Windows Firewall Control (WFC) by BiniSoft.org

Discussion in 'other firewalls' started by alexandrud, May 20, 2013.

  1. Jack8

    Jack8 Registered Member

    Joined:
    Jan 5, 2015
    Posts:
    17
    so, in ur program u use the auditpol logging. I can check that with:
    auditpol.exe /get /category:*
    The auditpol policy changes accordingly to the Log connections settings in WFC. So my question here: Is this logging in any way connected to the logging from the firewall itself, namely the pfirewall.log?
     
  2. Jack8

    Jack8 Registered Member

    Joined:
    Jan 5, 2015
    Posts:
    17
    well, the logging seems to be from the auditpol. I can check this by the command:
    auditpol.exe /get /category:*
    Does that mean i can turn off the windows firewall logging itself, namely the pfirewall.log? I ask because maybe this conflict sometimes.
     
  3. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,780
    Location:
    Romania
    This is how it looks on my computer. This log is not used by WFC. Have you enabled in this dialog to use pfirewall.log ?

    Only the Security log is used, which indeed, is configured through auditpol.exe.

    upload_2015-2-10_16-17-39.png
     
  4. Jack8

    Jack8 Registered Member

    Joined:
    Jan 5, 2015
    Posts:
    17
    Ok, could be the reason. I have 'Log dropped packets' enabled on all profiles in Windows Firewall itself. Will turn this off now, since there is no reason to log it twice. I will come back with feedback after testing this for a while.
    Thank You very much for ur instantly help!
     
  5. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    469
    Location:
    Switzerland
    @alexandrud

    Maybe as an easy workaround it could be make an auto-refresh after create/change a rule?


    Two further strings should be corrected in the german-translation-file:

    Now ...
    022 = Teilweise Einstellungen wurden erfolgreich importiert von
    023 = Teilweise Einstellungen wurden erfolgreich exportiert nach

    New ...
    022 = Ausgewählte Regeln wurden erfolgreich importiert von
    023 = Ausgewählte Regeln wurden erfolgreich exportiert nach

    So, it's the same name as in Menu-structure and this translation is already good and right ("Einstellungen" means "Preferences" which is not correct at this point "Regeln" are "Rules" which is correct).

    Greetings,
    Alpengreis

    PS: Alexandru, you could give me the E-Mail-Address from Udo, if this is desired and okay, so I could send him the corrected file (for ev. further changes too) ...
     
  6. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,780
    Location:
    Romania
    I will make sure that the changes are really applied before updating the row in Manage Rules. Regarding the translation file, if you have a corrected file with some changes, just send it to me and I will upload it on the website. It takes to much time for me to manually edit each translation file.
     
  7. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    469
    Location:
    Switzerland
    That's good.
     
  8. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    11,879
    Location:
    The Netherlands
    I've installed the newest version and it seems to be faster indeed. Sadly enough I still have the problem with rule making from the context menu. If I make rules with the icons (in main window) then everything is OK, but when I use the context menu then WFC gives an error, but only if the apps are stored in "C:\Sandbox". Another thing what bugs me is that WFC does not remember the size of the main window anymore, perhaps you can fix this.
     
  9. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,780
    Location:
    Romania
    This is really odd, because the same method is used to add a new rule. Can you post a screenshot with the error that you receive ? Regarding the size of the main window, it is saved as it was in the past and works correctly. Try to launch wfc -reset in the Run dialog to clear user defined variables.
     
  10. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    11,879
    Location:
    The Netherlands
    Yes, it doesn't make any sense whatsoever, what happens is that WFC displays a second icon in the tray with the "!" sign, and it's saying that it can't communicate with the WFC service. You can close the icon, and WFC will keep running, but the rule hasn't been made. About the WFC window size and position, I can't fix it, so I will reinstall one more time.
     
  11. Jack8

    Jack8 Registered Member

    Joined:
    Jan 5, 2015
    Posts:
    17
    Hi alexandrud,
    first notifications and logging works flawlessly now, no problems anymore.:)
    Another question: what is the reason WFC tries to connect to 178.255.83.1 and 178.255.83.2 ?
    I have WFC allready allowed to: 23.51.117.163,23.51.123.27,50.87.146.202 .
     
  12. marzametal

    marzametal Registered Member

    Joined:
    Mar 19, 2014
    Posts:
    766
    Scrap those IP addresses, that is Windows trying to take over the update process. The only IP that should be allowed through for WFC updating is this one "50.87.146.202". That goes straight to Binisoft for updating, rather than relying on Content Delivery Networks used by Microsoft.
     
  13. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    11,879
    Location:
    The Netherlands
    @ alexandrud

    I would like to apologize for being so incredibly stupid. I just found out what is causing the problem, I should have figured this out long ago. But anyway, it turns out that when you use the WFC context menu from inside a folder that's under control of Sandboxie, it will start up "wfc.exe" inside the virtual container, so that's why it can't communicate with the WFC service, and the rule isn't made. So I need to figure out how to make Sandboxie ignore WFC, WFC should run unrestricted.
     
  14. Stukalide

    Stukalide Registered Member

    Joined:
    Jul 12, 2013
    Posts:
    37
    Feature request, if possible:

    Could you add the ability to restore the information in a popup's textboxes? For example, after clicking to clear a textbox, it'd be great if we could click it again to restore the initial value, like an IP address or port, etc. Sometimes I accidentally mis-click on which box I want to clear, and sometimes I change my mind before adding the rule.

