Windows Firewall Control (WFC) by BiniSoft.org

Discussion in 'other firewalls' started by alexandrud, May 20, 2013.

  1. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,097
    Location:
    Romania
    1. What HMP A does mean ? Is this an antivirus ? Try to add wfc.exe in the white list of it.
    2. If you kill wfc.exe from Task Manager and launch it again, does it work ?
    3. The WFC icon from the system tray area contains an exclamation mark or does it show the profile ?
    4. What do you mean by "annoying delay in internet availability at start up but then I get that with Advanced Settings used in the naked WF at times as well". While you have WFC enabled your network initialization takes longer ? Even if you use Low Filtering profile ?
    5. Was the operating system installed from scratch or was it updated from a previous version of Windows ?
     
  2. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,104
    Location:
    USA
    HMP.A is HitmanPro Alert, which is a security app for exploit mitigation, etc. See here:

    http://www.surfright.nl/en/alert

    I've been using it for a long time alongside WFC with no compatibility problems.
     
  3. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    554
    Location:
    Switzerland
    OK.

    All right! I was already a bit unsure to use the word BUG ;-) sorry about that! Makes sense and so it's WAD (works as desired).

    Thank you!
     
  4. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    554
    Location:
    Switzerland
    Because of the "frequently" existing problem with "COULD NOT CONNECT TO WFC SERVICE" (or similar text):

    I had this too right now again AFTER NEWEST WINDOWS UPDATES (Win 10 x64). I noticed the following ...

    - If I remember correctly, you change (while installing WFC) the order (start sequence) of SERVICES, right?

    If this is so, IT COULD BE that (for example) after Windows Update the sequence is changed.

    At least - I had this again RIGHT AFTER the Win Updates!

    The ugly thing is: it's not really reproducable. So I made a system restore and tried again: this time Windows Updates were not a problem!

    I know that is possible to set the WFC Service to DELAYED - I know even a "trick" to define a delay time for a Service- so probably this helps. The technique behind set a delay time for a Service is:

    Define a batch file with "net start "service name"" and start this batch via Task Scheduler.

    NEVERTHELESS: avoid this problem would be even better of course.

    IDEA: implementation of a job to change the start sequence for WFCS while booting or something like that COULD BE a solution.

    However: I know, the service order/sequence IS not an easy thing. I had problems with other services too. So it seems it's not easy to find a perfect timed setting for all.
     
  5. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    554
    Location:
    Switzerland
    I had a similar behaviour last night after Windows 10 Updates (see my other posting about problem to connect the WFC service (WFCS).

    I tried to deinstall WFC within my non-elevated Account. Was NOT possible! Not via "Programs and Fearures" and even not within an elevated prompt with "WFC -uninstall"!

    I had to login with my Admin Account (tried with "Programs and Fearures" only), then it was no problem.

    After reinstall of WFC it worked again - unfortunately not long! I had first the normal WFC Icon but after a change in language file and quit and restart of WFC, WFC becomes unresponsible (was frozen). Then after a reboot WFC could no more connect to WFC Service.
     
  6. Elwe Singollo

    Elwe Singollo Registered Member

    Joined:
    Oct 30, 2015
    Posts:
    114
    Thanks for taking the time to respond.

    1. As Victek says it's an anti-exploit tool with kelogging and crypto protection thrown in among other things.
    2. If you kill the process and restart the GUI remains unresponsive.
    3. No it doesn't. The icon shows the colour associated with profile (green in this case) set but nothing else.
    4. I get the yellow warning triangle on the wireless icon in the tray area advising no Internet access for around 10 seconds with WFC. Can't check if that happens at Low as I'm unable to adjust the level back to low.
    5. This is a clean win 10 install.

    Hopefully that helps.

    Regards
     
  7. Elwe Singollo

    Elwe Singollo Registered Member

    Joined:
    Oct 30, 2015
    Posts:
    114
    Thanks for confirming. I run as administrator anyway with UAC on max so no option for me to uninstall that way unfortunately.

