Firewall context menu registry tweak not working

Discussion in 'Windows 10' started by MonarchX, May 16, 2019.

  1. MonarchX

    MonarchX MDL Expert

    May 5, 2007
    1,628
    281
    60
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. boyonthebus

    boyonthebus MDL Addicted

    Sep 16, 2018
    511
    261
    30
    I believe there is a limit. Try categorizing with sub-menus.
     
  3. Said-IT

    Said-IT MDL Novice

    Nov 2, 2017
    1
    0
    0
    #4 Said-IT, May 16, 2019
    Last edited: May 16, 2019
    this log works for me
    1. copy and paste in txt and save
    2. rename .. and change the extension to .reg
    3. run reg file
    4. done


    Add Windows Defender Firewall ContextMenu This PC for Windows 10 (English)
    Code:
    Windows Registry Editor Version 5.00
    
    ; Add.Windows.Defender.Firewall.ContextMenu.Questo-PC.for.Win10
    
    [HKEY_CURRENT_USER\Software\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\FirewallContextMenu]
    "Icon"="FirewallControlPanel.dll,-1"
    "MUIVerb"="Windows Defender Firewall"
    "Position"=""
    "SubCommands"="Com001Q;Com002Q;Com003Q;Com004Q;Com005Q;Com006Q;Com007Q"
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Com001Q]
    "Icon"="FirewallControlPanel.dll,-1"
    "MUIVerb"="Windows Defender Firewall"
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Com001Q\Command]
    @="RunDll32 shell32.dll,Control_RunDLL firewall.cpl"
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Com002Q]
    "HasLUAShield"=""
    "MUIVerb"="Windows Firewall with Advanced Security"
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Com002Q\Command]
    @="mmc.exe /s wf.msc"
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Com003Q]
    "Icon"="FirewallControlPanel.dll,-1"
    "MUIVerb"="Allow apps through the firewall"
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Com003Q\Command]
    @="explorer shell:::{4026492F-2F69-46B8-B9BF-5654FC07E423} -Microsoft.WindowsFirewall\\pageConfigureApps"
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Com004Q]
    "CommandFlags"=dword:00000020
    "HasLUAShield"=""
    "MUIVerb"="Enable Windows Firewall"
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Com004Q\Command]
    @="powershell.exe -windowstyle hidden -command \"Start-Process cmd -ArgumentList '/s,/c,netsh advfirewall set allprofiles state on' -Verb runAs\""
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Com005Q]
    "HasLUAShield"=""
    "MUIVerb"="Disable Windows Firewall"
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Com005Q\Command]
    @="powershell.exe -windowstyle hidden -command \"Start-Process cmd -ArgumentList '/s,/c,netsh advfirewall set allprofiles state off' -Verb runAs\""
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Com006Q]
    "HasLUAShield"=""
    "MUIVerb"="Reset Windows Firewall"
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Com006Q\Command]
    @="powershell -windowstyle hidden -command \"Start-Process cmd -ArgumentList '/s,/c,netsh advfirewall reset' -Verb runAs\""
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Com007Q]
    "Icon"="%ProgramFiles%\\Windows Defender\\EppManifest.dll,-101"
    "MUIVerb"="Windows Defender Security Center"
    "CommandFlags"=dword:00000020
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Com007Q\Command]
    @="explorer windowsdefender:"
    
    
     
  4. kaljukass

    kaljukass MDL Expert

    Nov 26, 2012
    1,416
    490
    60
    #5 kaljukass, May 17, 2019
    Last edited: May 17, 2019
    I recomend this...
    NB! If You have used some other tweak, You must remove it before, because on another way there may appear conflict.

    Code:
    Windows Registry Editor Version 5.00
    
    [HKEY_CLASSES_ROOT\DesktopBackground\Shell\WindowsFirewall]
    "icon"="FirewallControlPanel.dll,-1"
    "MUIVerb"="Windows Defender Firewall "
    "Position"="Bottom"
    "SubCommands"=""
    
    [HKEY_CLASSES_ROOT\DesktopBackground\Shell\WindowsFirewall\shell]
    
    [HKEY_CLASSES_ROOT\DesktopBackground\Shell\WindowsFirewall\shell\001flyout]
    "Icon"="%ProgramFiles%\\Windows Defender\\EppManifest.dll,-101"
    "MUIVerb"="Windows Defender Security Center"
    
    [HKEY_CLASSES_ROOT\DesktopBackground\Shell\WindowsFirewall\shell\001flyout\command]
    @="explorer windowsdefender:"
    
    [HKEY_CLASSES_ROOT\DesktopBackground\Shell\WindowsFirewall\shell\002flyout]
    "Icon"="FirewallControlPanel.dll,-1"
    "MUIVerb"="Windows Defender Firewall "
    
    [HKEY_CLASSES_ROOT\DesktopBackground\Shell\WindowsFirewall\shell\002flyout\command]
    @="RunDll32 shell32.dll,Control_RunDLL firewall.cpl"
    
