Portmaster Firewall (Alpha stage)

Zorro

Level 9
Verified
Well-known
Jun 11, 2019
408
Well these two months passed quickly. We were mostly occupied getting the SPN out of the door. Anyway, wish all of you have a great new year and hope many of you could get some relaxing days! 🎉

@SFox, since the last post we have released a few Portmaster versions, could you check again and maybe check in on this GitHub issue?
Hello. With the past holidays of the New Year and Christmas! I just checked the problem again and after rebooting the system, starting and closing the user interface, the zombies of the processes were not detected.
 

Mr.NoName

Level 4
Verified
Feb 5, 2016
164
After installing, portmaster i was very surprised of its components and futures. After using it for about 5 hours the net on my PC stops and i get incapability error. I hope that this type of errors will be fixed soon. Congrats for the work!
 

davegson

From Safing Portmaster
Verified
Top Poster
Developer
Jun 7, 2021
25
After installing, portmaster i was very surprised of its components and futures. After using it for about 5 hours the net on my PC stops and i get incapability error. I hope that this type of errors will be fixed soon. Congrats for the work!
Thanks - so glad you like it!

When things like this happen it greatly helps to receive in-app bug reports where you can describe what the issue is, in your case probably a false positive with the compatibility assistant.
 

davegson

From Safing Portmaster
Verified
Top Poster
Developer
Jun 7, 2021
25
I really liked the change in the interface in the last update. The section that allows you to view all the programs that went online is also a good solution.
Thanks a lot - so good to hear!
Can you take a screenshot? Interesting. I don't have Portmaster installed right now.
You can have a look at the big changes on the update blog post:
Wow, I missed this project!

I'll try it on a virtual machine as soon as I have a moment
do tell us what you think! Still lots of things taking shape, so input is very welcome
 
F

ForgottenSeer 69673

Voodooshield still don't like the signature.
 

Attachments

  • Screenshot 2022-03-04 081526.png
    Screenshot 2022-03-04 081526.png
    111.4 KB · Views: 215

Shadowra

Level 37
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,630
I just tried it... either it doesn't like my virtual machine, or it doesn't support Windows 11...

I installed it, set it to "Ask" and it crashed after 5min... I couldn't test it....


7BOUYuag.png
 

kC77

Level 5
Verified
Well-known
Aug 16, 2021
232
I cant remember the last time i tested this (about a year ago) but it seemed a bit buggy and just didn't work as i expected, i gave it 10 minutes and removed it .... however seeing the post about the video here made me decide to give it another try...
it still seems a bit confusing.... the main site says the latest version is 0.9.7
however the download and when updates are ran, gives you 0.9.6... which again is buggy...... (on windows at least)
the notifier app gives you pop ups to "allow or block" but these are really only notifications.... even if you click on either option here, nothing gets sent to the app. (you have to do the allow/block within the app itself)

From the notifier if you open the portmaster app, and respond to the notifications here by allowing or blocking, then they stick and work!

once you open the app the first time, it prompts about secure dns provider .. and to choose from a list of "filtering/privacy lists"
then by default the program is in allow mode...

it allows ALL applications to communicate without prompting you, but it does this over secure dns.. and filters out the telemetry/malware domains etc from the filters...

at this point thats pretty amazing, a few clicks and you get secure dns all configured, with optional privacy/security lists & its FOSS! .
filters.jpg

now at first i was like... woah wait, I have my own pihole/unbound servers here at home, i am my own DNS & adblock provider... i dont want secure DNS unless my laptops away from home..... then I found the advanced options & "Network rating system"
This is where you can have custom profiles for "trusted network/private network/dangerous network"
123.jpg
in here you can see... my "portmaster" DNS server is set to quad9 BUT only if its not on my trusted network
here on my trusted network its still using my pihole/unbound servers, but away from my trusted network (if on the danger/untrusted profiles)... its using secure quad9

you can make many other changes dependant on profile, dependant on your preference
1234.jpg