    Best
     
  8. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,097
    Location:
    Romania
    I also installed yesterday Windows updates on my Windows 10 x64 machine and this did not affect WFC at all. Not even a restart. The order in which the operating system starts Windows services is not configurable.
    That black icon with exclamation mark is displayed when the GUI (wfc.exe) does not receive any response from the service (wfcs.exe). Also, wfc.exe checks the connection with the service every 10 seconds and if they are not in sync anymore, wfc.exe reconnects again.

    When the black icon is displayed, a service restart can bring WFC back alive. I also don't know why some services fail to initialize at Windows start-up. For example, on my machine, even if I have the start-up type to Automatic for SQL Server, the service does not start once in 10 reboots. Obviously, the log is clean and no error is logged.
    Standard user accounts can't install or uninstall WFC because administrative privileges are required to handle changes regarding the Windows services.
    2. If the GUI remains unresponsive, something is blocking it. I recall that I had one user which told me that he had to add the C:\Windows\Microsoft.NET folder into the exceptions list of his security suite in order to have .NET programs running. He had also the freezing system tray icon.Not sure if this applies to your case.
    3. If the icon does show the profile, then it can connect to the service which is good.

    Use this guide to manually uninstall WFC. Then you can reinstall it from scratch.
    http://www.binisoft.org/faq2.php#installation

    In the WFC log and Application log (Event Viewer) do you see any errors logged when you try to click on the WFC tray icon and it does not respond ?
     
    Last edited: Mar 11, 2016
  9. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    554
    Location:
    Switzerland
    As I said (please read my posting carefully), it's not really reproducable - so no wonder - I had also not the problem after system restore and after Win Updates! But it's a FACT that I had the problem at least the 2nd time right after Win Updates. Maybe you can't fix this, I know - I know also that Service starts are a difficult thing (as I said, I had (and have maybe) the problem with other services too. Unfortunately I'm wrong with the sequence of services ... so this is not possible (via normal service management), sad ... semi-auto it's possible, I had made some semi-auto starts for some services on my system with the "START" command, then you can define different delays for different services and let start it after boot (or login) - or something like that - via Task Scheduler.

    I know this of course! But after use "Programs and Features" I had a UAC Prompt first IF I remember correctly. However: as I said: tried even within ELEVATED prompt with wfc -uninstall - NO SUCCESS! So this IS a problem of WFC - at least it seems so!
     
    Last edited: Mar 11, 2016
  10. Shamshi Adad

    Shamshi Adad Registered Member

    Joined:
    Mar 16, 2016
    Posts:
    40
    Location:
    Eastern Shore of Maryland, USA
    Suggestion for Connection Log

    Column widths are not remembered after WFC4 restart. I adjust the column widths so I don't need the horizontal scroll bar, but after every pc startup I open the connection log and have to adjust all the columns again.

    I know it seems such a minor thing, but little things can still be a nuisance.
     
  11. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,097
    Location:
    Romania
    This is already implemented. These settings are saved/updated in Windows Registry each time the Rules Panel is closed from the X button. Check the screenshot below.
    1. When you close the Rules Panel window, if you check the highlighted settings in Windows Registry are they updated ?
    2. If you launch again the Connecctions Log, are these settings reloaded or the default values ? Try to delete these two keys manually and try again and see if it works.
    3. Do you have any security software that may prevent WFC to write to HKCU branch of Windows Registry ?
    upload_2016-3-18_19-59-7.png
     
  12. Sm3K3R

    Sm3K3R Registered Member

    Joined:
    Feb 29, 2008
    Posts:
    604
    Location:
    Wallachia
    I think some of the users that report problems use some custom security configurations , atypical security software.Never observed column bugs.
    On the other hand the last version i liked was 4.5.5.0, the newer ones gave me strange connectivity issues.I am not using the "asking" versions though.
    Is there a download place/archive where to access older versions in case we want to test/use older ?!
     
  13. Shamshi Adad

    Shamshi Adad Registered Member

    Joined:
    Mar 16, 2016
    Posts:
    40
    Location:
    Eastern Shore of Maryland, USA
    I just use Windows Defender, WFC4 and Malwarebytes Premium. I cut my teeth on the Commodore64 then Windows CE and so on with some side adventures with Linux. And I'm not scared to go in the registry. Since my first adventures on Linux I acquired the hobby of personal firewalls via ip-tables. That was so much fun but I hated Linux. So back to Windows 98, and all the free personal firewalls you could dream of.

