search

tnodir / fort

Fort Firewall for Windows
GNU General Public License v3.0
1.1k stars 96 forks source link

Feature request : Add <Allow for now> #240

Closed Mahantor closed 2 months ago

Mahantor commented 2 months ago

Please add the allow for ... time , block for... time , ask me later option to the alert program page

like allow for 3 <Sliding bar with the ability to choose between minutes, hours, days, weeks> After this time, the connection will be asked again block for 2 <Sliding bar with the ability to choose between minutes, hours, days, weeks> After this time, the connection will be asked again (Remember the previous choice)

for ask me later option : Adding an option in the settings, for example, how many alerts to ignore

Screenshot 2024-05-02 233508

Emi-Emi-Emi commented 2 months ago

Use the Schedule option to Allow and Block programs temporary, you get in and at, so you can get what you want from that. If you want to get notified the next time the program gets blocked, like you do when a new program is detected, you can use the Remove option on the schedule for now, so you can get the popup again to allow or block it.

Of course, that's not the most optimal workflow, but it works. To improve that, tnodir has in the roadmap Ask to connect and few days ago he mentioned:

I have a plan to implement a “Allow/block only this PID (process id)” feature of some other firewall. I forgot which firewall has it, maybe WFC or Agnitum.

I’ve planned to implement it after “Ask to Connect”. So you can decide to allow/block only the selected PID of pending connection.

So you will be able to set always “Ask” action to curl. And decide on PID in the each notification, maybe inspecting its parent.

Also, remember you can use Statistics window to know when a program is blocked, but I also recommend using SystemInformer (ex Process Hacker) since it has a firewall tab (you need admin rights), where you can see allowed connections too, and you can filter with wildcard, so you can select wildcard search and then use mailclient|drop and you will get all the times the connection was Blocked (dropped) for the mail app in your screenshot, and you can also use any information of any column like port or IP and all that. Statistics window can be needed if you want to see individual svchost services being blocked, or to know the PID of a blocked program to know exactly which process was blocked, but SystemInformer is firewall tab with the filter box makes it really useful for a lot of 'firewall' things in realtime.

tnodir commented 2 months ago

I often use the allow/block for 5 minutes by Schedule. That’s why the Schedule‘s default action is Remove in the notification.

Various forms of “Ask me later” will be added after implementing the “Ask to Connect” filtering mode.