Discussion in 'MDL Projects and Applications' started by DavidXanatos, Dec 23, 2018.
no i think now its to late no need to change it anyways
should change thread title as well
can you give us rundown on what different colors are in logs ? yellow bright, red, orange, blue, sky blue
My guess is orange blocking without any rules . blue LAN connection but what are other blue and yellow blocks . green internet allowed?
The different colors indicate trffic type, LAN, local hos multicast, public internet,
the colors are mostly for debugging currently.
First of all let me thank you for sharing your talent!
Pardon me if I missed something (I'm newbie), but please give some clarification as it follows.
1) does your app set the embedded Windows Defender or acts as separated firewall? Which is the best policy to handle Windows Defender? Can Windows Defender be removed without impacting your firewall?
2) is your app compatible with a WIN10 PRO 1909 that uses Symantec Endpoint Protection with its firewall? From my knowledge SEP de-activate Windows Defender and runs its own firewall. Any suggestion to use your app in such configuration (=can it be run in addition to SEP firewall)?
3) about your firewall setup: does it have a feature like "prompt before allowing application traffic", or better rephrased, does it run with this approach as default?
4) from what I know (I'm newbie) Windows Services (svchost.exe) has to be granted to access internet, what are the services strictly mandatory? I would like to deny access most of them to preserve privacy.
Please think about creating some instructions for people who are not expert as the ones who commented/helped your doing here so far (apart me).
Looking forward for your kind reply.
Thank you again.
1) Priv10 is using the built in windows firewall.
2) WIN10 PRO 1909: Yes; Symantec Endpoint Protection: I have not tested, but when you say it deactivates the windows firewall than priv10's firewall feature wont work. But you can still use the DNS filter and tweaking options.
4) DNS-Cache, DHCP, hmm... what else... I will have to test and compile a list....
I wanted to wait until the app hits 1.0 (stable) release and then start the documentation, right now we see lots of changed and new features and I think it would be to confusing to change the entire documentation after each update.
Thank you for replying me.
For what is worth, I installed it but it seems that point 2) Symantec Endpoint Protection is not compatible. Your application fails to start. Probably SEP impacts on Windows Defender in such a way that makes your app failing.
Just a suggestion: why don't you think to split your app separating firewall portion from DNS filter and tweaking options?
You are right.
It makes sense.
Because it may be desired to block domains globaly from the firwall frontend, or to see in the dns panel wat apps caused a particular request.
The right approche should be t fix the issue that causes it to crash and than just say that firewall functionality is not avilable.
is there a free trail of that Symantec Endpoint Protection available?
You need to login to view this posts content.
I'm having trouble installing and running this software. I'm using Windows 10 LTSC (2019), and the software just stops working when it's supposed to start running with a standard error massage.
Is there a way to debug or get a log file while running this software?
If starting it from a command prompt, it will output a log to the console. Nice idea borrowed from Linux.
I see, I'm gonna try that. Thanks.
I have now found the issue in my case. It seems that this software cannot run while I use a third-party theme. By chaning to a Windows theme it seems to be running fine.
Running the .exe with CMD gives me this result:
"Unhandled Exception: System.Windows.Markup.XamlParseException: Initialization of 'System.Windows.Controls.TabControl' threw an exception. ---> System.IO.FileLoadException: Could not load file or assembly 'PresentationFramework.NeatX, Version=220.127.116.11, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies."
Is there something I can do to resolve this issue? I really enjoy this theme, mostly because it makes Windows run i a dark environment.
What Theme is it? i would need to install it on a debug machine and do some testing.
It's called "NeatX" made by a user on DeviantArt under the nickname "metalbone1988". I have used "UltraUXThemePatcher" (by Manuel Hoefs) to allow 3rd-party themes, but it does not seem to have a issue with that software.
Hi David, you could make the firewall much easier and powerful to use, consider these examples:
-block all protocols except 1, 6 and 17
-block protocols 22-254
-block all outgoing ICMP type 3 except code 4
-block ICMP type 20-255
All the above could be expressed as one logical rule each, yet what does it take to create them using the gui now
EDIT: After using the program's stop spying options on Server 2019 I'm receiving a constant stream of ctfmon popup windows with title "ctfmon.exe - Success", content "Unknown hard error <OK>". Close one and another appears. Very bad. Uninstalled the program and chose to undo settings, but this thing just won't go away even after reboot. Luckily tried it in a vm.
Not good indeed... i did not encountered such an issue during my tests, could you please repeat the test and try to pinpoint which tweak exactly caused the issue?
hmm... but I really do not want that service to run...
haaa... I think I know whats the problem, at least I have a hypothesis.
With error reporting running I've seen processes not properly crash but often fail silently,
I would assume that ctfmon.exe fails for whatever reason (windows is banana software now) and without that service this crash gets reported to the user while with it would only be reported to MSFT...
I will play with that hypothesis when i find some spare time.... cooking something new up right now... stay tuned....