simplewall - A tool to configure Windows Filtering Platform

SHvFl

Level 35
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Nov 19, 2014
2,350
Can you enable the option "Allow inbound connections for all" and see if the store apps work. Not permanently ofcourse, just for testing. I had issues too with new version and went back to 1.6.5.
I will test on vm later. Can't do it on main machine because they break completely and i need to reset all store apps forcing me to have to remove the useless again and again. I already did it 3 times with same results to see that it was 100% simplewall.
 

Deletedmessiah

Level 25
Verified
Top Poster
Content Creator
Well-known
Jan 16, 2017
1,469
I will test on vm later. Can't do it on main machine because they break completely and i need to reset all store apps forcing me to have to remove the useless again and again. I already did it 3 times with same results to see that it was 100% simplewall.
I went back and forth between simplewall 2.0.16 and 1.6.5 like 7-8 times so definitely understand.
 

henrypp

Level 1
Verified
Aug 24, 2017
48
But we have the notification timeout so after 10 seconds it should no longer show anything. So you just hide the notification when 10 sec pass and i still have to take action? The way it should work is that if i don't reply in 10 seconds it blocks it and i have to go in settings to allow it.
simplewall and Windows Firewall works different.
- Windows Firewall have low-level driver callback which freeze connection until you are decide what you do with him (allow/block).
- simplewall have user-mode level and no drivers installs and cannot freeze connections for wait your decision.

Thats why simplewall do not remove notifications cache. New version comes with some patches on this logic, but notifications still on cache until you do not do anythig with blocked application.

When you use this applications windows 10 store app and most default store applications stop functioning. Anything that can be done?
Are "Allow listen connections for all" is checked? "Stealth mode" enabled? You see logs? Whats applicaions blocked? Do you checked this apps?
In near future i will pass some tests with Windows Store and create "System rule" which allows it to working.
 

SHvFl

Level 35
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Nov 19, 2014
2,350
simplewall and Windows Firewall works different.
- Windows Firewall have low-level driver callback which freeze connection until you are decide what you do with him (allow/block).
- simplewall have user-mode level and no drivers installs and cannot freeze connections for wait your decision.

Thats why simplewall do not remove notifications cache. New version comes with some patches on this logic, but notifications still on cache until you do not do anythig with blocked application.


Are "Allow listen connections for all" is checked? "Stealth mode" enabled? You see logs? Whats applicaions blocked? Do you checked this apps?
In near future i will pass some tests with Windows Store and create "System rule" which allows it to working.
Allow listen connections for all=on
Stealth mode= off
All default store apps stop working(don't launch) and you have to reinstall them. Not default store applications work just fine.
 

Mr.X

Level 8
Thread author
Verified
Well-known
Aug 2, 2014
369
simplewall v2.0.17 (12 October 2017)
simplewall
Download (Installer + portable)
Changelog
sha256 checksum
  • clear notifications cache on apply filters and configuration
  • show more address information on notification window tooltip
  • fixed redraw listview after notification actions
  • fixed ui hangouts for a long time sometimes
  • fixed race conditions
  • fixed ui bugs
  • fixed bugs
 

Mr.X

Level 8
Thread author
Verified
Well-known
Aug 2, 2014
369
simplewall v2.0.18 (19 October 2017)
simplewall
Download
Changelog
sha256 checksum
  • added setting to disable proxy support (win8 and above only)
  • prevent notifications duplicate
  • fixed windows firewall disabling on win10
  • fixed notifications sound configuration does not saved
  • fixed notifications sound does not played on some systems
  • cosmetic fixes about notifications cross button
  • updated localization
  • updated blocklist
  • fixed dpi support
  • fixed ui bugs
 

Deletedmessiah

Level 25
Verified
Top Poster
Content Creator
Well-known
Jan 16, 2017
1,469
@henrypp
Do you have any plan to sign your tools?I noticed that mem reduct is also not signed.
What does disable notification mean?does it mean the simple wall will auto allow the connection for the specific process since the user disabled the notification?
Signing the software is quite costly from what I know so probably not unless he gets a lot of donations.
It depends on the settings, if set to deny connections by default, the connection will be blocked and you won't be notified when you disable notification.
 
Last edited:

Mr.X

Level 8
Thread author
Verified
Well-known
Aug 2, 2014
369
@henrypp

Lil typo, Ip instead of IP:

typo.png


"Find" function doesn't work at all:

find.png
 
Last edited:

Mr.X

Level 8
Thread author
Verified
Well-known
Aug 2, 2014
369
simplewall v2.0.19 (1 November 2017)
simplewall
Download
Changelog
sha256 checksum
  • new rules editor ui
  • added highlighting rules with errors
  • automatically sorting rules after changing
  • added feature to set custom dns ipv4 server ("DnsServerV4" in .ini)
  • added option to exclude blocklist rules from notifications
  • show process information in statusbar on menu item hover
  • optimized signature information retrieving from binaries
  • updated localization
  • fixed saving profile in some cases
  • fixed parsing rules types (issue #70)
  • fixed dns queries
  • fixed ui bugs
  • fixed bugs
 

henrypp

Level 1
Verified
Aug 24, 2017
48
Do you have any plan to sign your tools?I noticed that mem reduct is also not signed.
Signing the software is quite costly from what I know so probably not unless he gets a lot of donations.
Authenticode needs money, and i have some money from donations - on blockchain ~50$ and some cash on paypal, if someone tell me where can buy certificate for this cost - i can use this money to buy certificate.
 
5

509322

Haven't seen this, iirc. What scenario you have, for me to replicate this bug?

svchost.exe is a just one example; henrypp doesn't consider multiple, duplicate alerts even though an allowed rule already exist for it a bug - the "workaround" is just to disable notifications for svchost.exe

Just install and use Simplewall

This issue has been reported since the very first version by many people
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top