    Also, I know we've talked about it before, but it would be most awesome if we could get the ability to use wildcards in IP ranges, e.g. 192.168.*.1 -- I know Windows Firewall doesn't work like that, but it'd be great if WFC could do the simple translation to the proper format -- it's so much simpler and user-friendly to be able to block IP ranges this way.
     
  15. Allen L.

    Allen L. Registered Member

    Joined:
    Sep 1, 2004
    Posts:
    335
    Location:
    -Close-
    You know...we can keep at it until this application created by alexandrud can end up with 1,500,000 exceptions and be so damn overwritten to end up being too difficult for most - and heaven forbit - HUGE.

    Why don't we give him (alexandrud) a break...he has done a fantastic job and he will KISS {Keep it simple stupid}, if we let him. It is good to correct obvious errors and necessary corrections...but really, this is getting to be an obsession with some.

    Lets try to go back and admire Windows Firewall Control just as we admire our imaging application Snapshot - and wow, that author doesn't even explain his corrections (he knows better) and we go along with it in admiration. Why not the same with alexandrud & this creation.

    Allen
     
  16. galileo

    galileo Registered Member

    Joined:
    Dec 10, 2005
    Posts:
    70
    @Allen L.

    ...this x 1024...

    Absolutely on target !
     
  17. jwcca

    jwcca Registered Member

    Joined:
    Dec 6, 2003
    Posts:
    769
    Location:
    Toronto
    I'll raise you 2048 :)
     
  18. safeguy

    safeguy Registered Member

    Joined:
    Jun 14, 2010
    Posts:
    1,787
  19. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,780
    Location:
    Romania
    Because the users have complained in the past that the UAC window for WFC displays the Publisher as Unknown, I have used a digitally self signed certificate. This certificate was installed in the past at WFC installation with the purpose of displaying BiniSoft.org as Publisher in the UAC prompt. I have removed the installation of a digitally self signed certificate in WFC version 4.0.2.2 which was released on 09.10.2013. That certificate can be deleted as it is not used anymore.
     
  20. Louis Loser

    Louis Loser Registered Member

    Joined:
    Feb 26, 2015
    Posts:
    1
    Hi everyone,

    I'm pretty new to firewall business and I'd like to gain deeper understanding of how things work. My starting point is quite simple: I want to create a rule that blocks all traffic (not just internet!!) except for internal traffic to an from LAN-adresses. Simple enough, isn't it?

    So my first thought was to block access to my default gateway. I created a rule accordingly (all protocols, all ports, all local addresses, remote address gateways' ip) but it didn't work out. Internet still working. If, however, I create an additional rule, blocking access to my DNS-Server, which is not located in LAN, Internet stops working, as intended. Has anyone an idea why it's not sufficient to block access to the gateway, as DNS-requests to DNS-Servers must use the gatway?

    Any help appreciated,
    lloser
     
  21. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,780
    Location:
    Romania
    1. Restore the default set of rules to make sure that you don't have an allow all rule which allows all traffic for all programs.
    2. Switch to Medium Filtering profile to enable Windows Firewall outbound filtering.

    You will be able to access your local network only. If you have specific programs that you would like to connect also to the local network, then you must create a new rule for each of these programs.
     
  22. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,780
    Location:
    Romania
    Windows Firewall Control v.4.4.0.1 - Quick fix

    What's new:
    - Fixed: When using Low notification level, the rules are not automatically created for digitally signed programs.
    - Fixed: When modifying the Properties of a rule, if the input parameters are not accepted by Windows Firewall, then it should not appear as modified in Manage Rules window after closing the Properties dialog. The rule should appear with the original values.
    - Fixed: The recommended rule for Windows Update uses UDP protocol instead of TCP.

    Installation notes: Use the new installer to update to this new version or use the auto check for updates feature.

    Download location: http://binisoft.org/download/wfc4setup.exe
    SHA1: 6af555e99a583441a1ff55f640f62e75152d3a2e (Update)

    Please share your feedback.
    Have a great weekend,
    Alexandru
     
    Last edited: Feb 27, 2015
  23. Kob

    Kob Registered Member

    Joined:
    Dec 13, 2011
    Posts:
    39
    I get SHA1 of 6af555e99a583441a1ff55f640f62e75152d3a2e for the downloaded V.4.4.0.1. Please advise.
     
  24. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,780
    Location:
    Romania
    The initial SHA1 was copy/pasted from my previous post for version 4.4.0.0. I updated my post. 6af555e99a583441a1ff55f640f62e75152d3a2e is correct.
     
  25. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    469
    Location:
    Switzerland
    A note about my german language file and the abbreviations:

    See the abbreviations as temporary solution. The reason is: the field in the notification window is not large enough (yet) (it has nothing to do with the notification windows width itself, which can changed in registry). I have Alexandru informed about this and hopefully we have a solution soon. Until then, we have to live with it, even if it looks ugly in the rule management window.

    [de]
    Seht die Abkürzungen als temporäre Lösung. Der Grund dafür ist: das Feld im Nachrichten-Fenster ist zuwenig breit (noch) (es hat nichts mit der Gesamtbreite des Nachrichten-Fensters zu tun, welche in der Registry geändert werden kann). Ich habe Alexandru informiert darüber und wir haben hoffentlich bald eine Lösung. Bis dahin müssen wir damit leben, auch wenn das im Regelverwaltungs-Fenster unschön aussieht.

    Greetings,
    Alpengreis
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.