and there at the top is probably the most important..... "default network action"
as said above, by default, it is set to "allow" so it silently allows everything, but filters it through the privacy/security lists
I personally set this to "Prompt" so that any application prompts for access... now when you get a pop up asking for allow/block it will do this on a per url basis
e.g open your browser and every website you click, you will get prompted for allow/deny each url.
but you can edit this rule per app, so that for example brave.... just "allow" or "block" or you can just block internet access, force block lan or force block device-local connections
so below here is brave, (my GLOBAL default is "prompt" so..... any new application will be in prompt mode, but as brave will access a LOT of urls.... I have manually set it to "allow"
brave.jpg

on the otherhand, certain programs will only ever need to access a certain set of urls... e.g defenderUI Pro, this is still set at "prompt".... i had to click "allow" a few times, but it generated the rules.... so if in the future it tried a different URL id get notifictaion to allow/deny this.....
defui.jpg
defuirules.jpg

loving this thing so much i then changed the settings from stable channel to beta channel.... and the beta now gives the 1.0.0 release.... even more stable so far,and the notifcation behaviour is much improved. (as in you click allow/block in the windows notification pop up actually passes it into the app)

there is also (that i have not yet even touch the surface on.... the SPN........ which from my basic understanding is a subscription VPN/TOR like service, that you can apply to any independent rule or service....... read more Safing Portmaster - SPN Features
I do think this is some amazing work! again at home im pretty covered, but for travelling laptops that roam between trusted/untrusted networks and want flexability to change on the fly... I cant wait to see what the future holds with portmaster.....
V1.0.0 is in beta now, and from what I see, its due to be released either today or tomorrow as "release"

Have a go!

TLDR:
my spyshelter firewall license had recently expired (and have seen last week they even removed it as a product entirely) I have glasswire elite license, but zzzzz, tinywall/wfc/simplewall failed what i needed....
My hardware firewall/IDS/geofiltering/vlans does its thing, but I still like to see and control just what is talking to where, and especially better that when i take my laptops out and about they auto get some URL filtering/telemetry blocking love from FOSS software.

Still early days & I need to test this SPN!
p.s running latest windows 11... and core isolation remains enabled with this on
 
Last edited:

Stopspying

Level 19
Verified
Top Poster
Well-known
Jan 21, 2018
814
I cant remember the last time i tested this (about a year ago) but it seemed a bit buggy and just didn't work as i expected, i gave it 10 minutes and removed it .... however seeing the post about the video here made me decide to give it another try...
it still seems a bit confusing.... the main site says the latest version is 0.9.7
however the download and when updates are ran, gives you 0.9.6... which again is buggy...... (on windows at least)
the notifier app gives you pop ups to "allow or block" but these are really only notifications.... even if you click on either option here, nothing gets sent to the app. (you have to do the allow/block within the app itself)

From the notifier if you open the portmaster app, and respond to the notifications here by allowing or blocking, then they stick and work!

once you open the app the first time, it prompts about secure dns provider .. and to choose from a list of "filtering/privacy lists"
then by default the program is in allow mode...

it allows ALL applications to communicate without prompting you, but it does this over secure dns.. and filters out the telemetry/malware domains etc from the filters...

at this point thats pretty amazing, a few clicks and you get secure dns all configured, with optional privacy/security lists & its FOSS! .

now at first i was like... woah wait, I have my own pihole/unbound servers here at home, i am my own DNS & adblock provider... i dont want secure DNS unless my laptops away from home..... then I found the advanced options & "Network rating system"
This is where you can have custom profiles for "trusted network/private network/dangerous network"
in here you can see... my "portmaster" DNS server is set to quad9 BUT only if its not on my trusted network
here on my trusted network its still using my pihole/unbound servers, but away from my trusted network (if on the danger/untrusted profiles)... its using secure quad9

you can make many other changes dependant on profile, dependant on your preference

and there at the top is probably the most important..... "default network action"
as said above, by default, it is set to "allow" so it silently allows everything, but filters it through the privacy/security lists
I personally set this to "Prompt" so that any application prompts for access... now when you get a pop up asking for allow/block it will do this on a per url basis
e.g open your browser and every website you click, you will get prompted for allow/deny each url.
but you can edit this rule per app, so that for example brave.... just "allow" or "block" or you can just block internet access, force block lan or force block device-local connections
so below here is brave, (my GLOBAL default is "prompt" so..... any new application will be in prompt mode, but as brave will access a LOT of urls.... I have manually set it to "allow"

on the otherhand, certain programs will only ever need to access a certain set of urls... e.g defenderUI Pro, this is still set at "prompt".... i had to click "allow" a few times, but it generated the rules.... so if in the future it tried a different URL id get notifictaion to allow/deny this.....