    OK, the WFC4 Connection Log has 2 ways to access:
    1 Open Main Panel, click on Manage Rules, select Connection log
    2 Right Click on the Sys-Tray WFC4 icon and select Connection Log from the little menu; my 'preferred method' even if I want the rules list. I almost never need the Main Panel.

    If I open the Conn Log using Main Panel, Manage Rules, then Connection Log from the 'maximized' Manage Rules window I get the Conn Log, adjust the Column Widths I see the Reg Key values change to match my settings.

    Then, I 'Exit' the 'maximized' Conn Log Window and 'Exit' the Main Panel.

    When I go through the same process again to get to the 'maximized' Conn Log again the Column Widhts are reset to their default and the Reg Key has been changed to the default Column Width values.

    When I use the WFC4 Sys-tray icon menu to access the Conn Log 'directly'; I can adjust the column widths, exit the log the open the log again and it will maintain the column witdths I set. THe Reg key holds onto my Column width values.

    BUT, on a reboot or a shutdown and a new start the Column widths all go back to default.

    Thanks for listenin'.
     
  14. Shamshi Adad

    Shamshi Adad Registered Member

    Joined:
    Mar 16, 2016
    Posts:
    40
    Location:
    Eastern Shore of Maryland, USA
    Oooooops........... Major apologies for taking up your time. I just discovered That I DO NOT have the Column Width problems on my Surface Pro 2 Win10Pro X64 also using Windows Defender, WFC4 and Malwarebytes. My machine with the problem is also Win10Pro X64 a Lenovo ThinkPad Twist.

    Soooooooo...... I can't think of anything to check on for now. But, like I said, it's such a minor nuisance. But I'm retired so I like to lift the hood and turn a wrench now and then.

    Sorry folks.
     
  15. mi3mi2

    mi3mi2 Registered Member

    Joined:
    Mar 18, 2016
    Posts:
    19
    Would it be possible to have an option, to show the Managed Rules and Connnections Log windows stacked, for easier cross referencing?

    If negative, would it be possible to have an option in the Connections Log window, to show an additional column that indicates whether the program is subject to any set rules, namely Allow in, Allow out, Block in and Block out?

    If also negative, would it be possible to have an option in the Connections Log window, to hide all rule-abiding entries, so that only ruleless action logs are displayed?

    My custom sort order and column widths are not remembered. Registry settings remain static as such.
    ...LogColumnsSize 130'80'200'200'80'140'100'140'100'78
    ...RulesColumnsSize 300'100'300'120'100'70'70'80'140'100'140'100'78'110'120'120'120'120

    Guess WFC has difficulty writing to my Win 10 Pro x64 registry. What can I do?

    Thanks in advance!
     
  16. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    554
    Location:
    Switzerland
    Till now not, no. And the developer will highly probably not change this ...

    see also here ...

    www.wilderssecurity.com/threads/windows-firewall-control-4.347370/page-61#post-2476525

    I believe not that such connection problems are REALLY a problem of WFC, it's more a service problem or something like that. As I said, I know different such cases, NOT only with WFC ...

    Such things can be very annoying, I know - but can probably only be solved with effort on the part of the user.

    So, IMHO switch to older versions for daily use makes no sense (testing is another thing of course). However: a public download place for older versions is more contraproductive than useful.

    Have a nice weekend all!
     
  17. J4NY4R

    J4NY4R Registered Member

    Joined:
    Jul 28, 2014
    Posts:
    16
    Location:
    Iran
    The purpose is to block a program to access internet except one IP address. My steps:
    1. Choosing profile "Medium Filtering" and selecting notification level as "High"
    2. Defining a rule to allow the program to access one certain IP.
    It's already Ok but there are some notifications for other unwanted IPs, so one more step:
    3. Defining a rule to block the program to access the internet completely.
    But now access to that certain IP is blocked too. The program completely is blocked.
    Is it a bug? Or how is it possible to do it?
     
