Skip to content

FAQ

Jump to bottom Edit New page
sdasicmb edited this page May 15, 2023 · 47 revisions

Why doesn't Fort Firewall block any programs after installation?

Fort Firewall is in an "auto-learning" mode after installation.

It will display alerts in the system tray.

You need to change a Filter mode to Block and check the automatically allowed applications in the Programs window.

(This initial behaviour is for when you install it on a remote computer, so that the connection is not automatically blocked).

Windows 7 SP1 64-bit fails to install drivers that are not digitally signed

See "SHA-2 Code Signing Support for Windows 7".

Fort Firewall fails to install due to a missing "msvcp*.dll" or "api-ms-*.dll"

Install the latest Visual C++ x86 (32-bit!) redistributable package.

Limitations of the 32-bit version of Fort Firewall

  • Dark Mode is not supported.

Limitations of the "Apply same rules to child processes" option

The "Apply the same rules to child processes" option only affects new processes, so you need to restart a program after changing its options.

What is the difference between "Internet Addresses" and "Allowed Internet Addresses" on the "IP Addresses" tab?

  1. All FW rules apply to "Internet Addresses" only. LAN addresses are allowed immediately by the FW and are not checked by application groups or speed limiter.

For example here you can describe Internet addresses as:

  • "Include All" addresses,
  • but exclude 127.0.0.0/8, 192.168.0.0/16.
  1. "Allowed Internet Addresses" may be used for example:
  • to block only some addresses:
    • "Include All" addresses,
    • but exclude facebook.com: "31.13.72.36".
  • to allow only some addresses:
    • "Exclude All" addresses,
    • but include wikipedia.com: "91.198.174.192".

Do the App rules override the Allowed Internet rules?

Filtering steps:

  1. If address is 127.* or 255.255.255.255 and "Filter Local Addresses" is turned off, then PERMIT
  2. If "Filter Enabled" is turned off, then PERMIT
  3. If "Stop Traffic" is turned on, then BLOCK
  4. If address is not from "Internet Addresses", then PERMIT
  5. If "Stop Internet Traffic" is turned on, then BLOCK
  6. If address is not from "Allowed Internet Addresses", then BLOCK
  7. If app path is allowed, then PERMIT
  8. BLOCK or PERMIT due to “Filter Mode” option

What does the "Make trackable" button do in Services?

It modifies the selected Service's settings in the registry "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\<SERVICE-NAME>":

  • changes the "Type" value to "16" (Own Process),
  • adds "-s <SERVICE-NAME>" argument to "ImagePath" value,
  • stores old "Type" & "ImagePath" values into "_Fort*" values.

For the new values to take effect, you must restart the services that have been changed or restart the computer.

(Some services already run with "-s <SERVICE-NAME>" argument by SvcHost.exe, so it's not necessary to make them explicitly traceable).

What is a Windows Filtering Platform?

Windows Filtering Platform (WFP) is configured by installing providers of filter rules: WFP Architecture.

All firewalls (those based on WFP) use a filter provider: the default Windows Firewall (WFW) provider or a custom one.

For example, WFC, Glasswire use WFP's default provider.
But SimpleWall, TinyWall use their own provider.

There is a Filter Arbitration mechanism to process multiple providers in WFP. (BTW, the weight of the filter is only important within the provider.)

In addition, firewalls can use the standard WFP filtering mechanism or a custom mechanism using a custom kernel driver - Callout driver.

Therefore, some other firewalls have their own drivers for flexible filtering.
For example, Fort Firewall, Portmaster, PeerBlock.

Formatting of application rules within Application Groups

Fort Firewall provides a user-friendly, efficient, and robust rule editing feature for effectively blocking applications. Firewall rules can be formatted using a pattern format similar to the one described in the Git documentation for .gitignore files. This format allows for specifying patterns to match files or directories.

  • For example, to create a rule for the file "C:\Downloads\test.exe" using this format, you can use the following pattern: C:\Downloads\test.exe

  • To create a rule that blocks all .exe files in the "C:\Downloads" directory: C:\Downloads\*.exe

  • To create a rule that blocks all files in the "C:\Downloads" folder and its subdirectories: C:\Downloads\**

  • To create a rule that blocks all files in one-level subdirectories of the "C:\Downloads" folder: C:\Downloads\*\*.exe

  • To create a rule that blocks all files with the ".exe" extension in any subdirectory of "C:\Downloads": C:\Downloads\**\*.exe

  • To create a rule that blocks any file named "secret.exe" in any location: **\secret.exe

  • To create a rule that blocks any file located in the folder "Downloads" on all drives: ?:\Downloads\**

  • To create a rule that blocks any file located in the folder "Downloads" on specific drives: [CD]:\Downloads\**

Please keep in mind that you can use the forward slash / and backward slash \ at your own discretion.

Add a custom footer
Add a custom sidebar
Clone this wiki locally