GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → henrypp → Simplewall

henrypp / Simplewall

Licence: gpl-3.0
Simple tool to configure Windows Filtering Platform (WFP) which can configure network activity on your computer.

Programming Languages

c
50402 projects - #5 most used programming language

Labels

windowsnetworkfirewallfosswfpwindows-firewallsimplewall

Projects that are alternatives of or similar to Simplewall

WindowsFirewallRuleset
Windows firewall PowerShell scripts
Stars: ✭ 94 (-96.25%)
Mutual labels:  firewall, windows-firewall
WaGis-Mass-IP-Blacklister-Windows
This Tool blocks a Mass of IP Adresses via the Windows Firewall. You can run in Automatic-Mode using a Abusive IP List like blocklist.de
Stars: ✭ 34 (-98.64%)
Mutual labels:  firewall, windows-firewall
Hetionet
Hetionet: an integrative network of disease
Stars: ✭ 129 (-94.85%)
Mutual labels:  network
Piadvanced
This started as a custom install for my pihole!
Stars: ✭ 144 (-94.25%)
Mutual labels:  firewall
Mineflayer
Create Minecraft bots with a powerful, stable, and high level JavaScript API.
Stars: ✭ 2,377 (-5.11%)
Mutual labels:  network
Dedsploit
Network protocol auditing framework
Stars: ✭ 133 (-94.69%)
Mutual labels:  network
Td4a
Template designer for automation
Stars: ✭ 139 (-94.45%)
Mutual labels:  network
Ruffles
Lightweight and fully managed reliable UDP library.
Stars: ✭ 131 (-94.77%)
Mutual labels:  network
Core
Eru, a simple, stateless, flexible, production-ready orchestrator designed to easily integrate into existing workflows. Can run any virtualization things in long or short time.
Stars: ✭ 147 (-94.13%)
Mutual labels:  network
Hidguardian
Windows kernel-mode driver for controlling access to various input devices.
Stars: ✭ 138 (-94.49%)
Mutual labels:  firewall
Pyfunceble
The tool to check the availability or syntax of domain, IP or URL.
Stars: ✭ 143 (-94.29%)
Mutual labels:  network
Whatwaf
Detect and bypass web application firewalls and protection systems
Stars: ✭ 1,881 (-24.91%)
Mutual labels:  firewall
Pesocket
A C# Network Library.
Stars: ✭ 134 (-94.65%)
Mutual labels:  network
Ansible Role Nfs
Ansible Role - NFS
Stars: ✭ 141 (-94.37%)
Mutual labels:  network
Android Remote Debugger
A library for remote logging, database debugging, shared preferences and network requests
Stars: ✭ 132 (-94.73%)
Mutual labels:  network
Boost Asio Study
Examples and toturials for C++ Boost Asio library.
Stars: ✭ 144 (-94.25%)
Mutual labels:  network
Rucio
Rucio - Scientific Data Management
Stars: ✭ 131 (-94.77%)
Mutual labels:  network
Oxidized
Oxidized is a network device configuration backup tool. It's a RANCID replacement!
Stars: ✭ 1,848 (-26.23%)
Mutual labels:  network
Urbanaccess
A tool for GTFS transit and OSM pedestrian network accessibility analysis
Stars: ✭ 137 (-94.53%)
Mutual labels:  network
Ether.network
https://github.com/Eastrall/Sylver
Stars: ✭ 147 (-94.13%)
Mutual labels:  network
View All Similar Projects ➔

simplewall

Definitely for advanced users.

Description:

Simple tool to configure Windows Filtering Platform (WFP) which can configure network activity on your computer.

The lightweight application is less than a megabyte, and it is compatible with Windows 7 SP1 and higher operating systems. You can download either the installer or portable version. For correct working you are require administrator rights.

Nota bene:

Keep in mind, simplewall is not a control UI over Windows Firewall, and does not interact in any level with Windows Firewall. It works over Windows Filtering Platform (WFP) which is a set of API and system services that provide a platform for creating network filtering applications. Windows Filtering Platform is a development technology and not a firewall itself, but simplewall is the tool that uses this technology.

