this log works for me 1. copy and paste in txt and save 2. rename .. and change the extension to .reg 3. run reg file 4. done Add Windows Defender Firewall ContextMenu This PC for Windows 10 (English) Code: Windows Registry Editor Version 5.00 ; Add.Windows.Defender.Firewall.ContextMenu.Questo-PC.for.Win10 [HKEY_CURRENT_USER\Software\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\FirewallContextMenu] "Icon"="FirewallControlPanel.dll,-1" "MUIVerb"="Windows Defender Firewall" "Position"="" "SubCommands"="Com001Q;Com002Q;Com003Q;Com004Q;Com005Q;Com006Q;Com007Q" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Com001Q] "Icon"="FirewallControlPanel.dll,-1" "MUIVerb"="Windows Defender Firewall" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Com001Q\Command] @="RunDll32 shell32.dll,Control_RunDLL firewall.cpl" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Com002Q] "HasLUAShield"="" "MUIVerb"="Windows Firewall with Advanced Security" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Com002Q\Command] @="mmc.exe /s wf.msc" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Com003Q] "Icon"="FirewallControlPanel.dll,-1" "MUIVerb"="Allow apps through the firewall" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Com003Q\Command] @="explorer shell:::{4026492F-2F69-46B8-B9BF-5654FC07E423} -Microsoft.WindowsFirewall\\pageConfigureApps" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Com004Q] "CommandFlags"=dword:00000020 "HasLUAShield"="" "MUIVerb"="Enable Windows Firewall" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Com004Q\Command] @="powershell.exe -windowstyle hidden -command \"Start-Process cmd -ArgumentList '/s,/c,netsh advfirewall set allprofiles state on' -Verb runAs\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Com005Q] "HasLUAShield"="" "MUIVerb"="Disable Windows Firewall" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Com005Q\Command] @="powershell.exe -windowstyle hidden -command \"Start-Process cmd -ArgumentList '/s,/c,netsh advfirewall set allprofiles state off' -Verb runAs\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Com006Q] "HasLUAShield"="" "MUIVerb"="Reset Windows Firewall" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Com006Q\Command] @="powershell -windowstyle hidden -command \"Start-Process cmd -ArgumentList '/s,/c,netsh advfirewall reset' -Verb runAs\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Com007Q] "Icon"="%ProgramFiles%\\Windows Defender\\EppManifest.dll,-101" "MUIVerb"="Windows Defender Security Center" "CommandFlags"=dword:00000020 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Com007Q\Command] @="explorer windowsdefender:"
I recomend this... NB! If You have used some other tweak, You must remove it before, because on another way there may appear conflict. Code: Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\DesktopBackground\Shell\WindowsFirewall] "icon"="FirewallControlPanel.dll,-1" "MUIVerb"="Windows Defender Firewall " "Position"="Bottom" "SubCommands"="" [HKEY_CLASSES_ROOT\DesktopBackground\Shell\WindowsFirewall\shell] [HKEY_CLASSES_ROOT\DesktopBackground\Shell\WindowsFirewall\shell\001flyout] "Icon"="%ProgramFiles%\\Windows Defender\\EppManifest.dll,-101" "MUIVerb"="Windows Defender Security Center" [HKEY_CLASSES_ROOT\DesktopBackground\Shell\WindowsFirewall\shell\001flyout\command] @="explorer windowsdefender:" [HKEY_CLASSES_ROOT\DesktopBackground\Shell\WindowsFirewall\shell\002flyout] "Icon"="FirewallControlPanel.dll,-1" "MUIVerb"="Windows Defender Firewall " [HKEY_CLASSES_ROOT\DesktopBackground\Shell\WindowsFirewall\shell\002flyout\command] @="RunDll32 shell32.dll,Control_RunDLL firewall.cpl" [HKEY_CLASSES_ROOT\DesktopBackground\Shell\WindowsFirewall\shell\003flyout] "HasLUAShield"="" "MUIVerb"="Windows Defender Firewall with Advanced Security" [HKEY_CLASSES_ROOT\DesktopBackground\Shell\WindowsFirewall\shell\003flyout\command] @="mmc.exe /s wf.msc" [HKEY_CLASSES_ROOT\DesktopBackground\Shell\WindowsFirewall\shell\004flyout] "CommandFlags"=dword:00000020 "Icon"="FirewallControlPanel.dll,-1" "MUIVerb"="Allowed Apps" [HKEY_CLASSES_ROOT\DesktopBackground\Shell\WindowsFirewall\shell\004flyout\command] @="explorer shell:::{4026492F-2F69-46B8-B9BF-5654FC07E423} -Microsoft.WindowsFirewall\\pageConfigureApps" [HKEY_CLASSES_ROOT\DesktopBackground\Shell\WindowsFirewall\shell\005flyout] "CommandFlags"=dword:00000020 "HasLUAShield"="" "MUIVerb"="Turn On Windows Defender Firewall" [HKEY_CLASSES_ROOT\DesktopBackground\Shell\WindowsFirewall\shell\005flyout\command] @="powershell -windowstyle hidden -command \"Start-Process cmd -ArgumentList '/s,/c,netsh advfirewall set allprofiles state on' -Verb runAs\"" [HKEY_CLASSES_ROOT\DesktopBackground\Shell\WindowsFirewall\shell\006flyout] "HasLUAShield"="" "MUIVerb"="Turn Off Windows Defender Firewall" [HKEY_CLASSES_ROOT\DesktopBackground\Shell\WindowsFirewall\shell\006flyout\command] @="powershell -windowstyle hidden -command \"Start-Process cmd -ArgumentList '/s,/c,netsh advfirewall set allprofiles state off' -Verb runAs\"" [HKEY_CLASSES_ROOT\DesktopBackground\Shell\WindowsFirewall\shell\007flyout] "CommandFlags"=dword:00000020 "HasLUAShield"="" "MUIVerb"="Restore default settings" [HKEY_CLASSES_ROOT\DesktopBackground\Shell\WindowsFirewall\shell\007flyout\command] @="powershell -windowstyle hidden -command \"Start-Process cmd -ArgumentList '/s,/c,netsh advfirewall reset' -Verb runAs\"" .bat (.cmd) file Spoiler: .bat (.cmd) Code: @Echo Off Title Reg Converter v1.2 & Color 1A cd %systemroot%\system32 call :IsAdmin Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall" /v "icon" /t REG_SZ /d "FirewallControlPanel.dll,-1" /f Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall" /v "MUIVerb" /t REG_SZ /d "Windows Defender Firewall " /f Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall" /v "Position" /t REG_SZ /d "Bottom" /f Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall" /v "SubCommands" /t REG_SZ /d "" /f Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\001flyout" /v "Icon" /t REG_SZ /d "%%ProgramFiles%%\Windows Defender\EppManifest.dll,-101" /f Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\001flyout" /v "MUIVerb" /t REG_SZ /d "Windows Defender Security Center" /f Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\001flyout\command" /ve /t REG_SZ /d "explorer windowsdefender:" /f Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\002flyout" /v "Icon" /t REG_SZ /d "FirewallControlPanel.dll,-1" /f Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\002flyout" /v "MUIVerb" /t REG_SZ /d "Windows Defender Firewall " /f Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\002flyout\command" /ve /t REG_SZ /d "RunDll32 shell32.dll,Control_RunDLL firewall.cpl" /f Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\003flyout" /v "HasLUAShield" /t REG_SZ /d "" /f Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\003flyout" /v "MUIVerb" /t REG_SZ /d "Windows Defender Firewall with Advanced Security" /f Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\003flyout\command" /ve /t REG_SZ /d "mmc.exe /s wf.msc" /f Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\004flyout" /v "CommandFlags" /t REG_DWORD /d "32" /f Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\004flyout" /v "Icon" /t REG_SZ /d "FirewallControlPanel.dll,-1" /f Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\004flyout" /v "MUIVerb" /t REG_SZ /d "Allowed Apps" /f Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\004flyout\command" /ve /t REG_SZ /d "explorer shell:::{4026492F-2F69-46B8-B9BF-5654FC07E423} -Microsoft.WindowsFirewall\pageConfigureApps" /f Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\005flyout" /v "CommandFlags" /t REG_DWORD /d "32" /f Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\005flyout" /v "HasLUAShield" /t REG_SZ /d "" /f Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\005flyout" /v "MUIVerb" /t REG_SZ /d "Turn On Windows Defender Firewall" /f Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\005flyout\command" /ve /t