Software Firewall for Windows?

@frostlike
yes you want Windows Update working, your system will turn to swiss cheese otherwise

Here’s how you should have it:

simplewall601×470 26.1 KB

“Disable” means not that the connections to Windows Update are blocked, it’s the other way around: it means that simplewall’s rules won’t apply to Windows Update. It’s just that the developer is really bad at English.

@3QVvxrhnYZ
are you sure about that? It sounds like it will actually disable the components.

Windows update should be enabled and unblocked.

edit: I just dug into the source and there appear to be two different mechanisms at play here:

• application based firewall (allow/block) rules
• and a domain blocklist system which can be disabled, allowed, or blocked

your picture is only covering the blocklist part, not whether the actual program is blocked or not.

Open main window menu Settings → Rules → Allow Windows Update

Yeah, just enabled this setting and boy do I have a lot of missing updates. I’ve basically been running around with my pants around my ankles for over a year…

Thanks guys!

Yeah it’s confusing, but in short: a rule has 3 states: allowed, blocked, and disabled. Disabled means that the rule itself is disabled, that is — it’s not active/it doesn’t apply to a connection. See this

Anyway, regarding @frostlike’s question, they can either “Disable (recommended)” or “Allow” Windows Update. To be on the safe side, I guess it’s best to “Allow”. I personally didn’t have any problems with Windows Update when it was “Disable (recommended)”.

Again there are two different ways for Windows Update to be broken by it.
For WU to work it must be:

• Set to Disable or Allow in Blocklist settings < the default here is fine.
• Allow Windows Update enabled in Rules settings < this is the important one.

Not that I enjoy being treated like trash when asking genuine questions, but for me the trust with the developer comes from whether work is getting done or not i.e., product is regularly being updated with security patches and bug fixes, new features being added (when applicable), etc… After all, you don’t have to interact with the developer to use the product. I for one have been using Simplewall for years and never even knew the guy was such a jerk.

I think is more important that there’s an active community or large user base so that you can receive support from other members as well, instead of relying from the developer(s) directly. But anyway this is already off-topic.

Oh, I totally forgot about it. On GitHub it says: “Open main window menu Settings → Rules → Allow Windows Update .” I thought that Settings is to click the cog icon on the toolbar (which is how I’ve always been accessing simplewall’s settings; I’ve never been doing anything via Settings on the ribbon), not the Settings button on the ribbon. In Settings via the cog icon, there’s no option related to Windows Update. So I thought that the info on GitHub is outdated and the issue was fixed, or something like that. Well, can’t blame me: to put two options related to Windows Update into two completely different places is bad UI. Anyway, I had Allow Windows Update unchecked all that time and had no problems with Windows Update.

I appreciate all of your replies!!!

I’m looking through all of the links posted in this thread.

Could someone please help me with my question regarding:
“If I have a Windows 10 PC connected to a hardware firewall device like a specialised Firewall Linux Distro, will the Firewall Linux Distro still be work if I have an installed on the Windows 10 PC that contains a trojan that’s sending data back to an author on the Internet?”

If your pc is infected with a trojan you should consider your computer as compromised, the firewall can’t really help.

Yes of course, I’ll try to explain it in another way:

Let’s forget the idea of a trojan. Let’s just say that an App installed on a Windows 10 PC contacts the Internet and sends personal and private data about the user to someone on the Internet. This App didn’t ask you for permission, but just does this transfer of data as “normal functioning”.

In the above situation, how does a Linux firewall installed on a hardware device protect the Windows 10 PC?

Well, i’m not and expert but firewalls usually block only addresses so I don’t think it makes any difference if it’s some app or some malicious code, if they have access to the internet they can send and receive data unless the address they’re connecting to is blocked. If you block the connections of an app who needs that to work, it will probably stop working.

I appreciate your reply!

However, it should be simple to block for a firewall to block a particular app from accessing the Internet.

Like I said, in the Windows 10 Pro built-in firewall I’ve blocked VLC media player from accessing the Internet, but it’s still able to “Check for updates” and it can update itself if an update has been released…

It’s incredibly important that a firewall can actually block an app from accessing the Internet…

Do you plan on creating an offline installer? An online only installer really hogs bandwidth on multi-machine installation. And the lack of offline installer means no distro packaged/flatpak integration. This limits us to your mirror which is a lot of times (at least for me) quite slow

Offline will come in the future, but it is not a high priority.

The issue with Flatpak is the level of Integration that is required for a firewall, Sand boxing and deep system integration does not go well together

Why is it not? It goes against the standard application distribution norm and hurts adoption for people with less than stellar internet, it’s also annoying that the linux distribution method consists of downloading files from a website (which is not the standard method and definitely increases the risk of fake websites etc) . It not being able to be properly packaged also means that it depends on safing server when there is absolutely no reason to.

And “will come in the future” only goes so far when it has already been 4 years since the feature was asked

Okay so in built-in Windows 10 Pro Firewall I’ve got VLC Player App blocked from accessing the Internet and VLC released an update today and there were no problems with the VLC Player App downloading the update. I just completed the update 5 minutes ago…

It seems like I’ll need to install another firewall App because the built-in Windows 10 firewall isn’t even doing something as basic as blocking an App from contacting the Internet.

Does anyone have experience with the Windows 11 built-in firewall?

You may have configured your blocking rules incorrectly. You need to create outbound rules to block an app.

I appreciate your reply!

I’ve spent a lot of time trying to configure the Windows 10 Pro’s built-in firewall, but I just can’t seem to get it to do the basic task of blocking apps from contacting the Internet like the VLC Player App…

Does anyone have experience with Glasswire?

The list of features is staggering and the price is decent at $3 per month per device:

I’m still researching this as it seems like such an extremely important question that needs to be answered.

From everything I’ve looked at it still seems like Glasswire has the best features.

I’m also looking into the firewall from Bitdefender as this is extremely popular from the reviews I’ve been reading: Bitdefender Security Software Solutions for Home Users

Norton seems like a bad choice since it uses up so much resources and many seem to question their customer privacy.

Edit:
I mean what’s the point of having an advanced router/Linux distribution hardware firewall when you have a single Windows 10/11 App that’s leaking your personal data…