Hi
I tried to install FortFirewall for my friend PC, he has windows 10 build 1909_x64 with UEFI boot, and disabled secure boot.
But the driver won't install and the service unable to start, also he installed latest VC++ x86 & x64, as you can see:

Any suggestions please ?

Add option to Uninstaller to delete data in the standard path (C:\ProgramData\Fort Firewall).

Hi,
It would be nice if Fort would block domains and have wildcards support and all that.

I think Simplewall used to have this feature, but I saw how nice it was when I installed popOS! to play with Linux and see if it was useful for me for the type of software I use, and the performance of wine and all that (it wasn't, Windows makes life easier). The only decent firewall I found to control apps connections was opensnitch and while it is not great, the only cool feature I found was that it can block by domain Open snitch wiki for how it works.

Blocking by IP should work most of the time and could even allow a feature like "block by country" to be implemented like (I think) Portmaster implemented, but in today's internet world here many companies have 1 domain linked to many IPs, blocking by domain could make things easier and better, and since you are working in the Network Rules tab, I thought it was a good day to request it so Hosts file doesn't have to be used for that anymore, and using it with OpenSnitch was cool and easy.

Thank you and have a good day.

После добавления правил из локального файла, могу ли я этот файл удалить?

development environment vs2019 + wdk10
found the error when build debug version ,but no error while release version
Severity Code Description Project File Line Suppression State
Error LNK2019 unresolved external symbol _assert referenced in function align_down fortdrv D:\vs2017\fort\src\driver\fortdrv.obj 1

Microsoft Visual Studio Professional 2019
Version 16.6.4

Windows Driver Kit 10.0.19030.1000
Headers, libraries, and tools needed to develop, debug, and test Windows drivers (msdn.microsoft.com/en-us/windows/hardware/gg487428.aspx)

While I love the project, it seems I'm sometimes getting Blue Screen of Death (BSOD) because of the driver.

Here's one PAGE_FAULT_IN_NONPAGED_AREA while trying to enable Core isolation's Memory Isolation feature

5: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

PAGE_FAULT_IN_NONPAGED_AREA (50)
Invalid system memory was referenced.  This cannot be protected by try-except.
Typically the address is just plain bad or it is pointing at freed memory.
Arguments:
Arg1: ffff9287f9cde248, memory referenced.
Arg2: 0000000000000011, value 0 = read operation, 1 = write operation.
Arg3: ffff9287f9cde248, If non-zero, the instruction address which referenced the bad memory
	address.
Arg4: 0000000000000002, (reserved)

Debugging Details:
------------------

*** WARNING: Unable to verify timestamp for fortfw.sys

Could not read faulting driver name

KEY_VALUES_STRING: 1

    Key  : Analysis.CPU.Sec
    Value: 1

    Key  : Analysis.DebugAnalysisProvider.CPP
    Value: Create: 8007007e on COFFEE

    Key  : Analysis.DebugData
    Value: CreateObject

    Key  : Analysis.DebugModel
    Value: CreateObject

    Key  : Analysis.Elapsed.Sec
    Value: 3

    Key  : Analysis.Memory.CommitPeak.Mb
    Value: 75

    Key  : Analysis.System
    Value: CreateObject


TAG_NOT_DEFINED_202b:  *** Unknown TAG in analysis list 202b


DUMP_FILE_ATTRIBUTES: 0x1808
  Kernel Generated Triage Dump

BUGCHECK_CODE:  50

BUGCHECK_P1: ffff9287f9cde248

BUGCHECK_P2: 11

BUGCHECK_P3: ffff9287f9cde248

BUGCHECK_P4: 2

WRITE_ADDRESS: fffff8012111c468: Unable to get MiVisibleState
Unable to get NonPagedPoolStart
Unable to get NonPagedPoolEnd
Unable to get PagedPoolStart
Unable to get PagedPoolEnd
fffff801210099a0: Unable to get Flags value from nt!KdVersionBlock
fffff801210099a0: Unable to get Flags value from nt!KdVersionBlock
unable to get nt!MmSpecialPagesInUse
 ffff9287f9cde248 