REG_SZ /d "powershell -windowstyle hidden -command \"Start-Process cmd -ArgumentList '/s,/c,netsh advfirewall set allprofiles state on' -Verb runAs\"" /f Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\006flyout" /v "HasLUAShield" /t REG_SZ /d "" /f Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\006flyout" /v "MUIVerb" /t REG_SZ /d "Turn Off Windows Defender Firewall" /f Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\006flyout\command" /ve /t REG_SZ /d "powershell -windowstyle hidden -command \"Start-Process cmd -ArgumentList '/s,/c,netsh advfirewall set allprofiles state off' -Verb runAs\"" /f Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\007flyout" /v "CommandFlags" /t REG_DWORD /d "32" /f Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\007flyout" /v "HasLUAShield" /t REG_SZ /d "" /f Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\007flyout" /v "MUIVerb" /t REG_SZ /d "Restore default settings" /f Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\007flyout\command" /ve /t REG_SZ /d "powershell -windowstyle hidden -command \"Start-Process cmd -ArgumentList '/s,/c,netsh advfirewall reset' -Verb runAs\"" /f Exit :IsAdmin Reg.exe query "HKU\S-1-5-19\Environment" If Not %ERRORLEVEL% EQU 0 ( Cls & Echo You must have administrator rights to continue ... Pause & Exit ) Cls goto:eof
Thanks! I think I had a different expectation. I assumed I could right-click on specific .EXE files to add/remove them from firewall allowance. It appears none of the tweaks are meant to do that.
If you want have it, you have to make the corresponding contextmenu Yourself. This is easy to do if you use powershell. Personally I don't think it is no need to do because it is rarely needed. For example, You can use the following powershell command to add an .exe or what ever file in firewall. For example here is the firewall rules, what I use for Wise Care 365 Spoiler: Powershell rules Code: New-NetFirewallRule -DisplayName "WiseCare365" -Direction Inbound -Program "C:\Program Files (x86)\Wise\Wise Care 365\WiseCare365.exe" -Action Block -Profile Domain, Private, Public New-NetFirewallRule -DisplayName "WiseCare365" -Direction Outbound -Program "C:\Program Files (x86)\Wise\Wise Care 365\WiseCare365.exe" -Action Block -Profile Domain, Private, Public New-NetFirewallRule -DisplayName "WiseCare365 AutoUpdate" -Direction Inbound -Program "C:\Program Files (x86)\Wise\Wise Care 365\AutoUpdate.exe" -Action Block -Profile Domain, Private, Public New-NetFirewallRule -DisplayName "WiseCare365 AutoUpdate" -Direction Outbound -Program "C:\Program Files (x86)\Wise\Wise Care 365\AutoUpdate.exe" -Action Block -Profile Domain, Private, Public
I think there is the same limit for main "shell" key than other "shell" keys in submenus : 15 entries. If you have more, try to make submenus/subcommands. Adding firewall rule is easily done by script, note you might use Nsudo or alike with SetACL if you using firewall in whitelist mode (recommended way). But as said @kaljukass it's not something one needs to do very often, especially in whitelist mode, since everything is blocked by default and one can also make a firewall on/off toggle button to allow temporary access...
This thread should be merged with this one - https://forums.mydigitallife.net/threads/why-do-only-some-apps-ask-for-firewall-permissions.79758/ . I think a context menu to block whichever .exe for either Inbound or Outbound rules (or both) is seriously needed. It would so much faster than manually adding rules, given how many apps do not "go through" the process of asking you whether you allow them through your firewall or not, CCleaner being one of them.
It's built-in in WFC + I believe I've seen a quite few scripts for that here. Learn about whitelist mode and save you some hassle (creating billions of rules) netsh commands is sooooo hard man someone reaaaally need to make a script for you. netsh advfirewall firewall add rule name="My Application" dir=out action=block program="C:\path\MyApp.exe" enable=yes