  18. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,097
    Location:
    Romania
    Here is the download URL: www.binisoft.org/download/old/4550/wfc4setup.exe
    However, I always recommend to use the latest version. The connectivity issues that you mentioned probably have nothing to do with the latest changes.
    Both ways to access the Connections Log go through the same code. Different behavior is not from WFC code. The default values are restored only if the saved values are not in the correct format, but the format is also saved by WFC.
    1. The column widths are saved and restored correctly for Manage Rules ?
    2. Do you have this problem only for Connections Log ?
    3. Please post here a screenshot with the values that WFC is saving for LogCollumnsSize after you close the window. The ones that you say that are automatically reverted to the default ones on the next opening of Connections Log.
    It would be possible only if I make 2 different windows. Both windows will appear then in Taskbar and they can be stacked on Desktop lie any windows. With the current implementation, is not possible. If more users will vote for this change, then I will change it.
    If you right click on a connection from Connections Log, you will see there a menu item called Jump to rules. This is enabled if there is at least one rule defined for that program in Manage Rules, if not, then this menu item will be disabled. However, to have this working you must first open Manage Rules to load the rules, otherwise that menu item will be always disabled.
    No.
    The sorting is not remembered. Only the widths and the order of the columns is saved. Please post your custom saved values after you close the window like in the screenshot below:
    upload_2016-3-20_12-2-36.png
    Block rules have higher precedence than allow rules in Windows Firewall. This means if one block rule matches the same connections as the allow rule, then the block rule will be applied. Try to define a block rule with two IP ranges. Let's say you want to allow a program to access only 80.10.10.10. Define a block rule with the remote IP addresses like this: 1.1.1.1-80.10.10.9,80.80.10.11-255.255.255.255. Your first IP is not blocked by this rule and you will not receive duplicate notifications for this program.
     
    Last edited: Mar 20, 2016
  19. J4NY4R

    J4NY4R Registered Member

    Joined:
    Jul 28, 2014
    Posts:
    16
    Location:
    Iran
    Thank you for your helpful guidance.

    And I am a fan of this change, hope to see it soon.
     
  20. Shamshi Adad

    Shamshi Adad Registered Member

    Joined:
    Mar 16, 2016
    Posts:
    40
    Location:
    Eastern Shore of Maryland, USA
    I never bother adjusting the Manage Rules columns because there's still a horizontal scroll bar so I can't get the benefit of viewing the whole rule without having to scroll. So that's not a/the problem. Problem is the Connection Log. So:

    Default:
    Default at bootup.JPG
    After Resizing:
    After Resizing.JPG

    After Closing and Reopening The Connection Log:
    AfterClosingReopeningConnLog.JPG

    THANKS!
     
  21. Alpengreis

    Alpengreis Registered Member

    Joined:
    Oct 7, 2013
    Posts:
    554
    Location:
    Switzerland
    +1
     
  22. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,097
    Location:
    Romania
    The problem seems to be those .33333333 values. I will fix this in the next version. Thank you for your feedback.
     
  23. Shamshi Adad

    Shamshi Adad Registered Member

    Joined:
    Mar 16, 2016
    Posts:
    40
    Location:
    Eastern Shore of Maryland, USA
    In American 'street talk' " YOU DA MAN! "
    Thanks, Alexandrud.
    Alan
     
  24. mi3mi2

    mi3mi2 Registered Member

    Joined:
    Mar 18, 2016
    Posts:
    19
    Thanks! My custom column widths are simply the result of clicking every header separator. So, here it goes...

    wfc_registry.jpg
     
  25. Shamshi Adad

    Shamshi Adad Registered Member

    Joined:
    Mar 16, 2016
    Posts:
    40
    Location:
    Eastern Shore of Maryland, USA
    I adjust my columns the same way.

    After I Close the window and refresh regedit the widths key holds my custom values:
    Capture.JPG

    When I re-open the window apparently WFC4 re-applies the default values
    Capture2.JPG

    Thanks. Peace. Alan
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.