 2012
    Posts:
    177
    Location:
    Canada
    Alrighty.

    Great.

    BTW, the secure boot feature still never worked for me...how can I track down the 'cause? I don't see any Core - Block all firewall rule in WFwAS after a restart.
     
  2. silver0066

    silver0066 Registered Member

    Joined:
    Dec 31, 2004
    Posts:
    990
    WFC blocking a program even though I have set it allow.

    The program is Multiplicity by Edgerunner which allows you to use one mouse on 2 computers. I have "Allow through Windows Firewall" set on all .exe files in Program Files folder on both computers.

    I have the primary computer set with Medium Filtering with WFC.
    I can only access the secondary computer when I have WFC set to "No Filtering" on the secondary computer. Low Filtering or Medium Filtering blocks it from working.

    Does anyone have any suggestions?
     
  3. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    554
    Location:
    Switzerland
    @silver0066

    WFC blocks nothing. WFC is a GUI for Windows Firewall only.

    So, if you have problems with a connection even on the WFC "Low Filtering Profile" (without notifications for blocked outgoing traffic), it's useful to search (google) for "Multiplicity and Windows Firewall", "Multiplicity and Windows" or something like that.

    Only for the outgoing traffic, you could WFC set to Profile "Medium" and look the related notifications.

    Also, look in the WFC "Connections Log" In- or Outbound for blocked connections.

    However: it seems that you have not the right setup for something on your windows system(s) - in and/or outbound. Ev you must activate/allow a windows service and/or a RPC (Rempte Procedure Call) (if you must have this) or or or ... on your win machine(s) ...

    HTH & greetings,
    Alpengreis
     
  4. MrElectrifyer

    MrElectrifyer Registered Member

    Joined:
    Jul 24, 2012
    Posts:
    177
    Location:
    Canada
    Hmmm, sounds like a program that requires both inbound AND outbound connections in order to work. I would suggest you duplicate your already created rules and edit the following properties of each and everyone of them:

    Remote Address - Change this to the "Custom Addresses" option and type "LocalSubnet" into the custom address text box.
    Direction - Change this to the "Inbound" option.​

    Now reattempt using the program, it should work now. If it doesn't, then you most likely have some other generic block rule that's blocking connections from the application.

    HTH
     
  5. silver0066

    silver0066 Registered Member

    Joined:
    Dec 31, 2004
    Posts:
    990
    Where is the WFC connections log? Do you mean the Rules panel?
     
  6. MrElectrifyer

    MrElectrifyer Registered Member

    Joined:
    Jul 24, 2012
    Posts:
    177
    Location:
    Canada
    Yes, it's in the Rules Panel.
    WFC Connections Log.png
     
  7. Donny

    Donny Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    12
    Have been using WFC 4.1.6.0 on 3 production machines with a clean install, on Medium Filtering - on 2 of the secondary machines, Secure Boot has been locking the setting on High Filtering at restart, and then failing to restore the filtering status back to Medium Filtering.

    Was not too concerned about the above issue as long as it was working as advertised on my prime machine. However, last night - the problem occurred on my prime machine, too.

    I noticed that the Secure Boot issue is 100% reproducible when WFC is password-protected.
     
  8. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,097
    Location:
    Romania
    Thank you for reporting this. I will investigate this scenario too. Please keep Secure Boot disabled until the next version is out. I am already working on a new version. It seems that Secure Boot does not work on certain scenarios and is currently under refactoring and testing.
     
  9. silver0066

    silver0066 Registered Member

    Joined:
    Dec 31, 2004
    Posts:
    990
    MrElectrifyer

    Thanks. The duplicate trick worked by changing to Inbound.

    Silver
     
  10. I have had same issue on dualboot Windows 7 Pro x86 and x64 machine. On x64 at startup WFC was immediately in High Filtering and would not change to Medium even when I repeatedly selected Medium and the Tray Icon was showing the green tick the internet was still completely blocked for all programs.
    I ended up uninstalling WFC from the x64, deleted leftover folders and files, reinstalled 4160, reset Rules to default Windows, WFC is working normally at the moment. Am yet to uninstall from the x86.

    2nd problem I've had on both Win 7 OSs is that Torch Browser (a Chrome based alternative) couldn't get internet even with WFC permissions for Torch all set to ALLOW, yet Internet Explorer worked ok, though very very slowly and multiple tabs constantly failing to load after 30 or 40 seconds. When I disabled WFC, Torch loaded pages very slowly with multiple tabs still failing to load, but when I uninstalled WFC completely Torch Browser loaded all 18 tabs IMMEDIATELY (within 2 or 3 seconds on Cable internet).
    After I reinstalled WFC 4160 on the x64 and reset default windows Firewall settings Torch is working again quickly loading pages, but half the tabs still fail to load and I don't know why. This only started couple of days ago now so I can't figure out what might have changed.

    3rd problem I noticed on both x86 and x64 is WFC RAM usage started increasing and machine slower than 'nomal' maybe 2 or so days ago. I don't know why, but reinstalling WFC on x64 has fixed that, will reinstall on x86 and see if that fixes problems too.
     
