vistafirewallcontrol.freeforums.org

[xor]

Hi ,

though VFC looks promising, I feel there are a few features missing that would make it much more usefull:

1. Instead of just zones, allow each rule to directly specify src/dst ports/IPs. It really is a big hassle to create a zone each time I want to allow just specific IPs or ports for a certain application.

2. Allow more than one zone for each rule. Or at least more than one rule per application. For example, I would like to allow most applications to post to 127.0.0.1 (localhost), plus some individual zones.

Oh, and naming the predefined rule sets "zones" is a bit confusing. A "zone" normally is a "network zone", not a rule set.

Cheers,
XOR

[v941726]

are you guys done with this program

[VistaFirewallControl]

1

Using VFC definitions you can just create a MYZONE with a MYRULE set to your IP/port pair in the Zones tab (the repository). Then you can apply the entire MYZONE to an application or the MYRULE separately to any repository’s zone or an application’s zone directly by a single click. Undoubtedly there is no need to create the entire zone each time.

2

Using VFC definitions zone is a set of rules, so you can add multiple rules to a zone and have multiple rules set to an application. “Add from repository” button (Edit Zone dialog) makes easy new rule distribution. FYI: LocalHost enabling rule is already set to almost any predefined zone.

[xor]

Using VFC definitions you can just create a MYZONE with a MYRULE set to your IP/port pair in the Zones tab (the repository). Then you can apply the entire MYZONE to an application or the MYRULE separately to any repository’s zone or an application’s zone directly by a single click. Undoubtedly there is no need to create the entire zone each time.

But that rule set called "MYZONE" and the "MYRULE" would contain just a certain set of IP-Addresses and Ports that will not fit for all my applications, right? So I still would need a single rule set (aka "zone") for most of my application, for example:

For my mailclient, I want to allow connections to 127.0.0.1 and 1.2.3.4:25 only. That is one rule set
For my browser, I want to allow connections to 127.0.0.1 and *.*.*.*:80 only. That is one more rule set
For my PDF-Reader, I want to allow connections to 127.0.0.1 and 6.7.8.9:8080 only. That is another rule set
And so on.

This is not very convenient.

Using VFC definitions zone is a set of rules, so you can add multiple rules to a zone and have multiple rules set to an application. “Add from repository” button (Edit Zone dialog) makes easy new rule distribution. FYI: LocalHost enabling rule is already set to almost any predefined zone.

Sure, it is doable, but very annoying to always have to specify a "zone" first just to bundle up some rules. Most of the times, rule sets ("zones") are application specific and can not be reused anyway.

To put a long story short: after using VFC for a while I think it is a very nice approach to just offer a better interface into Vistas firewall module, but it would be much better if it would reflect the full flexibility of the Vista firewall module.

But hey, that is just my opinion!

[VistaFirewallControl]

For my mailclient, I want to allow connections to 127.0.0.1 and 1.2.3.4:25 only. That is one rule set
For my browser, I want to allow connections to 127.0.0.1 and *.*.*.*:80 only. That is one more rule set
For my PDF-Reader, I want to allow connections to 127.0.0.1 and 6.7.8.9:8080 only. That is another rule set

Could you please clarify what exactly is not "convenient"?
Anyway if you need to introduce a new IP/port pair you will have to specify IP and port manually (there can be no magic here) once at least under an understandable (rule) name. After it was once specified the rule can be copied/applied to any repository's or application's zone by name (as reusing of 127.0.0.1 you have mentioned).
Moreover 90% of the work is already done in predefined zones you can copy/customize/rename.

Sure, it is doable, but very annoying to always have to specify a "zone" first just to bundle up some rules. Most of the times, rule sets ("zones") are application specific and can not be reused anyway.

VFC paradigm expects the applications behavior can be mostly typified, so the level of zone reusability is high enough. If you know an application or an application type which was not provided with a predefined zone, please specify. A new dedicated zone (or a zone template) will be easily added to the VFC repository.
However, you are right; there may be a scenario with a set of non-typified applications with a need to set very unique rule(s). All the overheads caused by VFC is 2 additional actions with (a) naming a new zone and (b) pressing add-rule button for the specific rule creation.
If you do think that the overhead is significant and zones will be always with a single, unique, non-reusable rule you could try to use Windows FW with extended security directly.
The firewalls are completely compatible.

[user12345x]

I just discovered VFC (free) and I'm very impressed by it's simplicity. I was a firm believer in ZoneAlarm, but over the years it became more and more bloated. Finally, I couldn't get any version of ZA to work with Vista. There was always a problem.

Now I've used VFC for a while now and never a problem. The only thing I would like to see is an option for the system tray icon to show data activity, both outgoing and incoming. ZA and also PC Tools firewalls have this option. It comes in handy sometimes, when a page is slow to load. You can glance at the icon and tell if there is still data coming in from the source. Any chance you might look at this as a future possibility? Thanks.

[VistaFirewallControl]

VFC at the present stage operates on the blocking events level, so there is no direct way to monitor allowed/passed traffic. However you are right the option should be considered.
Thank you.

[cabrote]

Hi,

I´m from Argentina, I was using ESET Firewall but decided tu use VFC and the software do what exaclty I was looking for.. excellent job I just wanted an aplication that let me choose which program to access the net and without any complications...

I think the program is excellent just the way it is and making noticeable changes to it would lost VFC origins.

I make my suggestions just to make know what i liked or not about VFC:

I´d like another:

- New Icon in tray (modern).
- A general design change of program windows and popups (keeping in mind to looks simple and modern)

The Best:

- Is excellent the ability to let me put a Mp3 for warning.... (ideal when running applications in fullscreen).
- just say allow or deny with a simple way.

Sorry for bad english I´d like to translate the program in spanish how could I help? or do ?

[VistaFirewallControl]

- New Icon in tray (modern).

Please realize when a program audience reaches a million there can be no best icon for everybody even theoretically.
Anyway if you could offer us a new (royalty) free icon we could consider the icon for adding it into the product.

- A general design change of program windows and popups (keeping in mind to looks simple and modern)

Could you please be more descriptive of what is unsuitable or not good-looking in the current design.

- Is excellent the ability to let me put a Mp3 for warning.... (ideal when running applications in fullscreen).

VFC uses the playing facilities of the system core only. We do not think VFC should integrate a media player functionality.
Please convert you MP3 to WAV and set any notification sound you want.

Sorry for bad english I´d like to translate the program in spanish how could I help? or do ?

If you would like to participate in Spanish version creation please contact us personally to support [at] sphinx-soft [dot] com with subject "Spanish translation"

[PITABoy]

I would like to see the "Register" option on the right click menu disappear once you register. Other than that I love this program. Keep up the good work.