Windows Firewall Control (WFC) by BiniSoft.org

Discussion in 'other firewalls' started by alexandrud, May 20, 2013.

  1. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,838
    Thank you Alexandru for the new release, great job
     
  2. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    554
    Location:
    Switzerland
    @alexandrud

    1) The most important thing (for me/all) the notification part, is works now as desired - it was not the case in the latest beta (generic rule problem) - however, NOW it's perfect!

    2) IPHTTPS duplicates are now correct!

    3) About the "Defer-to-user" thing: I sent you a mail about this.

    Thank you very much for work!

    Alpengreis

    PS: The DE-translation is in work ... EDIT: and now on the way to binisoft.org
     
    Last edited: Apr 29, 2015
  3. Daniel Fortes

    Daniel Fortes Registered Member

    Joined:
    Jan 23, 2015
    Posts:
    10
    Thanks for the new update :thumb:
    Language file sent
     
  4. Broadway

    Broadway Registered Member

    Joined:
    Aug 16, 2011
    Posts:
    211
    Thank you, great update! Notification system has returned to be intuitive again! :)

    Just a little notice regarding string 223: The wording is still a bit confusing, because it is not said what happens or what does not happen - as you did in 224 and 225.
    Why not add a hint, that when a matching "allow rule" is found, no notification will be displayed.
    (If I understand that correctly of course).

    I had to read 224 and 225 to understand 223 - but maybe it's just me...
     
  5. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,097
    Location:
    Romania
    I will update the strings to be more explanatory. This was the last thing to think about. I wrote there what came to my mind in the first place. :)
     
  6. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    554
    Location:
    Switzerland
    Yes, very true - this was SO important :thumb:
     
  7. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,097
    Location:
    Romania
    I have installed Windows 10 build 10061 and it seems that they have introduced a bug in this build. Even if WFC sets the auditpol to log Filtering Platform Connections, the operating system does not log anymore the corresponding events. For this reason, the notifications don't work on this build and the Connections Log is empty. The problem is that the operating system does not log at all the Windows Firewall activity. The Security log remains empty. It works with the build 9926. Probably they will fix this in the future. The IDs remained the same so it should work again in the future if Microsoft fixes this problem. There is no fix for this on WFC side. Let's not forget that Windows 10 is still in development and many things don't work yet.
     
  8. vvardja

    vvardja Registered Member

    Joined:
    Apr 27, 2015
    Posts:
    2
    Regarding Windows 10:
    Since my first report, I have upgraded to build 10074 and I'm happy to report that WFC is working correctly again: logs are being populated, and WFC is seeing and reacting to programs which are trying to establish connections.
     
  9. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,097
    Location:
    Romania
    Thank you for your report. I will install this new build too. Thank you for sharing.
     
  10. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,037
    Location:
    Mexico
    How to backup settings in WFC? In case I want to format re-install?
     
  11. Rob99

    Rob99 Registered Member

    Joined:
    May 4, 2015
    Posts:
    5
    Yesterday I bought the license (donation to be exact :) and I'm really enjoy using this software. I hope that Microsoft cares about security and his product is worth using. I read that even F-secure use build-in MS firewall and doesn't bother creating a new one.
    Anyway, I have a little suggestion to the Maintainer: it's nice to see RGB components that can be changed, but if I could type beside the zipper the exact values I would be in seventh heaven :).
     
  12. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,600
    Location:
    South Wales, UK
    Hi Rob

    Good move...I did so quite a while ago and have never regretted it.

    As for the Windows Firewall...it is tough and acknowledged to be basic but very strong. And by the way...Webroot also use it...they only provide an outbound firewall in SecureAnywhere relaying on the Windows Firewall for inbound protection.

    Regards, Baldrick
     
  13. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    554
    Location:
    Switzerland
    [SNIP]
    You should be able to do this via related RegKey (attention, you are responsible for this, not I :) ...):

    1) Quit WFC (via Tray)

    2) Search for Key ...

    HKEY_CURRENT_USER\Software\BiniSoft.org\Windows Firewall Control\UserColor

    ... and change the value after #FF ... Hint: you can pick one for ex. on the following page ...

    http://www.color-hex.com/

    3) Restart WFC

    Alpengreis
     
  14. jwcca

    jwcca Registered Member

    Joined:
    Dec 6, 2003
    Posts:
    772
    Location:
    Toronto
    and perhaps also have a [Default colors] button to save folks that play around and can't get back...whether they use the sliders or absolutes per your suggestion or the registry settings suggested in the post by Alpengris.
     
  15. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    554
    Location:
    Switzerland
    @alexandrud / All

    I try to summarize the suggestions PLUS some from me.

    1) The RGB-thing (suggestions from Rob99 & jwcca)
    Yeah, why not make it easier with the RGB. It not sooo important of course as the technical things.

    But, if it's easy to program, then +1 for both suggestions from Rob99 (exact values for the zippers) and jwcca (Reset-to-default-Color-Button).


    2) Notification-Windows resizable without need to change the RegKey (suggestion from me)
    Also this could be easier. A larger window is important to make it fit for other languages.


    3) Ex- and Import the Preferences (suggestion from Mister X)
    A short Dialog for Ex- resp. import of the Preferences should be enough. If it's possible, it should also save the Columns (activated or not) from Rule Manager etc.


    4) Column Preferences (suggestion based on Sm3K3R, customized from me)

    The direct suggestion ...
    "Alexandru, can you add those options to select the columns shown, on the right of the page, under the other options, ?!" ...
    from Sm3K3R is maybe (IMHO) a little to much.