Features:

  • Simple interface without annoying pop ups
  • Rules editor (create your own rules)
  • Internal blocklist (block Windows spy / telemetry)
  • Dropped packets information with notification and logging to a file feature (win7+)
  • Allowed packets information with logging to a file feature (win8+)
  • Windows Subsystem for Linux (WSL) support
  • Windows Store support
  • Windows services support
  • Free and open source
  • Localization support
  • IPv6 support
To activate portable mode, create "simplewall.ini" in application folder, or move it from "%APPDATA%\Henry++\simplewall".

Installation:

When install rules, you can choose two modes:

  • Permanent rules. Rules are working until you disable it manually.
  • Temporary rules. Rules are reset after the next reboot.

Uninstall:

When you uninstall simplewall, all previously configured filters stay alive in system. To remove all filters created by simplewall, start simplewall and press "Disable filters" button.

Command line:

List of arguments for simplewall.exe:

-install - enable filtering.
-install -temp - enable filtering until reboot.
-install -silent - enable filtering without prompt.
-uninstall - remove all installed filters.

Rules editor:

simplewall have two types of custom user rules rules:

  • Global rules: rule applied for all applications.
  • Special rules: rule applied only for specified applications.

To set rule applications, open rule and then navigate to "Apps" tab.

Rule syntax format:
  • IP addresses 192.168.0.1; 192.168.0.1; [fc00::]
  • IP addresses with port 192.168.0.1:80; 192.168.0.1:443; [fc00::]:443;
  • IP ranges 192.168.0.1-192.168.0.255; 192.168.0.1-192.168.0.255;
  • IP ranges (with port) 192.168.0.1-192.168.0.255:80; 192.168.0.1-192.168.0.255:443; (v2.0.20+)
  • IP with prefix lengths (CIDR) 192.168.0.0/16; 192.168.0.0/24; fe80::/10
  • Ports 21; 80; 443;
  • Ports ranges 20-21; 49152-65534;

To specify more than one ip, port and/or host, use semicolon.

IPv4 CIDR blocks:
Address format Mask
a.b.c.d/32 255.255.255.255
a.b.c.d/31 255.255.255.254
a.b.c.d/30 255.255.255.252
a.b.c.d/29 255.255.255.248
a.b.c.d/28 255.255.255.240
a.b.c.d/27 255.255.255.224
a.b.c.d/26 255.255.255.192
a.b.c.d/25 255.255.255.128
a.b.c.0/24 255.255.255.0
a.b.c.0/23 255.255.254.0
a.b.c.0/22 255.255.252.0
a.b.c.0/21 255.255.248.0
a.b.c.0/20 255.255.240.0
a.b.c.0/19 255.255.224.0
a.b.c.0/18 255.255.192.0
a.b.c.0/17 255.255.128.0
a.b.0.0/16 255.255.0.0
a.b.0.0/15 255.254.0.0
a.b.0.0/14 255.252.0.0
a.b.0.0/13 255.248.0.0
a.b.0.0/12 255.240.0.0
a.b.0.0/11 255.224.0.0
a.b.0.0/10 255.192.0.0
a.b.0.0/9 255.128.0.0
a.0.0.0/8 255.0.0.0
a.0.0.0/7 254.0.0.0
a.0.0.0/6 252.0.0.0
a.0.0.0/5 248.0.0.0
a.0.0.0/4 240.0.0.0
a.0.0.0/3 224.0.0.0
a.0.0.0/2 192.0.0.0
a.0.0.0/1 128.0.0.0
0.0.0.0/0 0.0.0.0
IPv6 CIDR blocks:

