[Question] Network access to entire C: drive instead of specific apps on Simplewall – Bug, misconfiguration, or intrusion?

[Krom5477]

Hello, I'm facing an issue with Simplewall. It appears that network access is granted to the entire C: drive (C:\) and same for D: (D:\) instead of a specific application. No individual app is listed, but network access seems to be given to the whole drive. Is this a bug, a misconfiguration, or an intrusion? How can I fix this? Thank you.

App version: <3.8.4 64-bit (Unicode)> Windows version: <Win10 pro 22h2 >

[henrypp]

hi, this is just cosmetics bug "c:\", it not allow whole C: drive internet access, i fix it when i can

[Krom5477]

Ok, thank you very much for the response and the must have software!

[krzemien77]

Also present on 3.8.2 as well - see enclosed screenshot taken whilst using second profile on this PC (not present on mine).

Assume it's the same problem as reported by OP.

Worth adding that this rule cannot be deleted.

[henrypp]

@Krom5477, @krzemien77 can you reproduce steps to get "C:\" drive on apps list?

[krzemien77]

Not really, not readily, as I'm not sure where this rule comes from in the first place.

User's profile.xml under ...\AppData\Roaming\Henry++\simplewall contains simply:

However, and for what it's worth: this timestamp refers to the time when I updated Simplewall to v3.8.3 and encountered previously reported here error with Zoom.exe:

https://github.com/henrypp/simplewall/issues/1495

I checked v3.8.4 also recently and having seen the same problem, decided to roll-back to v3.8.2 - which does seem handle Zoom.exe fine.

[Krom5477]

@Krom5477, @krzemien77 can you reproduce steps to get "C:" drive on apps list?

I also cannot reproduce the problem because I don't know how it appears. All I can say is that an entry on C:\ with network access reappeared last night at 00:34, and I didn't delete any application at that time or this day. I also sometimes have them on D:\ (but not other disk), which is the drive where I install all applications that do not come from Microsoft, except for Simplewall, which is installed in C:\Program Files\simplewall\simplewall.exe

EDIT: OK, I had misunderstood your request.... I installed a portable software from PortableApps and conducted various tests on C and D. First, if I set a timer on the installer, which is an online installer (I don’t like that ^^), as well as on the software itself, and then launch the software, close it, and wait for the timers to end, there is no problem, even after several refreshes. However, if I delete the installer and software itself before the timer ends, after two minimizations to the taskbar of the Simplewall interface and 3 or 4 refreshes, the issue occurs, but not for the application itself. For permissions without a timer, the behavior is the same, but I had to restart Simplewall for the problem to appear. I should also mention that it seemed the refresh by pressing the button wasn’t working properly at that moment, maybe because I overused the refresh button a bit ^^..

PS: An option in the context menu to launch online installers with network acces would be greatly appreciated. ;) I’ve lost count of how many times I’ve had to close Simplewall to install software that doesn’t provide offline installers ^^

[WildTbag]

I encountered this Bug while right-clicking a process in Tab 'Packets log' to add this process to a User rule. Instantly all but one processes in this specific User rule vanished and the infamous C:\ was added to this rule AND to rules where the vanished processes where ticked as well. In these rules only C:\ was added. Btw i could not figure out why the one unrelated process in the (right-click) rule survived the purge, seems arbritrary. Thank U very much!

[henrypp]

@WildTbag can't reproduce by described in your message, but bug is have!