MM_INTERNAL_CODE:  2

BLACKBOXBSD: 1 (!blackboxbsd)


BLACKBOXNTFS: 1 (!blackboxntfs)


BLACKBOXPNP: 1 (!blackboxpnp)


BLACKBOXWINLOGON: 1

CUSTOMER_CRASH_COUNT:  1

PROCESS_NAME:  System

TRAP_FRAME:  ffffda032f887310 -- (.trap 0xffffda032f887310)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=fffff8014e9b14f8 rbx=0000000000000000 rcx=ffffda032f8874d0
rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
rip=ffff9287f9cde248 rsp=ffffda032f8874a8 rbp=ffffda032f8875b0
 r8=0000000000000004  r9=0000000000000000 r10=ffffa484f6e001a0
r11=ffffda032f8874a0 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei ng nz na po nc
ffff9287`f9cde248 488d0559010000  lea     rax,[ffff9287`f9cde3a8]
Resetting default scope

STACK_TEXT:  
ffffda03`2f8870e8 fffff801`2087ee61 : 00000000`00000050 ffff9287`f9cde248 00000000`00000011 ffffda03`2f887310 : nt!KeBugCheckEx
ffffda03`2f8870f0 fffff801`20657a8c : 00000000`00000000 00000000`00000011 ffffda03`2f8872a9 00000000`00000000 : nt!MiSystemFault+0x22a2f1
ffffda03`2f8871f0 fffff801`20836edd : 00000000`00000000 00000000`00000000 ffff9287`f9c2af10 00000000`00000000 : nt!MmAccessFault+0x29c
ffffda03`2f887310 ffff9287`f9cde248 : fffff801`4e9b12fe 00000000`00000000 ffff9287`f9cdd188 ffff9287`0000d150 : nt!KiPageFault+0x35d
ffffda03`2f8874a8 fffff801`4e9b12fe : 00000000`00000000 ffff9287`f9cdd188 ffff9287`0000d150 fffff801`4e9b5300 : 0xffff9287`f9cde248
ffffda03`2f8874b0 00000000`00000000 : ffff9287`f9cdd188 ffff9287`0000d150 fffff801`4e9b5300 00000000`0000000a : fortfw+0x12fe


SYMBOL_NAME:  fortfw+12fe

MODULE_NAME: fortfw

IMAGE_NAME:  fortfw.sys

STACK_COMMAND:  .thread ; .cxr ; kb

BUCKET_ID_FUNC_OFFSET:  12fe

FAILURE_BUCKET_ID:  AV_INVALID_fortfw!unknown_function

OSPLATFORM_TYPE:  x64

OSNAME:  Windows 10

FAILURE_ID_HASH:  {37d57057-92af-aba1-6b73-12c6047a1a62}

Followup:     MachineOwner

And a second one DRIVER_IRQL_NOT_LESS_OR_EQUAL after trying to reboot the computer:

2: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high.  This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 0000000000000008, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: ffff9689f338282c, address which referenced memory

Debugging Details:
------------------


KEY_VALUES_STRING: 1

    Key  : Analysis.CPU.Sec
    Value: 1

    Key  : Analysis.DebugAnalysisProvider.CPP
    Value: Create: 8007007e on COFFEE

    Key  : Analysis.DebugData
    Value: CreateObject

    Key  : Analysis.DebugModel
    Value: CreateObject

    Key  : Analysis.Elapsed.Sec
    Value: 1

    Key  : Analysis.Memory.CommitPeak.Mb
    Value: 75

    Key  : Analysis.System
    Value: CreateObject


DUMP_FILE_ATTRIBUTES: 0x1808
  Kernel Generated Triage Dump

BUGCHECK_CODE:  d1

BUGCHECK_P1: 8

BUGCHECK_P2: 2

BUGCHECK_P3: 1

BUGCHECK_P4: ffff9689f338282c

WRITE_ADDRESS: fffff8062871c468: Unable to get MiVisibleState
Unable to get NonPagedPoolStart
Unable to get NonPagedPoolEnd
Unable to get PagedPoolStart
Unable to get PagedPoolEnd
fffff806286099a0: Unable to get Flags value from nt!KdVersionBlock
fffff806286099a0: Unable to get Flags value from nt!KdVersionBlock
unable to get nt!MmSpecialPagesInUse
 0000000000000008 