    [HKEY_CLASSES_ROOT\DesktopBackground\Shell\WindowsFirewall\shell\003flyout]
    "HasLUAShield"=""
    "MUIVerb"="Windows Defender Firewall with Advanced Security"
    
    [HKEY_CLASSES_ROOT\DesktopBackground\Shell\WindowsFirewall\shell\003flyout\command]
    @="mmc.exe /s wf.msc"
    
    [HKEY_CLASSES_ROOT\DesktopBackground\Shell\WindowsFirewall\shell\004flyout]
    "CommandFlags"=dword:00000020
    "Icon"="FirewallControlPanel.dll,-1"
    "MUIVerb"="Allowed Apps"
    
    [HKEY_CLASSES_ROOT\DesktopBackground\Shell\WindowsFirewall\shell\004flyout\command]
    @="explorer shell:::{4026492F-2F69-46B8-B9BF-5654FC07E423} -Microsoft.WindowsFirewall\\pageConfigureApps"
    
    [HKEY_CLASSES_ROOT\DesktopBackground\Shell\WindowsFirewall\shell\005flyout]
    "CommandFlags"=dword:00000020
    "HasLUAShield"=""
    "MUIVerb"="Turn On Windows Defender Firewall"
    
    [HKEY_CLASSES_ROOT\DesktopBackground\Shell\WindowsFirewall\shell\005flyout\command]
    @="powershell -windowstyle hidden -command \"Start-Process cmd -ArgumentList '/s,/c,netsh advfirewall set allprofiles state on' -Verb runAs\""
    
    [HKEY_CLASSES_ROOT\DesktopBackground\Shell\WindowsFirewall\shell\006flyout]
    "HasLUAShield"=""
    "MUIVerb"="Turn Off Windows Defender Firewall"
    
    [HKEY_CLASSES_ROOT\DesktopBackground\Shell\WindowsFirewall\shell\006flyout\command]
    @="powershell -windowstyle hidden -command \"Start-Process cmd -ArgumentList '/s,/c,netsh advfirewall set allprofiles state off' -Verb runAs\""
    
    [HKEY_CLASSES_ROOT\DesktopBackground\Shell\WindowsFirewall\shell\007flyout]
    "CommandFlags"=dword:00000020
    "HasLUAShield"=""
    "MUIVerb"="Restore default settings"
    
    [HKEY_CLASSES_ROOT\DesktopBackground\Shell\WindowsFirewall\shell\007flyout\command]
    @="powershell -windowstyle hidden -command \"Start-Process cmd -ArgumentList '/s,/c,netsh advfirewall reset' -Verb runAs\""
    
    
    .bat (.cmd) file
    Code:
    @Echo Off
    Title Reg Converter v1.2 & Color 1A
    cd %systemroot%\system32
    call :IsAdmin
    
    Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall" /v "icon" /t REG_SZ /d "FirewallControlPanel.dll,-1" /f
    Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall" /v "MUIVerb" /t REG_SZ /d "Windows Defender Firewall " /f
    Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall" /v "Position" /t REG_SZ /d "Bottom" /f
    Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall" /v "SubCommands" /t REG_SZ /d "" /f
    Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\001flyout" /v "Icon" /t REG_SZ /d "%%ProgramFiles%%\Windows Defender\EppManifest.dll,-101" /f
    Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\001flyout" /v "MUIVerb" /t REG_SZ /d "Windows Defender Security Center" /f
    Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\001flyout\command" /ve /t REG_SZ /d "explorer windowsdefender:" /f
    Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\002flyout" /v "Icon" /t REG_SZ /d "FirewallControlPanel.dll,-1" /f
    Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\002flyout" /v "MUIVerb" /t REG_SZ /d "Windows Defender Firewall " /f
    Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\002flyout\command" /ve /t REG_SZ /d "RunDll32 shell32.dll,Control_RunDLL firewall.cpl" /f
    Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\003flyout" /v "HasLUAShield" /t REG_SZ /d "" /f
    Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\003flyout" /v "MUIVerb" /t REG_SZ /d "Windows Defender Firewall with Advanced Security" /f
    Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\003flyout\command" /ve /t REG_SZ /d "mmc.exe /s wf.msc" /f
    Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\004flyout" /v "CommandFlags" /t REG_DWORD /d "32" /f
    Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\004flyout" /v "Icon" /t REG_SZ /d "FirewallControlPanel.dll,-1" /f
    Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\004flyout" /v "MUIVerb" /t REG_SZ /d "Allowed Apps" /f
    Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\004flyout\command" /ve /t REG_SZ /d "explorer shell:::{4026492F-2F69-46B8-B9BF-5654FC07E423} -Microsoft.WindowsFirewall\pageConfigureApps" /f
    Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\005flyout" /v "CommandFlags" /t REG_DWORD /d "32" /f
    Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\005flyout" /v "HasLUAShield" /t REG_SZ /d "" /f
    Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\005flyout" /v "MUIVerb" /t REG_SZ /d "Turn On Windows Defender Firewall" /f
    Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\005flyout\command" /ve /t REG_SZ /d "powershell -windowstyle hidden -command \"Start-Process cmd -ArgumentList '/s,/c,netsh advfirewall set allprofiles state on' -Verb runAs\"" /f
    Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\006flyout" /v "HasLUAShield" /t REG_SZ /d "" /f
    Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\006flyout" /v "MUIVerb" /t REG_SZ /d "Turn Off Windows Defender Firewall" /f
    Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\006flyout\command" /ve /t REG_SZ /d "powershell -windowstyle hidden -command \"Start-Process cmd -ArgumentList '/s,/c,netsh advfirewall set allprofiles state off' -Verb runAs\"" /f
    Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\007flyout" /v "CommandFlags" /t REG_DWORD /d "32" /f
    Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\007flyout" /v "HasLUAShield" /t REG_SZ /d "" /f
    Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\007flyout" /v "MUIVerb" /t REG_SZ /d "Restore default settings" /f
    Reg.exe add "HKCR\DesktopBackground\Shell\WindowsFirewall\shell\007flyout\command" /ve /t REG_SZ /d "powershell -windowstyle hidden -command \"Start-Process cmd -ArgumentList '/s,/c,netsh advfirewall reset' -Verb runAs\"" /f
    Exit
    
