Portmaster Firewall (Alpha stage)

Kongo

Level 36
Thread author
Verified
Top Poster
Well-known
Feb 25, 2017
2,581
Portmaster is a free and open-source application that puts you back in charge over all your computer's network connections.
full-interface.png

What it has to offer:
- Discover everything that is happening on your computer. Expose every connection your applications make and detect evil ones. Finally get the power to act accordingly.
- Add your own rules to block specific domains you dislike. Enable Prompt Mode and decide the fate of every new connection. Block or Allow.
- Block ads, trackers, malware and NSFW sites via trusted domain-lists, which are also used by Ad-Blockers, etc. Easily change the defaults to fit your needs.
- Even with invasive connections gone, you do not want to share your dns requests out in the open. With the Portmaster, you can easily re-route all your dns queries to a DNS-over-TLS provider of your choice.
- In the age of Mass Surveillance, what good is a service when you cannot see what it is really doing? We believe in open source. We also document everything as good as we can.
- The Wi-Fi in your local coffee shop is riskier than yours at home. Set up your settings for different networks and then simply press a button when changing location. All settings will adjust immediately.
- Make your own rules. Completely cut off applications from the Internet. Or block all p2p connections except for certain apps. Or never connect to specific countries. The Portmaster has you covered.

Website: Safing Portmaster
 

CyberDevil

Level 7
Verified
Well-known
Apr 4, 2021
333
I tried it in a virtual machine on a newly installed system.

The program interface takes quite a long time to load, and the program also caused several system freezes for me.

DNS, as I understand it, can only be configured via an IP address with further verification by host, I am not sure that with this method of connecting to NextDNS or ControlD, the selection of the nearest server will work correctly, it needs to be checked. However, NextDNS connected and displayed the connection correctly in its web dashboard.

The settings allow you to completely block direct connections, as well as plain dns, which is very cool!

The rules allow you to block entire countries, hosts, and IP addresses.

In general, I liked this project and it looks very promising. I will wait for further updates. =)
 

eonline

Level 21
Verified
Well-known
Nov 15, 2017
1,084
I am testing it now on a productive machine and it is really good at its job, it would be necessary to polish things like notifications and that it does not filter everything by domains but by applications.
 

Morro

Level 18
Verified
Top Poster
Well-known
Jul 8, 2012
890
Seems that people on Wilders Security Forums are checking it out as well. And one of the team members is there to answer questions.


It looks and sounds nice, but I will be watching it to see where this goes.
 
Last edited:

CyberDevil

Level 7
Verified
Well-known
Apr 4, 2021
333
I continued experimenting with Portmaster on the VM. Some things are not completely clear to me. For example, if I create blocking rules for incoming and outgoing requests for a domain bing.com, I can still ping it in the console, it seems to me that this is not quite correct, since I expect a complete blocking of access to the host. For example, in Norton, this is how it works, if you block the host, you can't even ping it.
ping.JPG



I also set up a Portmaster connection to my NextDNS account via DOT, and in the web console I saw a lot of requests to hosts related to advertising and telemetry, which should definitely be blocked by the built-in filters. The feeling that the blocking in Portmaster occurs after a DNS request, but the DNS requests themselves are not filtered (?) - this seems a little strange, since i expect filtering at both the DNS and IP levels at the same time from an application that supports DNS encryption and DNS traffic interception.

dns.png
 

CyberDevil

Level 7
Verified
Well-known
Apr 4, 2021
333
Update v0.6.15
Changelog by Daniel (dhaavi - Overview):
  • You can add enable filter lists and add rules in the "System DNS Client" app to block dns requests before they get resolved.
  • ICMP echo requests/replies can now be seen in the "Unidentified Processes" app and controlled.
  • ICMP control and error messages (everything other than echo) are still allowed internally in order to guarantee smooth networking.

Portmaster has really great developers: reaction for my comments in less than a day! Now ping does not work for blocked hosts and IP addresses, and the rules created for the System DNS Client allow you to block requests to the DNS server before they are actually processed.