BLACKBOXBSD: 1 (!blackboxbsd)


BLACKBOXNTFS: 1 (!blackboxntfs)


BLACKBOXPNP: 1 (!blackboxpnp)


BLACKBOXWINLOGON: 1

CUSTOMER_CRASH_COUNT:  1

PROCESS_NAME:  FortFirewall.e

TRAP_FRAME:  ffff810152b485a0 -- (.trap 0xffff810152b485a0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=0000000000000006
rdx=ffff968a07b324b0 rsi=0000000000000000 rdi=0000000000000000
rip=ffff9689f338282c rsp=ffff810152b48730 rbp=ffff968a07b31238
 r8=ffff968a07b31498  r9=ffff968a07b321e0 r10=ffff968a10824710
r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei pl zr na po nc
ffff9689`f338282c 4c894808        mov     qword ptr [rax+8],r9 ds:00000000`00000008=????????????????
Resetting default scope

STACK_TEXT:  
ffff8101`52b48458 fffff806`27e3b0a9 : 00000000`0000000a 00000000`00000008 00000000`00000002 00000000`00000001 : nt!KeBugCheckEx
ffff8101`52b48460 fffff806`27e36fe8 : 00000000`00000000 fffff806`27cd4a89 ffff9689`f2010380 00000000`00000202 : nt!KiBugCheckDispatch+0x69
ffff8101`52b485a0 ffff9689`f338282c : ffff968a`07b31238 ffff968a`07b31238 00000000`00000040 ffff968a`00be3050 : nt!KiPageFault+0x468
ffff8101`52b48730 ffff968a`07b31238 : ffff968a`07b31238 00000000`00000040 ffff968a`00be3050 00000000`00000f80 : 0xffff9689`f338282c
ffff8101`52b48738 ffff968a`07b31238 : 00000000`00000040 ffff968a`00be3050 00000000`00000f80 ffff9689`f3381aa0 : 0xffff968a`07b31238
ffff8101`52b48740 00000000`00000040 : ffff968a`00be3050 00000000`00000f80 ffff9689`f3381aa0 ffff968a`00000000 : 0xffff968a`07b31238
ffff8101`52b48748 ffff968a`00be3050 : 00000000`00000f80 ffff9689`f3381aa0 ffff968a`00000000 00000000`00000002 : 0x40
ffff8101`52b48750 00000000`00000f80 : ffff9689`f3381aa0 ffff968a`00000000 00000000`00000002 00000000`00000000 : 0xffff968a`00be3050
ffff8101`52b48758 ffff9689`f3381aa0 : ffff968a`00000000 00000000`00000002 00000000`00000000 00000000`00000000 : 0xf80
ffff8101`52b48760 ffff968a`00000000 : 00000000`00000002 00000000`00000000 00000000`00000000 00000000`0000003e : 0xffff9689`f3381aa0
ffff8101`52b48768 00000000`00000002 : 00000000`00000000 00000000`00000000 00000000`0000003e ffff9689`f3382736 : 0xffff968a`00000000
ffff8101`52b48770 00000000`00000000 : 00000000`00000000 00000000`0000003e ffff9689`f3382736 00000000`00000000 : 0x2


SYMBOL_NAME:  nt!KiPageFault+468

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

IMAGE_VERSION:  10.0.22621.608

STACK_COMMAND:  .thread ; .cxr ; kb

BUCKET_ID_FUNC_OFFSET:  468

FAILURE_BUCKET_ID:  AV_nt!KiPageFault

OSPLATFORM_TYPE:  x64

OSNAME:  Windows 10

FAILURE_ID_HASH:  {ec3e2762-48ae-ffe9-5b16-fbcb853e8320}

Followup:     MachineOwner
---------

Is there anything that could be done?

