Serious Discussion Fort Firewall

[dronefox1166]

1. Backup your settings by Options: Backup: "Export".
2. Uninstall the portable.
3. Install as recommended.
4. Restore your settings by Options: Backup: "Import".

Also on 2) you can archive the "C:\Program Files\Fort Firewall\Data\" folder, which contains all your settings and stats.

Thanks.

 

[dronefox1166]

Can we expect secure DNS management in this software like "Portmaster" ?

If not, it is possible to modify in Windows settings (Control Panel and Network) and the desired DNS in ipv4 and 6 or with a tool like ChrisTitus "WinUtil".

 

[tnodir]

Can we expect secure DNS management in this software like "Portmaster" ?

Yes, it's planned. DNS requests should be proxied via Fort to support filtering by domain names per app.

 

[tnodir]

Fort Firewall 3.15.5

• UI: Programs: Add ability to move and hide columns.
• UI: Options: Programs: Add "Auto-Clear alerts on window close" flag.
• Driver: Don't block allowed packets by other firewall in transport layer.

 

[tnodir]

Fort Firewall 3.15.6

• UI: Programs: Add app states count and sorting.

 

[dronefox1166]

Couldn't the password only be present if you want to uninstall “Fort”? But not for every alert...

I'd like to set it that way...

Thanks!

 

[tnodir]

Couldn't the password only be present if you want to uninstall “Fort”? But not for every alert...

But then user can open the Options window from alert popup and remove the password.

You can unlock the password until exit, for example.

 

[dronefox1166]

Yes, it's planned. DNS requests should be proxied via Fort to support filtering by domain names per app.

When DNS management becomes available...

Will we be able to choose NextDNS as resolver for one app, then AdGuard DNS for another, and Cloudflare for another app and none for other apps?

Thanks again!

 

[tnodir]

Will we be able to choose NextDNS as resolver for one app, then AdGuard DNS for another, and Cloudflare for another app and none for other apps?

Is it possible with Postmaster?

I think, it's not possible without dll function hooking. And I don't want to use such dirty methods.

I was planning something similar to DNSCrypt-Proxy mechanism.

 

[dronefox1166]

Is it possible with Postmaster?

I think, it's not possible without dll function hooking. And I don't want to use such dirty methods.

I was planning something similar to DNSCrypt-Proxy mechanism.

I'm sorry I'm clumsy.

I understand.

As for Portmaster, I think you can, but I'm not sure.

 

[dronefox1166]

By default, is on "Block"

How to put "Allow" on choice by default, I have to confirm only...

 

[CyberDevil]

Is it possible with Postmaster?

As far as I can see selecting a different DNS for each application is not possible in PortMaster, but you can create your own filtering rules both by IP and by host.

Are you not planning to add pre-defined filters for “bad” Ip and hosts in the future? That would be useful.

 

[tnodir]

How to put "Allow" on choice by default

Set Filter mode to "Allow, ...".

But keep in mind, that it will auto-allow new programs. So, programs will have access to Internet by default.

Fort does not pause the connections, but just shows popup for already blocked or allowed program. (A not yet implemented "Ask to connect" filter mode will pause the connections.)

 

[tnodir]

Are you not planning to add pre-defined filters for “bad” Ip and hosts in the future? That would be useful.

If you mean block lists for IP addresses, as in PeerBlock, then it already implemented in the Zones.

Domain hosts are in TODO.

 

[dronefox1166]

Set Filter mode to "Allow, ...".

But keep in mind, that it will auto-allow new programs. So, programs will have access to Internet by default.

Fort does not pause the connections, but just shows popup for already blocked or allowed program. (A not yet implemented "Ask to connect" filter mode will pause the connections.)

fine, I'll leave it that way...

 

[dronefox1166]

for example simplewall (which looks a bit like Fort Firewall) to a telemetry filter... Fort, it seems, doesn't include it.



Please let me know.

 

[tnodir]

for example simplewall (which looks a bit like Fort Firewall) to a telemetry filter...

Simplewall hardcodes IP addresses from WindowsSpyBlock.

You can use that addresses in Fort via the Zones. See the discussion.

 

[dronefox1166]

Simplewall hardcodes IP addresses from WindowsSpyBlock.

You can use that addresses in Fort via the Zones. See the discussion.

Thanks !

And what about FireHOL and TAS-IX ?
is there any point in adding them?



What's the point?

 

[dronefox1166]

A search tells me that (without being exhaustive):



“FireHOL Level 1 is a list of IP addresses used for filtering network traffic. It comprises several types of IP addresses, including :



Buggy addresses, which are IP addresses that should never appear on an Internet interface1

.

Private and local IP addresses, such as 10.0.0.0/8 and 192.168.0.0/243.

.

Other IP addresses considered potentially malicious or suspicious.”

 

[dronefox1166]

Simplewall hardcodes IP addresses from WindowsSpyBlock.

You can use that addresses in Fort via the Zones. See the discussion.

"WindowsSpyBlock" blocks me Windows Update or not ?

I don't know if is it this... block zone...

0x800f081f (error)...​