    :IsAdmin
    Reg.exe query "HKU\S-1-5-19\Environment"
    If Not %ERRORLEVEL% EQU 0 (
     Cls & Echo You must have administrator rights to continue ...
     Pause & Exit
    )
    Cls
    goto:eof
    
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. kaljukass

    kaljukass MDL Expert

    Nov 26, 2012
    1,416
    490
    60
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. MonarchX

    MonarchX MDL Expert

    May 5, 2007
    1,628
    281
    60
    Thanks! I think I had a different expectation. I assumed I could right-click on specific .EXE files to add/remove them from firewall allowance. It appears none of the tweaks are meant to do that.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. kaljukass

    kaljukass MDL Expert

    Nov 26, 2012
    1,416
    490
    60
    If you want have it, you have to make the corresponding contextmenu Yourself. This is easy to do if you use powershell. Personally I don't think it is no need to do because it is rarely needed.
    For example, You can use the following powershell command to add an .exe or what ever file in firewall.
    For example here is the firewall rules, what I use for Wise Care 365
    Code:
    New-NetFirewallRule -DisplayName "WiseCare365" -Direction Inbound -Program "C:\Program Files (x86)\Wise\Wise Care 365\WiseCare365.exe" -Action Block -Profile Domain, Private, Public
    New-NetFirewallRule -DisplayName "WiseCare365" -Direction Outbound -Program "C:\Program Files (x86)\Wise\Wise Care 365\WiseCare365.exe" -Action Block -Profile Domain, Private, Public
    New-NetFirewallRule -DisplayName "WiseCare365 AutoUpdate" -Direction Inbound -Program "C:\Program Files (x86)\Wise\Wise Care 365\AutoUpdate.exe" -Action Block -Profile Domain, Private, Public
    New-NetFirewallRule -DisplayName "WiseCare365 AutoUpdate" -Direction Outbound -Program "C:\Program Files (x86)\Wise\Wise Care 365\AutoUpdate.exe" -Action Block -Profile Domain, Private, Public
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  8. Thomas Dubreuil

    Thomas Dubreuil MDL Senior Member

    Aug 29, 2017
    299
    498
    10
    I think there is the same limit for main "shell" key than other "shell" keys in submenus : 15 entries.
    If you have more, try to make submenus/subcommands.

    Adding firewall rule is easily done by script, note you might use Nsudo or alike with SetACL if you using firewall in whitelist mode (recommended way).

    But as said @kaljukass it's not something one needs to do very often, especially in whitelist mode, since everything is blocked by default
    and one can also make a firewall on/off toggle button to allow temporary access...
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. MonarchX

    MonarchX MDL Expert

    May 5, 2007
    1,628
    281
    60
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  10. Thomas Dubreuil

    Thomas Dubreuil MDL Senior Member

    Aug 29, 2017
    299
    498
    10
    #11 Thomas Dubreuil, Jun 7, 2019
    Last edited: Jun 7, 2019
    It's built-in in WFC + I believe I've seen a quite few scripts for that here.
    Learn about whitelist mode and save you some hassle (creating billions of rules)

    netsh commands is sooooo hard man someone reaaaally need to make a script for you. :rolleyes:
    netsh advfirewall firewall add rule name="My Application" dir=out action=block program="C:\path\MyApp.exe" enable=yes
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. MonarchX

    MonarchX MDL Expert

    May 5, 2007
    1,628
    281
    60
    The OneClickFirewall does the trick! Winaero saves the day again!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...