I'm running Windows 11 22H2 (22621.608) with Fort Firewall v3.6.0. There issues happened with Windows 21H2 as well, but I was just now able to pinpoint it. Previously, I thought it was, because I added more memory (4 sticks instead of 2 sticks), but that does not seem to be the case.

[ Bug ] When I enable password function, It works just fine but sometimes without known reason, password disappear and become completely open, and that's weird.

(Extracted from #46)

Hello,

Absolutely love this project! The wildcard file path matching and per-service resolution are one of a kind, I never thought I would see this possible. Just one question - what is the current state of IPv6? I noticed that it's absent from the UI and you have it in your TODO list, but at the moment, what happens to IPv6 connections? Do app filters work on them? Are all IPv6 connections automatically allowed/blocked?

Many thanks

Hi Mr.tnodir, I hope you are doing well.

first of all, I like your recently changes about dark theme, color of system tray icon and the (Animate Alert Icon feature) is super cool.
The dark theme become more and more impressive.

But I want to tell you about two things please:

1- After I reboot my PC and open the FortFirewall (Programs) window, when I try to click or select any Application, I noticed that the window become laggy and not responding for seconds, after that it becomes normal. this always happen after reboot or start FortFirewall for first time.

2- On programs UI window, I suggest to relocate (State) column next to (Name) column, so we can see the App state without needing to Maximize the window or moving the slide , OR you can just make the columns movable, See Pictures bellow:

Thank you so much for this piece of art.

Change the system tray icon colors to Gray when filters are disabled, and Red when stop traffic or stop internet traffic.

(Extracted from #18)

Little silly Dumb clarification needed

see through the screen shot below I am little bit confused

• Application's Internet is blocked if it is set to application group enabled state and working as it intended to be.
• But I am confused why options below is not greyed out use application group enabled state is set
• Is the intended purpose is missing or I am dumb please explain this feauture a little bit as i donot know the intended purpose.

Hi, first of all thansk for this app. This is maybe not issue, but app lacks the wiki. I installed it replace windows firewall which i have been disabled in my win10. After installing your app it blocked whole internet for windows. And im able to make windows get internet only when i disable filtering.
Can you please tell me, how should i make FW to work in this maner:
Allows everything but blocks only those apps which is in some blacklist? I did everything but whenver i enabled filtering it made windows to not see internet connection.
Also there is no any alerts when firewall blocks something. Also statistics page do not show any chart/graph.

hi!

just got one bsod when updating to 3.6.2

Even If I enable "Stop traffic" and "Stop internet traffic", I always can go to the web with Firefox or Chrome.
I'm under Fort 3.5.6 and Windows 11 Pro

Add option to animate alert in system tray icon to be more visible and get attention.

I'm just thinking, is there any idea to prevent FortFirewallSvc from stopped by user, like "Access Denied" or something,
I like the password idea and stop anyone using my internet without my knowledge, but anyone who end the service process can bypass all filters.
I'm just asking, I don't want to waste your time anymore.

[ Request ] password function need more protection, when I uninstall FF it requires exit from tray icon and FF won't exit without password and that's fine, but I still can kill FF from task manager and uninstall FF normally, So we need password request when try to uninstall it.

(Extracted from #46)

Selecting an option from the tray icon will cause the program to close itself.

Here henrypp/simplewall#1198 (comment) @tnodir says it is possible i cant find how

Support SSL decryption and proxy

Network Rules Greyed out

May be my issue sound silly, please let me know how to work in Network rules.

Please add documentation

If possible please add documentation to explain important things to be considered to sucessful implementation for IT

hi
windows7 sp1 64-bit need that driver .sys was digitally signed

any workaround?

Какие приемущества даёт опция "Запускать Fort Firewall как Сервис в фоне"

Quota function not working as expected, because sometimes I set daily quota to (e.g 20 MiB) and set ( stop internet traffic when quota exceed) and clear the daily statistics, but unfortunately internet keeps working over 20 MiB and even quota warning message not appear.
After I exit and open FF many times quota works normally.

