Question Simplewall

[n8chavez]

Is there any way to have a hierarchy with simplewall? It would be nice to have a rule where an app can only communicate through a certain address, a sock5 proxy address, while also having every other connection blocked. But I cannot see a way to do that; if I create a block rule it takes priority over the allow rule(s) and doesn't allow any connection at all. I know it's not a limitation of wfp, because Sphinx's firewall WFC can do this.

 

[ForgottenSeer 94654]

Is there any way to have a hierarchy with simplewall? It would be nice to have a rule where an app can only communicate through a certain address, a sock5 proxy address, while also having every other connection blocked. But I cannot see a way to do that; if I create a block rule it takes priority over the allow rule(s) and doesn't allow any connection at all. I know it's not a limitation of wfp, because Sphinx's firewall WFC can do this.

Ask henrypp Issues · henrypp/simplewall

 

[n8chavez]

Ask henrypp Issues · henrypp/simplewall

Thanks for the link.

 

[n8chavez]

I asked of the github page, but they weren't very helpful. I was essentially told that there was no need for a block rule because Simplewall block by default unless told not to. But my original question still stands.

I have my browser set to only communicate through a sock5 proxy; 10.64.0.1:1080. If I create a rule for it to communicate using a remote allow rule 10.64.0.1:1080 it works just fine. However that rule is not exclusionary; meaning that other addresses and ports are not blocked like I want them to be. How can I make it so that everything will be blocked except the addresses/ports I allow?

The Windows Firewall can do this just fine.

 

[oldschool]

@n8chavez I think there aren't many MT members using Simplewall who could answer your question. IDK.

 

[n8chavez]

@n8chavez I think there aren't many MT members using Simplewall who could answer your question. IDK.

Yeah, still worth a shot though. I may just go back to Windows Firewall Control.

 

[Zero Knowledge]

Why not use WFC? Much better software, better designed and good usability. Better support than Simplewall by the WFC developer over @ WIlder's.

 

[n8chavez]

Why not use WFC? Much better software, better designed and good usability. Better support than Simplewall by the WFC developer over @ WIlder's.

I like WFC. But I haven't used any of the updated version because of the hideous malwarebytes branding it uses now. Simplewall is minimalist and sleek and is still being actively developed. WFC hasn't really added anything new recently.

 

[oldschool]

I like WFC. But I haven't used any of the updated version because of the hideous malwarebytes branding it uses now. Simplewall is minimalist and sleek and is still being actively developed. WFC hasn't really added anything new recently.

But henrypp hasn't been on Wilders in ages, AFAIK. Alexandru is, and WFC is stable.

 

[n8chavez]

But henrypp hasn't been on Wilders in ages, AFAIK. Alexandru is, and WFC is stable.

But the GUI sucks since WFC was sold. Why does it matter if Alexander is active if I'm not using WFC? If the gui goes back then I'll update. But the gui sucks right now.

 

[oldschool]

But the GUI sucks since WFC was sold. Why does it matter if Alexander is active if I'm not using WFC? If the gui goes back then I'll update. But the gui sucks right now.

C'est la vie!

 

[Zero Knowledge]

I like WFC. But I haven't used any of the updated version because of the hideous malwarebytes branding it uses now. Simplewall is minimalist and sleek and is still being actively developed. WFC hasn't really added anything new recently.

Yeah, but it's a simple allow/deny firewall, it doesn't need a lot of updates. It just works. GUI isn't a big issue, you don't stare at it all day, just set and forget.

 

[n8chavez]

Yeah, but it's a simple allow/deny firewall, it doesn't need a lot of updates. It just works. GUI isn't a big issue, you don't stare at it all day, just set and forget.

Yeah. I guess part of the reason I won't use the new gui is because I paid for WFC before it was sold, but it was sold anyway.

 

[Zero Knowledge]

Yeah. I guess part of the reason I won't use the new gui is because I paid for WFC before it was sold, but it was sold anyway.

Me too, but it was only $10 and at the time it was the only way to unlock outbound notifications if memory serves me correctly.

Not a big deal, I hardly think he got rich selling WFC for $10. Yeah Malwarebytes.... I know, I know. But he has released it for free with all features.

 

[Marinsa]

@n8chavez I think there aren't many MT members using Simplewall who could answer your question. IDK. run 3

It functions normally if I configure a remote allow rule for 10.64.0.1:1080. However the rule isn't exhaustive; it doesn't prevent traffic from other IP addresses and ports, which is what I'd prefer. What steps do I take to ensure that just the IP addresses and ports that I provide will be accessible?

 

[oldschool]

What steps do I take to ensure that just the IP addresses and ports that I provide will be accessible?

I can't say as I've never used SW.

 

[ForgottenSeer 98186]

It functions normally if I configure a remote allow rule for 10.64.0.1:1080. However the rule isn't exhaustive; it doesn't prevent traffic from other IP addresses and ports, which is what I'd prefer. What steps do I take to ensure that just the IP addresses and ports that I provide will be accessible?

Ask the developer, henrypp:

Henry++

Author: @s7ev1n_kelevra

t.me

 

[n8chavez]

It functions normally if I configure a remote allow rule for 10.64.0.1:1080. However the rule isn't exhaustive; it doesn't prevent traffic from other IP addresses and ports, which is what I'd prefer. What steps do I take to ensure that just the IP addresses and ports that I provide will be accessible?

Well that's just it, I don't think that situation can be done. That's what I asked about, and either it cannot be done or no one know how to do it correctly. I think your best bet now would be to use WIndows Firewall Control and create allow rules for whatever you want to access the socks5 address (in this case 10.64.0.1:1080 is the mullvad wireguard socks5 address), only giving it access to those remote address and remote port, then in WFC hide notifications from those exes. At least that's the conclusion I came to.

 

[dronefox1166]

Hi ! I have launch simplewall on portable mode. But I want to uninstall all the rules and that Windows run without the simplewall rules ?
How I have to do for ?

Thanks

 

[pxxb1]

Hi ! I have launch simplewall on portable mode. But I want to uninstall all the rules and that Windows run without the simplewall rules ?
How I have to do for ?

Thanks

In the main gui, you have - Enable/Disable filters, click that. When it says Enable, it is Disabled.