Some questions about WFN v1

Oct 22, 2016 at 12:32 PM
Edited Oct 22, 2016 at 12:33 PM
Sorry, I am new to WFN v1 and currently evaluating it. I have some questions:

1.) As far as I understand WFN is a special GUI on top of the built-in Windows Firewall.
So when I start it (under 64 bit Win7) then it seems to work.
However my built-in Windows Firewall is currently disabled.
I would have expected that an AddOn GUI like WFN checks whether this is the case or not.
In case the underlying built-in Windows Firewall is disabled a popup should appear similar to:

"Built-in WInFW is disabled. Should I enable it? Otherwiese WFN does not work".

But this is not the case. Why?

2.) When a Notifier popup is shown in the lower left corner then the "advanced" pane is always hidden. How can I tell WFN to always automatically show the "Advanced" pane?

3.) Assume I allowed a certain program (e.g. Firefox) to connect outside to Internet.
Then a new Firefox version is released and replaces the old version in the same directory.

As far as I can see WFN does not detect this upgrade in-place.

Can I somehow tell WFN to show again a prompt to allow the new version?

4.) Occasionally programs do not call their home servers directly but launch a browser (e.g. Firefox) and pass an URL (with possibly secret data (like passwords) hidden in "normal" parameters (like "curtomerID")).

How can I prevent this or let WFN ask for permission?

Whenever a program calls a browser a prompt should appear.

5.) How can I find out if WFN is currently running?

I found no corresponding process in TaskManager and no icon in SysTray.

Peter
Editor
Oct 22, 2016 at 6:44 PM
Hello and thank you for your interest in WFN.
  1. V1 is no longer being updated and everything being done in v2 now. This is a good suggestion and should be done even in v2, though I am not 100% sure if this was ever added, yet. Maybe Daniel (a developer) can add it when he sees this thread.
  2. There is no way to currently do this, as far as I am concerned.
  3. WFN remembers programs by path directory, so if nothing has changed, then WFN won't show a new rule. If you do want to display a new rule for it, you can just delete the old rule and create a new one.
  4. WFN should be able to display any type of outbound notifications, but remember that is all it is ever designed to do. Everything else relies on Windows Firewall. As I said in point 1, v1 isn't being updated anymore, so everything is done in v2. If this is a issue in v1, then I recommend updating to v2 and see if it does what you want. Remember that v2 is still in alpha, so expect bugs.
  5. In v2, there is a process that runs in the background, but I am not sure if this actually suppose to happen, but it does happen on mine. Alternatively, you can always open a new program and see if a notification pops up for WFN and that should tell you if it is working or not.
Developer
Oct 23, 2016 at 4:20 PM
ROCKNROLLKID already answered most items, so my replies will be quite short:

1) Great idea! I'll see what I can do.
2) There's a configuration setting in V2 for this. Not sure if there's a GUI option for it, but it's called "AlwaysShowDetails" in WFN.config.
3) This isn't in the scope for WFN; it's a limitation of the Windows Firewall. Unfortunately, there's no 100% way to correct this, without becoming a full-blown firewall program.
4) WFN can't "see" WHY a program created a connection; all it sees is that a connection attempt was blocked. There's no (reasonable) way for WFN to see Firefox was called by another program.
5) V2 indeed sticks around, but this is more-or-less unintended, and I think I'll change that in a future release. In V2 you can run the Notifier.exe manually, and it should pop-up. As for checking whether it pops up for actual connections: currently, the only way is to actually have a non-whitelisted program try to make a connection...
Oct 24, 2016 at 8:56 AM
Edited Oct 24, 2016 at 8:57 AM
1.) Maybe another advanced option would be here to disable automatically Windows Firewall when user exists WFN.
This would be the opposite option to my first suggestion
4) WFN can't "see" WHY a program created a connection; all it sees is that a connection attempt was blocked. There's no
(reasonable) way for WFN to see Firefox was called by another program.
Hmm, this is very important for me (and possibly for others as well).
Maybe you could introduce a "program-to-program-call-watchlist" customizable by users.

So user could enter there the few browsers like firefox.exe, iexplorer.exe,chrome.exe,......

Now whenever one of these special browsers is call by another program (except Windows Explorer = DoubleClick) then it should be intercepted and prompted
for permission. This should be easy to implement.

It would make WFN almost unique among the firewall tools out there.
5) V2 indeed sticks around, but this is more-or-less unintended, and I think I'll change that in a future release. In V2 you can run the Notifier.exe manually, and it should pop-up. As for checking whether it pops up for actual connections: currently, the only way is to actually have a non-whitelisted program try to make a connection...
Here you should give the user the option (e.g. a clickable checkbox) to show EFN in Systray or not.

Peter
Editor
Oct 25, 2016 at 2:17 AM
pxstein wrote:
1.) Maybe another advanced option would be here to disable automatically Windows Firewall when user exists WFN.
This would be the opposite option to my first suggestion
But if Windows Firewall is disabled, then WFN wouldn't work at all. The only thing WFN does is notify about outbound rules then creates the rules and adds them to the Windows Firewall.
Developer
Oct 25, 2016 at 2:28 PM
pxstein wrote:
4) WFN can't "see" WHY a program created a connection; all it sees is that a connection attempt was blocked. There's no
(reasonable) way for WFN to see Firefox was called by another program.
Hmm, this is very important for me (and possibly for others as well).
Maybe you could introduce a "program-to-program-call-watchlist" customizable by users.

So user could enter there the few browsers like firefox.exe, iexplorer.exe,chrome.exe,......

Now whenever one of these special browsers is call by another program (except Windows Explorer = DoubleClick) then it should be intercepted and prompted
for permission. This should be easy to implement.
It's actually not that easy to implement, because you have to keep track of all processes all the time. Additionally, I'd be easy for some malware to make Windows Explorer open up a web browser to a certain URL. On top of that, by the time WFN gets a chance to make such a call, it's too late: Windows Firewall has already blocked the connection, or allowed it. WFN can only help "after the fact": it takes blocked attempts and pops up a notification; it doesn't "delay" the connection attempt until the user has made a choice. If that's what you want, you need to download a full firewall; this is explicitly out of the scope of WFN.
It would make WFN almost unique among the firewall tools out there.
(And the fact that nobody does it is a strong indication that it's not doable, usable, or practical.)
5) V2 indeed sticks around, but this is more-or-less unintended, and I think I'll change that in a future release. In V2 you can run the Notifier.exe manually, and it should pop-up. As for checking whether it pops up for actual connections: currently, the only way is to actually have a non-whitelisted program try to make a connection...
Here you should give the user the option (e.g. a clickable checkbox) to show EFN in Systray or not.
The "console" (WFN.exe), yes, this is on the ToDo-list. The Notifier.exe probably shouldn't stick around 'wasting' memory.