(Extracted from #46)

On my FF settings,
1- I enabled filter local addresses
2- I disabled local ip address from list #127.0.0.1
3- I choose " Stop traffic when FF stoped" option

When I ping to 127.0.0.1 via cmd it says failed which means the local address is blocked.

But when we stop fortfirwallSvc, the traffic will stop on all applications, but if we ping to 127.0.0.1 via cmd it says Reply, which means the filter of local addresses is stop working

input:

• deny all

output:

• allow all
• except: bad-remote-site.com
• except: bad-remote-ip
• except: bad-remote-netowork

Hi,

When you use schedule either by using Block in or Block at, the Program's name changes to a 0 or 1, when the program gets blocked.

There also seems to be a weird issue with Block At not respecting the time scheduled for the block. I wanted the program to be allowed for some minutes and not 1 hour, so I used Block At.

It seems 5 minutes is the minimum that will be scheduled, so if you clock says 10:00 you can't set it to 10:02 or anything less than 10:05 because it would get ignored.
But the issue I found is mostly how I created many schedules and all of them got blocked at once at 10:15, because I kept editing programs and adding new schedules and then it was like the time was getting reset to 5 minutes, so the last rule I added was at 10:10, set to block at 10:13 and then it worked until 10:15, but then all the other 10 programs I was set to block at 10:02, 03, 05, 06, 07, and 09 and 10, didn't work because they inherited the 5 minutes from the last scheduled added.

But I made a second test at 10:45, the schedules were set to be blocked at 10:50:37, 10:52:37 and 10:55:37 (I checked the seconds on this second test) the first rule got blocked some seconds after 10:50:37, but the 10:52:37 didn't get blocked properly, it was blocked at 10:56 when the last schedule was blocked so the 3 minutes difference was totally ignored by Fort.

I mean, not like it matters much since the difference is minimal and it is something nobody would notice or care but I thought I would mention it since it is suppose to be blocked by the clock time, not like seconds or minutes after a rule was created like Blocked In, does. And even if that was the case and it wants to use 5 minutes increments, a schedule shouldn't affect the others, so the one that was set to be blocked at 10:02, shouldn't be affected by the one at 10:10. So it is technically not working as expected even if it is insignificant issue.

The real issue here is the program name getting replaced since programs have to be opened one by one to get the name again.

Hello,

I’ve got a BSOD PAGE FAULT IN NONPAGED AREA during the install, a bit after the cmd prompt shows up. I don’t have time to read what is written in there before the BSOD occurs.
I wondered if you can help me how can I troubleshoot to know what could be the cause of this? What do you need me to provide? Is there some logs that could help?

Thanks.

Hi
What do you think about adding "Allowed connections" tab to Statistics UI, and make it similar to "Blocked connections" window, with same details like (IP address, direction, host name and Auto scroll,... etc).
It will be so useful for network diagnostics and make FortFirewall more professional.

Hi
I just want to ask, how to enable limit D/U for a specific application (e.g IDM, Chrome, etc) ?
I can't find a documentation for that.

I have bsod after installing fort firewall and latest updates for win 2016 server
0x00000192: KERNEL AUTO BOOST LOCK ACQUISITION WITH RAISED IRQL

There are no bsod if i delete fortfw.sys from system32\drivers

Add ability to show download/upload speed for each allowed application in programs UI ( it's so useful to determine what application eating bandwidth at the real-time).

(Extracted from #18)

Add dark theme for all UI.

(Extracted from #18)

IPv4 Addresses: Add ability to select IP Lists for Include/Exclude.

Driver will monitor the running processes: if started svchost.exe instance contains "-s ServiceName" command line option, then the program instance's path will be provided to UI as "\svchost\ServiceName".