    But this ...
    "Maybe A HINT such as "Press right mouse key on a column title to configure colums" or easier "'Icon for right mouse key' + the related text" or something like that could be make sense (on the right side) for Connection Protocol & Rule Manager (not possible for the Rule Assistent) ..."
    from me COULD be make sense. Alternative at least as tool tip for mouse over a column title.


    5) Show invalid rules direct in Rule Manager (suggestion from me)

    Instead to have a special screen to display invalid rules, it could be senseful, to display such rules direct in the Rule Manager Window - with special colours (for ex. yellow (or definable) background colour). Ev. as OPTIONAL function only, because loading time - but could replace the extra function (window).

    Most important advantage (if activated): if a program (update) has another path (or even EXE-name), it would be clear immediately, that an "exist" rule is now invalid. Then the User can change the rule to the new path (OR EXE-name), and it's OK - instead of create a new rule through Notification - and leaves the invalid "for ever".


    6) Translated Install/Uninstall Dialogues (suggestion from me)

    I don't know, if this is basically possible (the strings are not in the normal language file).


    And as always: these are suggestions and not commands. And it should be possible to integrate these as option. AND the most important: the developer was (and IS hopefully) open for suggestions and have of course the last word! Last but not least: all opinions are welcome (as ever), if they are in a normal tone ...

    Alpengreis
     
    Last edited: May 5, 2015
  16. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,037
    Location:
    Mexico
  17. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,097
    Location:
    Romania
    I will think about all these requests. Thank you for your feedback.
    1 and 3 Yes
    2 No. The notification dialog must be fixed size to be able to set the default location on top of the taskbar in the right corner. If I make this dialog resizable then I can't do this anymore.
    4 Maybe
    5 No, because this feature needs to find if the files exist on the disk. It is not a good idea to introduce this kind of delay at each load of the Manage Rules window.
    6 Already exists for the uninstall dialog. For the installer is a bit harder without integrating the language files directly into the setup. And because not all files are always up to date because I receive the translation files from the users, the installer will remain in English.
     
  18. Abdallah

    Abdallah Registered Member

    Joined:
    Oct 28, 2013
    Posts:
    124
    Location:
    N/A
    Alexandrud, can you implement a way to view connection logs in real time (even blocked connections) ?

    I think it will be a good feature when you have a big list of rules and you don't know what blocked what !

    Abdullah
     
    Last edited: May 13, 2015
  19. Rob99

    Rob99 Registered Member

    Joined:
    May 4, 2015
    Posts:
    5
    If I decided to use WFC on my second computer (laptop) should I buy another license?
     
  20. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,097
    Location:
    Romania
    This is not possible because WFC doesn't do any packet filtering. The connections displayed currently in Connections Log are filtered and extracted from the Security log of the operating system. Without inspecting network packets, WFC can't display these connections in real time.
    Benefits of becoming a registered user

    √ You will get priority support via email.
    √ You will unlock all the features from all of our programs, so that you can use them at their full potential.
    √ You will receive unrestricted access to My Account area.
    √ You can activate our products on all PC's from your home, for unlimited times. This is a lifetime license.
    √ You will be registered user for all future versions of our programs.
    √ You will never receive emails regarding eventual upgrades, patches releases, special offers and so on.
    √ You will support us to continue the improvement of our programs.


    Source: http://www.binisoft.org/donate.php
     
  21. Rob99

    Rob99 Registered Member

    Joined:
    May 4, 2015
    Posts:
    5
    I'm chuffed to bits.
     
  22. tralston

    tralston Registered Member

    Joined:
    May 18, 2015
    Posts:
    4
    Hi,

    I've been using WFC and I love it. Great job.

    A problem I've been having regarding Remote Desktop connecting from a server to a client computer, both with WFC installed. I've verified multiple times that there are no rules blocking port 3389 on either computer, and I know it's WFC because when I turn the filter off completely (on the client) the requests come through. Then I turn it on to Medium, and look at the blocked connections log, and there are a few entries for "System (PID 4)" on port 3389, TCP, that are blocked. I've even right clicked the blocked entry, and generalized it by saying any remote port (but 3389 local), TCP, all locations and allowed it. So there it is in my list of allowed rules, but it's not letting it through.

    I fail to connect from the server. I try to telnet the client on port 3389 it doesn't work. I've even added a rule allowing all programs access on that port (I know not safe, but for troubleshooting) and it still didn't let it through.

    This also happens with a few other system ports (mostly System and svchost.exe). Please help!
     
  23. Abdallah

    Abdallah Registered Member

    Joined:
    Oct 28, 2013
    Posts:
    124
    Location:
    N/A
    This week, I tried to update windows , as usual for me I put WFC to no filtering, but when I tried to put it again to medium (while updates still installing -not downloading- ) it keep changing to high , exit WFC , open it again without any good result , I remember also that I tried no filtering while this situation occured and it changed to it without any problem , the problem was only on medium filtering as I remember..

    After reboot everything is ok I think

    PS: The first time when I changed the profile from no filtering to medium I noticed some notifications about ITunes attempts , after I select my choice the problem with auto high filtering occured !

    Abdullah
     
  24. marzametal

    marzametal Registered Member

    Joined:
    Mar 19, 2014
    Posts:
    766
    You can leave filtering as default, what it was... just create a rule for svchost.exe and attach it to the Windows Update service, outbound only on TCP 80 and 443... disable the rule when not running update, and enable when running. That way, you don't compromise your original setup.
     
  25. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,097
    Location:
    Romania
    Regarding this, first I have enabled remote desktop access:

    upload_2015-5-18_14-9-2.png

    This created 3 new rules:

    upload_2015-5-18_14-9-37.png

    Now, I can connect remotely from another computer. Do you have these 3 rules ? Notice that they are inbound rules because you connect from outside.

    Does this help ?
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.