loving this thing so much i then changed the settings from stable channel to beta channel.... and the beta now gives the 1.0.0 release.... even more stable so far,and the notifcation behaviour is much improved. (as in you click allow/block in the windows notification pop up actually passes it into the app)

there is also (that i have not yet even touch the surface on.... the SPN........ which from my basic understanding is a subscription VPN/TOR like service, that you can apply to any independent rule or service....... read more Safing Portmaster - SPN Features
I do think this is some amazing work! again at home im pretty covered, but for travelling laptops that roam between trusted/untrusted networks and want flexability to change on the fly... I cant wait to see what the future holds with portmaster.....
V1.0.0 is in beta now, and from what I see, its due to be released either today or tomorrow as "release"

Have a go!

TLDR:
my spyshelter firewall license had recently expired (and have seen last week they even removed it as a product entirely) I have glasswire elite license, but zzzzz, tinywall/wfc/simplewall failed what i needed....
My hardware firewall/IDS/geofiltering/vlans does its thing, but I still like to see and control just what is talking to where, and especially better that when i take my laptops out and about they auto get some URL filtering/telemetry blocking love from FOSS software.

Still early days & I need to test this SPN!
p.s running latest windows 11... and core isolation remains enabled with this on
This would be a pretty good write up of my experience too. I tried Portmaster again thie week. I really want it to be a good experience as I like what I've seen that it can do and I also want to be able to monitor connections etc in the manner that this product offers. I've installed it a couple of times but it seems to take an age familiarising itself with my Win 10 setup, I'm guessing that is what the delay between the install completing and actually being able to go through all the options and uses.

Leaving everything on the default settings I started exploring what was on offer but I noticed a significant slowing down of my connectivity. I didn't have the time to go through all of the possibilities that might speed things up so I decided to uninstall it. I'm thinking that this might reflect a new user's experience who might not want to 'risk' meddling with the settings, this is why I'm posting these opinions here for the developers to maybe read. I had watched Henry's video of thechat with them before trying it again, and was again impressed with their aims etc

Like you I am intrigued by the concept of the SPN but haven't tried it. I like the prompt/allow/deny options that you run through and explain some scenarios for their usage. I like this feature a lot - "..it allows ALL applications to communicate without prompting you, but it does this over secure dns.. and filters out the telemetry/malware domains etc from the filters..."

After the uninstall and a reboot I had no internet connectivity, a network adapter reset sorted this, but that has to have been caused by the uninstall of PortMaster, as I'd not changed anything else on the device involved.
 

davegson

From Safing Portmaster
Verified
Top Poster
Developer
Jun 7, 2021
25
happy to announce Portmaster reached 1.0 🎉

Just wanted to drop this here, and happily note that the title (the "Alpha" part) no longer applies :)

Also, I am super thankful to so many of you for testing and giving input on the software! And even though I and we did not manage to be as active as we hoped for - do know I do check and at least read the new posts on this thread on a regular basis. Would ofc do the same if a new thread were created.

Thanks again - have a good one all!
 

kC77

Level 5
Verified
Well-known
Aug 16, 2021
232
I actually stopped using it at v1.0.0

one of the main features I liked was the ability to set which DNS used on trusted/untrusted zones (this worked in 0.9.6)
so when i was on my trusted home network it would use my Pihole/Unbound recursive servers, and when away from home on public/untrusted networks that it used quad9 secure dns

this feature was deprecated in v1.0.0 so have removed it, but hope to try again in the future if the feature is reworked!
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top