Windows 7 x64 system. After installation, at startup it asks for a file api-ms-win-shcore-scaling-l1-1-1.dll.
I downloaded two versions from https://www.dll.ru/files/api-ms-win-shcore-scaling-l1-1-1-dll and threw in %windir%\system32 and %windir%\syswow64, respectively. After that, at startup writes:

FortFirewall.exe - Entry point not found
The entry point to the CreateDXGIFactory2 procedure was not found in the DLL dxgi.dll .

How to make it work?

P.S. Greetings from Tashkent))

Auto-allow or -block programs by their signatures.

I finally decided to try your Firewall recently after watching it grow in wilderssecurity for months and I think it is great, but there is one thing I don't understand about the firewall and it is: how Fort Firewall has to be opened all the time for it to work and do the the filtering and apply the rules we set.
I thought that by installing the driver, it would keep running in the background, which it seems to be able to do when using "stop traffic when Fort Firewall is not running", but then I had to opened it for it to work and then when closing it it just starts allowing all the connections again.

Not the end of the world but It would be nice if Fort Firewall could keep running in the background at all times and do the filtering even when app is closed, just like how other firewalls do it. I mean, I know since Fort Firewall doesn't write 'persistent' BFE rules in the registry like other firewalls so it is intended to work work differently but I just don't think having to run the firewall at all times in the tray is the best experience, especially when Start with Windows is not even on by default and the only work around would be to use the Stop traffic when fort firewall is not running so a connection we don't want allowed doesn't get allowed, also closing a program is so easily done by a crash or by stuff like Taskkill and not even admin rights so anyone could easily get rid of Fort Firewall and that would be a security risk. I mean, having to run fort firewall in order to work makes sense when portable mode, but not when I want to use it as the main firewall replacing the Windows native one.

It is just a feature request. I know it is not the end of the world and it doesn't make the firewall impossible to use, I know some people would suggest "keep using simplewall or Tinywall (and wait for Tinywall to do IP filtering)", but I like what I see in your firewall and would like it to improve it.

Thank you and have a good day.

After I reboot my PC and open the FortFirewall (Programs) window, when I try to click or select any Application, I noticed that the window become laggy and not responding for seconds, after that it becomes normal. this always happen after reboot or start FortFirewall for first time.

(Extracted from #46)

Hi!

just got one "UNEXPECTED KERNEL MODE TRAP" when turned on my computer... wondering if this is coming from FF? I updated yesterday to 3.7.1 without issues.

I think the installation failed for me on my laptop, if possible I'd prefer not "Disable Driver Signature Enforcement", but do I have no choice?

C:\Program Files (x86)\Fort Firewall\driver\scripts>taskkill /F /IM mmc.exe
ERROR: The process "mmc.exe" not found.

C:\Program Files (x86)\Fort Firewall\driver\scripts>sc stop fortfw
[SC] ControlService FAILED 1062:

The service has not been started.


C:\Program Files (x86)\Fort Firewall\driver\scripts>sc delete fortfw
[SC] DeleteService SUCCESS

C:\Program Files (x86)\Fort Firewall\driver\scripts>Del "C:\windows\System32\drivers\fortfw.sys"
End execution... Error Code = 0
        1 file(s) copied.
[SC] CreateService SUCCESS
[SC] StartService FAILED 577:

Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Error: Cannot start the service
End execution... Error Code = 577
Press any key to continue . . .

There is a conflict or misbehavior between Programs window list and applications/path added to the Application groups.

For example, when an application is blocked it will be listed as "Alert" in the Programs window, so if you add a program/path to the application group, the application that was blocked would not get whitelisted and get network connection.

I noticed this when I was trying to whitelist UWP, as you know, the path changes on every update which is really annoying, especially on windows firewall, and even if some rules are automatically created by the update, the uwp desktop apps like Foobar need the exe to be whitelisted not the "uwp app" like would work with pure uwp apps like the weather app. But anyway, instead of me going to programs and whitelisting every new version whenever it happens and I get no network connection, I finally thought I would make use of the Application Group and wildcard support (duh).