An explanation is needed here: global rules make a block after processing a DNS request - this is a prerequisite to support different sets of rules for different applications. Therefore, you will see requests to the DNS server in the console of your NextDNS, ControlD, or Pi-Hole, but in fact Portmaster will block the connection for a specific application. Read more in an interesting article from the official blog: Attributing DNS Requests on Windows
 
Last edited:

Kongo

Level 36
Thread author
Verified
Top Poster
Well-known
Feb 25, 2017
2,581
Update v0.6.15
Changelog by Daniel (dhaavi - Overview):


Portmaster has really great developers: reaction for my comments in less than a day! Now ping does not work for blocked hosts and IP addresses, and the rules created for the System DNS Client allow you to block requests to the DNS server before they are actually processed.

An explanation is needed here: global rules make a block after processing a DNS request - this is a prerequisite to support different sets of rules for different applications. Therefore, you will see requests to the DNS server in the console of your NextDNS, ControlD, or Pi-Hole, but in fact Portmaster will block the connection for a specific application. Read more in an interesting article from the official blog: Attributing DNS Requests on Windows
If you are active on Wilders it would be great if you could ask them if they are interested in joining MalwareTips to answer further questions here too. (y)
 

CyberDevil

Level 7
Verified
Well-known
Apr 4, 2021
333
If you are active on Wilders it would be great if you could ask them if they are interested in joining MalwareTips to answer further questions here too.
I do not sit on Wilderssecurity at all, so I invited the developer here right away in the first email few day ago! David form Postmaster's team noted that he really likes the reactions to messages, but it seems to be quite difficult for them to answer questions at once on 4 platforms (wilderssecurity, git, email, mt) :) But I think that sooner or later they will appear here )

By the way, a new post on Wilderssecurity demonstrates the really unrealistically ambitious plans of the developers.
1.JPG


Also, I have already tried the Portmaster together with Eset IS, SEP and Trend Micro and did not notice any incompatibilities.
 

davegson

From Safing Portmaster
Verified
Top Poster
Developer
Jun 7, 2021
25
Hey there Malewaretips community, co-founder here 👋

--------------------------------------------------------------
I was banned for my post yesterday, that is why it vanished. Probably too many links triggered some spam mechanism. I appealed and now I'm back :) new version has fewer links, I am sure you will find the other resources mentioned
--------------------------------------------------------------

first off, thanks for giving the Portmaster a go, thanks for the thread and for all your feedback!

As CyberDevil already mentioned it is a challenge for us to follow and respond to all activities over various platforms. For a guaranteed response please come by on GitHub or send us an email (find the mail on our homepage). But I will definitely lurk to answer non-technical stuff and ask the Portmaster devs to chime in from time to time for technical stuff, hope that will work out.

First Reactions

The topic around DNS was discussed in depth in GitHub issue #325, where our blog post on Attributing DNS Requests on Windows came up (linked above in CyberDevil's post from June 1st).

And in terms of this:
By the way, a new post on Wilderssecurity demonstrates the really unrealistically ambitious plans of the developers.

I definitely agree that we are ambitious. But please take Daniel's communication about "we have XYZ planned" with a pinch of salt. We do brainstorm and collect ideas, both from within the team and from the community (and Daniel is great at that ;)). But at the end of the day, we gather all these ideas and somebody else - not the techies - calls the shots of what gets worked on next and what not.

We Love Feedback, Even If Features Cannot Be Guaranteed

I hope it is communicated clearly that we are only working on things mentioned in the Next Page (and some smaller stuff and bug fixes which do not justify a full card). Everything else is collected in our Backlog and our Project Management System, dubbed the "CC". We have plenty of ideas flowing around, but in the end, no feature can be guaranteed. It might not fit into our vision for the Portmaster, or it might not be technically feasible to implement. And naturally we just take it step by step via prioritization, as we have done so far.

And there your voice has an impact! We love to hear about your experiences and appreciate all reports/suggestions you have for the Portmaster! It gives us a reality check of where we really stand, and feedback from a user weighs so much more. We have all become a bit expert blind (I think that is a term).