2001:0db8:0123:4567:89ab:cdef:1234:5678
|||| |||| |||| |||| |||| |||| |||| ||||
|||| |||| |||| |||| |||| |||| |||| |||128 Single end-points and loopback
|||| |||| |||| |||| |||| |||| |||| |||127 Point-to-point links (inter-router)
|||| |||| |||| |||| |||| |||| |||| ||124
|||| |||| |||| |||| |||| |||| |||| |120
|||| |||| |||| |||| |||| |||| |||| 116
|||| |||| |||| |||| |||| |||| |||112
|||| |||| |||| |||| |||| |||| ||108
|||| |||| |||| |||| |||| |||| |104
|||| |||| |||| |||| |||| |||| 100
|||| |||| |||| |||| |||| |||96
|||| |||| |||| |||| |||| ||92
|||| |||| |||| |||| |||| |88
|||| |||| |||| |||| |||| 84
|||| |||| |||| |||| |||80
|||| |||| |||| |||| ||76
|||| |||| |||| |||| |72
|||| |||| |||| |||| 68
|||| |||| |||| |||64 Single LAN (default prefix size for SLAAC)
|||| |||| |||| ||60 Some (very limited) 6rd deployments (/60 = 16 /64)
|||| |||| |||| |56 Minimal end sites assignment[12] (e.g. Home network) (/56 = 256 /64)
|||| |||| |||| 52 (/52 = 4096 /64)
|||| |||| |||48 Typical assignment for larger sites (/48 = 65536 /64) - Many ISP also do for residential
|||| |||| ||44
|||| |||| |40
|||| |||| 36 possible future Local Internet registry extra-small allocations
|||| |||32 Local Internet registry minimum allocations
|||| ||28 Local Internet registry medium allocations
|||| |24 Local Internet registry large allocations
|||| 20 Local Internet registry extra large allocations
|||16
||12 Regional Internet Registry allocations from IANA[15]
|8
4

FAQ:

Q: Are internet connections blocked when simplewall is not running?

A: Yes. Installed filters are working even if simplewall is terminated.

Q: What apps are blocked in default configuration?

A: By default, simplewall blocks all applications, you do not need to create custom rules to block specific application.

Q: Is it safe to use simplewall with Windows Firewall?

A: Yes. You do not need to disable Windows Firewall. This two firewall works independently.

Q: How can i disable blocklist entirely?

A: Open Settings -> Blocklist and then click radio buttons labeled Disable.

Q: Where is blacklist mode?

A: Blacklist was removed many days ago for uselessness. But if you need it, you can still configure it.

Solution: Configure blacklist mode in simplewall:
  1. Open Settings -> Rules
  2. Uncheck Block outbound for all and Block inbound for all options.
  3. Create user rule (green cross on toolbar) with block action, any direction, Block connection name and empty remote and local rule.
  4. You can assign this rule for apps whatever you want to block network access.

Q: Why does my network icon have an exclamation mark?

A: When you are connected to a network, Windows checks for internet connectivity using Active Probing. This feature is named as NCSI (Network Connectivity Status Indicator). You can resolve this by one of this ways:

Solution 1: Enable NCSI through internal system rule:
  1. Open System rules tab.
  2. Allow NCSI rule (enabled by default).
Solution 2: Disable NCSI through system registry:

Create Disable NCSI.reg and import it into registry.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\NetworkConnectivityStatusIndicator]
"NoActiveProbe"=dword:00000001
"DisablePassivePolling"=dword:00000001
Solution 3: Disable NCSI through group policy:
  1. Launch the group policy editor (gpedit.msc ).
  2. Go to Computer Configuration -> Administrative Templates -> System -> Internet Communication Management -> Internet Communication Settings.
  3. Double-click Turn off Windows Network Connectivity Status Indicator active tests and then select Enabled. Click Ok.
  4. Open the Command Prompt (Admin) and enter gpupdate /force to enforce the changes made to the Group Policies.

Q: How can i disable Windows Firewall?

Start command line as an administrator, and enter commands below.

Disable Windows Firewall profiles: 
netsh advfirewall set allprofiles state off
Enable Windows Firewall profiles: 
netsh advfirewall set allprofiles state on

Q: How can i view all filters information?

Start command line as an administrator, and enter commands below.

Dump filters information saved into a `filters.xml` file: 
cd /d %USERPROFILE%\Desktop

netsh wfp show filters
Dump providers, callouts and layers information into a `wfpstate.xml` file: 
cd /d %USERPROFILE%\Desktop

netsh wfp show state

Open it in any text editor and study.

Q: Other questions:

Website: www.henrypp.org
Support: [email protected]

(c) 2016-2021 Henry++

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].