So I put an asterisk on the number version and I noticed it Foobar was working, but not the weather app, and I thought something broke on the firewall but it seems the app just stayed blocked because it was blocked first and then in "Alert" state on the programs list, and it worked as expected when realized I had to delete it from the Programs list. I tested with the other few I have whitelisted in the Application Groups and same behavior.

Hope you can find a way to "sync" or remove the alert or ignore it or auto allow it or something if it is whitelisted on the Applications groups, I mean, now I know about it, I don't mind it much but it was confusing at first why it wasn't working, so I guess would be confusing for others who don't test until fixing like I do.

PS: The Weather app, doesn't even show even a name in the program list, it shows blank so that made it more confusing, but double clicking on it I saw that it was the weather app. I guess that shouldn't be the behavior so I wanted to mention it as well.

Thank you and have a nice day! Thanks for your work and amazing firewall 👌

Add option to stop internet traffic when daily/monthly quota exceeded (not just a warning message).

(Extracted from #18)

I noticed that FF detect FortFirewallSvc when restarting service automatically and that's great 👍, BUT (Service isn't responding) message still appear from time to time 😔.
I reproduce this issues with temporary solution.
It's important to see video link please:
https://www.mediafire.com/file/5mzq6vjhwi7jmgc/Anwar-Error-video.zip/file

(Extracted from #46)

Hi
I tested Fort Firewall for a week, and it's a masterpiece.
But I suggest some features, and I detected a serious bug.
Suggested features:
1- add option to [import/export] added programs & all user settings to a file.
2- add option to stop internet traffic when daily/monthly quota exceeded ( not just a warning message).
3- change the system tray icon colors to Gray when filters are disabled, and Red when stop traffic or stop internet traffic.
4- add dark theme for all UI.

Bug:
Sometimes when I stop/start traffic or internet traffic it says (Service isn't available) and sometimes it's appear without known reasons,
The workaround solution is to restart FortFirewallSvc from services then close FortFirewall from system tray and open it again.
I hope you fix this critical issue soon.

I'm using latest version & Win10 21H2
Thanks.

Add option to [import/export] added programs & all user settings to a file.

(Extracted from #18)

Hi,
I am testing new feature and it seems like it doesn't do what I thought it would do.
I have used Apply same rules to child processes in Tinywall and I don't know if it is suppose to work exactly like it, like if you took the idea from it, but testing it it doesn't seem to do anything at all in my tests, so I don't know what it is suppose to do.

I first used Brave - Tor windows, when you open a Tor window it is a child process of Brave, opened Brave program's rule and checked the box Apply same rules to child processes, but when I opened Tor, Tor was added as blocked (alert) to the Programs window and shows as blocked in Blocked Connections.

I also used MPV - yt-dlp/youtube-dl, when you load a twitch stream or whatever, yt-dlp becomes a child process to get the URL so Mpv can play it. well, same happened, yt-dlp got blocked and it seems like nothing got applied to the mpv child processes.

I still don't know how it works, the logic you built for it, like if is it suppose to be automatic regardless of being blocked or allowed in Programs lists? like if yt-dlp is blocked, but mpv has the Apply same rules to child processes flag to it, will it be allowed or blocked? the correct thing would be to be allowed regardless of it being blocked in program lists, or that's how I think it should be. That's why I ask that as well.
Like in my mind, for example, it should work like this: yt-dlp is not in the Programs list, so it is not allowed or blocked, but if mpv is blocked with Apply same rules to child processes, then it will block yt-dlp but without adding anything to Programs list, and then if other program gets allowed with Apply same rules to child processes, like Foobar, then it can use yt-dlp. And if an app doesn't have Apply same rules to child processes flag on it tries to use yt-dlp, then it gets blocked but doesn't affect Foobar since it has Apply same rules to child processes in it.

is that how it is suppose to work? or am I thinking way too much?

Anyway, I even tested adding Brave browser to App Groups and allowing the same rules to child process there, but same result, it gets blocked and added to programs window and nothing can seem to happen, since program lists override anything.

Just wondering, asking and maybe report the bug.

Have a nice day.