Skip to content

FAQ

Jump to bottom Edit New page
Nodir Temirkhodjaev edited this page May 10, 2023 · 47 revisions

FAQ

Why Fort Firewall doesn't block any programs after installation?

Fort Firewall is in a "auto-learning" mode after installation.

It indicates about alerts in the tray system icon.

You have to change a Filter Mode to Block. And review the auto-allowed apps in the Programs window.

(This initial behavior is for case, when you install it on a remote computer. So the connection will not be auto-blocked.)

Windows 7 SP1 64-bit fails to install not digitally signed drivers

See "SHA-2 Code Signing Support for Windows 7".

Fort Firewall fails to install due a missing "msvcp*.dll" or "api-ms-*.dll"

Install the latest Visual C++ x86 (32-bit!) redistributable.

Restrictions of Fort Firewall's 32-bit version

  • Does not support Dark Mode

Restrictions of the "Apply same rules to child processes" option

The "Apply same rules to child processes" option affects only new processes.

So, you have to restart a program after changing its options.

What the difference is between "Internet Addresses" and "Allowed Internet Addresses" on the "IP Addresses" tab?

  1. All FW rules act on "Internet Addresses" only. LAN addresses are immediately allowed by FW and not checked by app groups or speed limiter.

For example here you can describe Internet addresses as:

  • "Include All" addresses,
  • but exclude 127.0.0.0/8, 192.168.0.0/16.
  1. "Allowed Internet Addresses" may be used for example:
  • to block only some addresses:
    • "Include All" addresses,
    • but exclude facebook.com: "31.13.72.36".
  • to allow only some addresses:
    • "Exclude All" addresses,
    • but include wikipedia.com: "91.198.174.192".

Do the App rules take precedence over the Allowed Internet rules?

Filtering steps:

  1. If address is 127.* or 255.255.255.255 and "Filter Local Addresses" is turned off, then PERMIT
  2. If "Filter Enabled" is turned off, then PERMIT
  3. If "Stop Traffic" is turned on, then BLOCK
  4. If address is not from "Internet Addresses", then PERMIT
  5. If "Stop Internet Traffic" is turned on, then BLOCK
  6. If address is not from "Allowed Internet Addresses", then BLOCK
  7. If app path is allowed, then PERMIT
  8. BLOCK or PERMIT due to “Filter Mode” option

What does the "Make trackable" button do in Services?

It modifies the selected Service's settings in the registry "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\<SERVICE-NAME>":

  • changes the "Type" value to "16" (Own Process),
  • adds "-s <SERVICE-NAME>" argument to "ImagePath" value,
  • stores old "Type" & "ImagePath" values into "_Fort*" values.

For the new values to take effect, you must restart the changed services or restart the computer.

(Some services already run with "-s <SERVICE-NAME>" argument by SvcHost.exe, so it's not necessary to explicitly make them trackable.)

What is a Windows Filtering Platform?

Windows Filtering Platform (WFP) is configured by installing providers of filter rules: WFP Architecture.

All firewalls (that based on WFP) use a filters provider: standard Windows Firewall's (WFW) provider or create custom one.

For example, WFC, Glasswire use WFW's standard provider.
But SimpleWall, TinyWall use own provider.

There is a Filter Arbitration mechanism to process multiple providers in WFP. (BTW, filter's weight is significant only inside of provider.)

Also, firewalls can use WFP's standard filtering mechanism or custom mechanism by using own kernel driver - Callout driver.

So, some other firewalls have own driver for flexible filtering.
For example, Fort Firewall, Portmaster, PeerBlock.
Add a custom footer
Add a custom sidebar
Clone this wiki locally