Windows Firewall Notifier (1.7.0) problem report and possible solutions

Discussion in 'other firewalls' started by SwissBIT, Jun 5, 2013.

Thread Status:
Not open for further replies.
  1. SwissBIT

    SwissBIT Guest

    Hi all

    The WFN is great, but the following issues I have noticed (I have already sent a report to developer wokhan):


    1) Blocked IPv6 connections are not displayed in Notify Box.

    For this problem I have found an easy solution:

    In the Task "WindowsFirewallNotifierTask" replace the exist Trigger "Custom Event Filter" content with this:

    <QueryList>
    <Query Id="0" Path="Security">
    <Select Path="Security">*[System[(Level=4 or Level=0) and (EventID=5157)]] and (*[EventData[Data[@Name='LayerRTID']='48']] or *[EventData[Data[@Name='LayerRTID']='50']])</Select>
    </Query>
    </QueryList>


    2) Sometimes the Console cannot be started.

    In this case, the message "WindowsFirewallNotifier has stopped working" appears. This is a problem with .NET right?

    Exist a solution for this?


    3) In Notify Box only Target Ports with up to 4 digits are displayed correctly.

    Because there is not enough space available, 5-digit numbers are truncated.

    As a workaraound, I have patched the Notifier.exe with an HEX editor (it's not a public solution - do not ask for the file). Maybe it's interesting to know that this fix is not really difficult to make.


    4) Block an IP stops the Notify Box funtion (I know this is already known here).

    If a rule exists, which is intended to block a specific IP for all programs, protocols and ports, the Notify Box stops working.

    As a workaround, I have separated the protocols and I specified the port range 0-65535 (all) for TCP - then it works.


    Many greetings from Switzerland!

    Norbert Schneider
    Aka SwissBIT

    PS: Sorry for bad english!
     
  2. SwissBIT

    SwissBIT Guest

    Addendum ...

    5) Block a port stops the Notify Box funtion for other NOT EXPLIZIT BLOCKED ports.

    If a rule exists, which is intended to block a specific port for a program, the Notify Box stops working for other NOT EXPLIZIT BLOCKED ports - at least in following case:

    Block-Rule: PRG=XYZ, DestinationPort=443

    Then, for outgoing connections to port 80, no "alert"message appears.

    --
    SwissBIT
     
Loading...
Thread Status:
Not open for further replies.