Constant connection request

henrypp / simplewall

Simple tool to configure Windows Filtering Platform (WFP) which can configure network activity on your computer.

GNU General Public License v3.0

6.3k stars 487 forks source link

Constant connection request #558

Closed privacyguy123 closed 5 years ago

privacyguy123 commented 5 years ago

What on earth is this?

henrypp commented 5 years ago

It's, obviously, IGMP

pwn0r commented 5 years ago

Just a lifehack here: if you are on a secure LAN (best at home, not an public wifi of course) then in order to make you life much easier -- you just allow certain system apps to access LAN ONLY.

I normally allow unpcampaignmanager.exe, spoolsv.exe, System etc to access the LAN but block them on the internet.

privacyguy123 commented 5 years ago

It doesn't seem to matter if I create a custom rule to allow them, they ask for connection over and over and over

henrypp commented 5 years ago

It doesn't seem to matter if I create a custom rule to allow them, they ask for connection over and over and over

So apply created user rule (if it right - it will work) for the app and disable notifications for this app and no more problems, hmm?

privacyguy123 commented 5 years ago

When the popup appears I click "create rule" and it makes a correct one for me - yet the program keeps asking over and over and over for permission??? If it's allowed then why is there a notification?

henrypp commented 5 years ago

Program keeps asking for what? You are completely allowed app OR created user rule for app?

privacyguy123 commented 5 years ago

When this popup appears I click "Create Rule" and the same popup happens agan and again asking for the same connection ...

henrypp commented 5 years ago

What rule do you create?

privacyguy123 commented 5 years ago

The rule it creates automatically for me when I click "Rules - Create Rule" in the bottom left of the screenshot

henrypp commented 5 years ago

Create more wide rule:

protocol: igmp direction: both other fields:

and apply it

privacyguy123 commented 5 years ago

Here is the rule and the firewall notification - simplewall is ignoring it

henrypp commented 5 years ago

What local address? Can you open the packets log? I think, 192.168.1.254 is incorrect, because of System do recv/accept operations. Try clear remote rule and set local rule to 224.0.0.0/4

privacyguy123 commented 5 years ago

192.168.1.254 is my router address 😕

henrypp commented 5 years ago

it does not matter, igmp used multicast address

privacyguy123 commented 5 years ago

I think this might be it

"‎09/‎11/‎2019` ‏‎15:47:34","NT AUTHORITY\SYSTEM","System","224.0.0.1 (all-systems.mcast.net)","","192.168.1.254","","igmp","simplewall\BlockRecvAcceptConnectionsV4","#394479","Outbound","Blocked"

privacyguy123 commented 5 years ago

Not matter what I do to allow this, it is blocked - the only way to fix is to allow "System" access to everything which I don't want to do

henrypp commented 5 years ago

Rule is incorrect, i think. What do you do?

privacyguy123 commented 5 years ago

Rule states that igmp://192.168.1.254 should be allowed in any direction for System no?

I think I've turned it off, wtf does IGMP even do?