    Last edited by a moderator: Nov 13, 2014
  11. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,097
    Location:
    Romania
    Windows Firewall Control v.4.2.0.0

    What's new:
    - New: The profile displayed in WFC is updated now even if the user changes the settings from outside of WFC (e.g.: Control Panel applet, netsh or WFwAS mmc).
    - New: The restore profile set in the Profiles tab is reverted now even if the state of Windows Firewall is modified from outside of WFC.
    - New: Added a new confirmation dialog when the user switches from Main Panel to No Filtering profile.
    - New: The tray icon will display a balloon tip if the profile is High Filtering at program start-up to inform the user that the network connections are disabled until profile is manually switched.
    - Updated: Secure Boot was changed to only set High Filtering on system shutdown when it is enabled. From now on, the user has to switch manually the profile at system start-up if this option is enabled in order to enable network connections. The old implementation had very unpredictable results and did not work always correctly.
    - Updated: The logging was updated to provide more detailed messages.
    - Updated: Event Viewer launched from the Tools tab will open by default the WFC subcategory.
    - Removed: The confirmation dialog that is displayed when a new rule is created was removed. From this version, the confirmation dialog is displayed only when a new rule is created from shell context menu.
    - Fixed: High Filtering profile can not be switched off in certain circumstances and "Core Networking - Block all inbound/outbound connections" rules can not be removed.
    - Fixed: Temporary Rules are not deleted at WFC restart if Secure Boot is enabled and the computer is restarted.
    - Fixed: Last used path is not remembered when exporting a partial policy file.
    - Fixed: The toolbox horizontal size is not saved when Rules Panel window is closed.
    - Fixed: Multiple rules can be merged even if the selected rules are defined for different protocols. This is not allowed anymore.
    - Fixed: Properties dialog of a rule does not appear in the taskbar and if the dialog is minimized, the user can't close Rules Manager from taskbar context menu.
    - Fixed: When viewing inbound connections in Connections Log, if the user wants to quickly create a new rule without customizing it, the rule is created for outbound direction instead of inbound.
    - Fixed: Uninstall dialog appears in taskbar but the dialog is not focused and the user has to activate the window manually in order to see it.

    Translation strings:

    - Removed

    019 = New rules were successfully created to allow connections for
    020 = New rules were successfully created to block connections for

    - New
    042 = Are you sure you want to disable Windows Firewall protection?
    043 = Do not show again
    321 = High Filtering profile is enabled. All network connections are blocked until the profile is switched manually.

    - Updated
    320 = Automatically set High Filtering profile on system shut down.

    Installation notes: Just use the new installer to update to this new version.

    Other info:
    Regarding Secure Boot, it seems that depending on the speed of the machine where WFC is installed it may or may not finish the shut down steps that are done by WFC. Unfortunately, the shut down event is not the proper one to execute the required logic because there is not enough time and I can't delay the system shut down process. I tried several variants and always a lot of unpredictable events appeared. So, for now, Secure Boot just sets High Filtering profile at shut down if it is enabled. The users that have problems with start-up programs that create new rules at boot time, must first check the rules list and then switch manually to another filtering profile. Or avoid such programs. This is the best working solution for the moment.

    Download location: http://binisoft.org/download/wfc4setup.exe
    SHA1: e070e2cb76ee36b62639be8026e7ecdbccc663a9

    Have a great weekend,
    Alexandru
     
  12. Donny

    Donny Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    12
    Hi Alex!

    At the outset - a big thank you for bringing all these awesome enhancements to the community (that's a mighty changelog - wow.)


    This is the part that is most saddening.

    BTW, have been fiddling with my WFC and realized that the Secure Boot fails to restore my profile automatically from High Filtering to Medium Filtering when the WFC GUI is disabled from starting-up at user logon.

    Thought you might be interested in that little nugget.


    As already expressed, the loss in the automation of Secure Boot to be able to switch the profile from High Filtering to Medium Filtering is gonna be sorely missed.

    BTW, I had a thought - don't know how feasible it might sound to you.

    ATM, it is possible to automatically revert only a lower filtering profile to a higher filtering profile. However, since most of us follow your recommended Medium Filtering profile, hope you might find it worth while (and possible) to re-write WFC to be able to automatically revert even a higher filtering profile to at least Medium Filtering (not lower than that.)

    Do check out the following illustration for better clarity:--

    Filtering_Mitigation.png


    Please note - I am not suggesting that WFC should be permitted to automatically revert to either the Low Filtering or No Filtering profiles.

    Thanks again - have a rocking weekend.
     
    Last edited: Nov 17, 2014
  13. clubhouse1

    clubhouse1 Registered Member

    Joined:
    Sep 26, 2013
    Posts:
    1,124
    Location:
    UK
    Update all working fine and dandy here.
     
  14. NodboN

    NodboN Registered Member

    Joined:
    Nov 3, 2007
    Posts:
    139
    "Unlocking the state of Windows Firewall" and then enabling "Start automatically at user logon" solved the Secure Boot problem.