Help Us Maturing Into Beta

As we are currently in alpha we are mostly interested in finding nasty bugs, incompatibilities with other software and your experiences as new Portmaster users. Some features and behavior have become super obvious to us, but for new users they are not! Hearing about these experiences is super valuable to us.
I have already tried the Portmaster together with Eset IS, SEP and Trend Micro and did not notice any incompatibilities.
Thanks for this! I'll try to update the docs in the next week.

Both UX and technical stability needs improving for us to be able to move into Beta, which is our goal - and if anyone can find nasty edge cases, I am sure I have come to the right community ;)

Thanks again for all the love, feel free to follow up! Looking forward to the next weeks
 
Last edited:

davegson

From Safing Portmaster
Verified
Top Poster
Developer
Jun 7, 2021
25
Is there any place we can donate ?
We once had this option, but no longer. We opted to focus more on having a business model which you can read more about here.

However, we might re-evaluate if a lot of these requests come in. You can also purchase the product and then not use it, which we can define as a donation in the meantime :D or as crypto payments will launch we can also easily add an address for each accepted currency as a donation address... we'll see
 

Morro

Level 18
Verified
Top Poster
Well-known
Jul 8, 2012
890
Just saw this response from dhaavi (Portmaster Lead developer.)

My Co-Founder already posted there.

As he and others have already mentioned there, it is a challenge for us to follow and respond to all activities over various platforms. For a guaranteed response please come by on GitHub or send us an email (find the mail on our homepage).

But someone will definitely stick around here to answer some questions, we hope that will work out.

GitHub

Email: support@safing.io

And for those interested, I just saw that they are also on Reddit. But dhaavi mentioned that GitHub and email are preferred for guaranteed response.

 

valvaris

Level 6
Verified
Well-known
Jul 26, 2015
263
@davegson

Testing out the Portmaster Firewall.

Have to say a good Firewall with Filter-lists.

Feedback:

The thing that confuses me most are the settings - OFF - DANGER - UNTRUSTED - TRUSTED <- Why not a Simple On/Off Switch and even if it is Zone Based then for every Zone a On / Off Switch.

I like on how there are Global Rules and that you can Individualize every Single App with its own Rule-Set.

Bug or a featrue - Tray Icon missing after initial Installation and can not get it back - But the Firewall Core is still filtering. :D

Otherwise very good performance network-wise. Tested with a constant RDP Connection to my Work Laptop and watching Streams on the Host-machine plus Surfing the Web ^^

Best regards
Val.
 
Last edited:

davegson

From Safing Portmaster
Verified
Top Poster
Developer
Jun 7, 2021
25
Thanks Val for your time! Thought I'd get notified via mail but something is up in my settings, still new to MT I guess.
The thing that confuses me most are the settings - OFF - DANGER - UNTRUSTED - TRUSTED <- Why not a Simple On/Off Switch and even if it is Zone Based then for every Zone a On / Off Switch.

Yes, you are not alone! This is definitely the highest learning curve a PM user has to go through, many have reported confusion around this. It is not a feature we want to remove though since we feel it is that valuable. It also makes us very unique ;)

Anyway, here is a sneak peek for you all:

we are working on a "guide" feature where you can click a question mark next to a feature which will then open up an explainer of said feature and blur out everything else. Will definitely be used to explain the network rating better. Aiming for a release in August, with the "Beta" release channel getting it earliest as always.

feature-guide-1.png

feature-guide-2.png

Bug or a feature - Tray Icon missing after initial Installation and can not get it back - But the Firewall Core is still filtering. :D

That's a bug for sure haha - after installation a reboot is heavily recommended, since it resolves a lot of odd and tricky behavior such as what you described. We are working on improving the installation experience too to make it crystal clear to reboot in order to get the PM going.

I like on how there are Global Rules and that you can Individualize every Single App with its own Rule-Set.

Otherwise very good performance network-wise. Tested with a constant RDP Connection to my Work Laptop and watching Streams on the Host-machine plus Surfing the Web ^^

so good to hear - keep the input and advice coming! 🎉🔥 Eagerly working on making this piece better and better
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top