    I had uninstalled Windows Firewall Control due to the constant loss of internet access. Your report solved my problem. Thanks to you. :thumb:
     
  15. Great update Alexandrud.

    Reposting RE Torch Browser (Chrome-based) issues when WFC enabled:

    1. Multiple tabs fail to load with error "unable to connect to the internet", while one or two tabs load BUT:
    2. Successful tabs load very slowly, anywhere between 15 and 40 seconds if at all.
    3. When I disable WFC and restart Torch, all tabs load within just a few seconds, no failed tabs. WFC rules for Torch all set to ALLOW.

    Perhaps the error can't be reproduced on other systems, I don't know. I have temporarily moved to Waterfox, the 64-bit browser built on the Firefox engine. 10 tabs load within 1 or 2 seconds. I'll check back on Torch's performance here and there. It would be great to get it working due to specific addons unique to Torch/Chrome, but unless my Torch issue becomes an experience for other users here I can only ask for some general advice to help Torch work better.
     
  16. Paranoid Eye

    Paranoid Eye Registered Member

    Joined:
    Dec 15, 2013
    Posts:
    175
    Location:
    io
    Does this windows firewall control simply interface with windows 7/8 existing firewall then?
     
  17. Broadway

    Broadway Registered Member

    Joined:
    Aug 16, 2011
    Posts:
    211
    WFC is a frontend/GUI for the built in Win7/8 firewall!
     
  18. Paranoid Eye

    Paranoid Eye Registered Member

    Joined:
    Dec 15, 2013
    Posts:
    175
    Location:
    io
    thanks may give it a bash :)
     
  19. Circuit

    Circuit Registered Member

    Joined:
    Oct 7, 2014
    Posts:
    939
    Location:
    Land o fruits and nuts, and more crime.
    High filtering, does this mean all connections block, or some?
    Last time I used WFC4 in advance settings it showed some connections where allowed, when in "High Filtering"
    Could you clarify?
     
  20. MrElectrifyer

    MrElectrifyer Registered Member

    Joined:
    Jul 24, 2012
    Posts:
    177
    Location:
    Canada
    Awesome update, like most of the new features. Also noticed something different that wasn't mentioned; newly created rules (through the notification dialog) didn't have the "Windows Firewall Control" group name, they were blank. Is this intentional?

    Yes it means all connections are blocked (both outbound AND inbound connections). When you enable high filtering and you open the rules panel, you'll see two new "Core Networking - Block all xxx connections" block rules at the top of the list (as shown in the attached image). Block rules have a higher precedence over allow rules, so, there's no need to change the other allow rules, everything will be blocked.

    WFC Block Rules.png
     
  21. Circuit

    Circuit Registered Member

    Joined:
    Oct 7, 2014
    Posts:
    939
    Location:
    Land o fruits and nuts, and more crime.
    Yes I see two new "Core Networking - Block all xxx connections"
    But I see this allowed connection when suppose to be in "High Filtering" after re-booting. :confused:
    Thanks.
    Also this on the second re-boot.
     

    Attached Files:

    Last edited: Nov 17, 2014
  22. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    554
    Location:
    Switzerland
    This is your IPv6 Local Loopback address. Windows Firewall cannot block loopback connections.

    Edit: "IPv6" added ...
     
    Last edited: Nov 18, 2014
  23. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,097
    Location:
    Romania
    This was on purpose. The logic to restore the profile was set at WFC GUI start-up not at the service start-up. But this is different now.

    Not a good idea. At boot time, some Windows services may start before WFC service and they can add new unwanted rules (Windows services have enough privileges for this). When WFC service starts, these unwanted rules can not be recognized and deleted so they are treated as authorized rules. At this point, if WFC automatically switches to Medium Filtering profile then the connections allowed by those unwanted rules will be allowed. Then, there is no point in switching to High Filtering profile anymore, because it will be useless.

    With the old implementation, a full policy was saved at shut down, so it didn't matter how many unwanted rules were added at boot time because when WFC GUI was started, a full import was done with the rules saved at previous shut down. Unfortunately, this didn't work always.
    This problem is not related to WFC. Because WFC doesn't do any packet filtering, it can't slow down your connection, allow or block connections. When you disable WFC you actually disable Windows Firewall filtering. This means that all connections are allowed. When WFC is enabled, Windows Firewall filtering is on and Windows Firewall does the work.
    No. It is a small bug. I forgot to set the group. It will be fixed in the next version.
     
  24. Thanks for responding Alexandrud mate. The issue only happens when WFC is installed. Torch functions lightning fast when I uninstall WFC. I restored windows firewall rules in WFC numerous times but the issue continued only when WFC was installed, and stopped when I uninstalled WFC. Perhaps it's simply a random anomaly. Nonetheless I see I'm going to be unable to gain advice here so I'll just put up with it as long as I can. Thanks again for responding :)
     
  25. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    554
    Location:
    Switzerland
    @eamusic

    Alexandrud means:

    If your "before-state" was without active Windows Firewall, then after install WFC, Windows Firewall becomes active and is responsible for this behaviour, not WFC itself (WFC is only a GUI for Windows Firewall).

    If you deinstall WFC and restore your previous state without active Windows Firewall, then Windows Firewall does not block anything - and you have not this behaviour with your program.

    HTH,
    Alpengreis
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.