Functionality overview - tnodir/fort GitHub Wiki
Fort Firewall is a user-friendly yet advanced security tool for Windows 7 and above. It offers easy-to-use protection for beginners and customizable options for experienced users.
Own kernel
Fort Firewall employs its own kernel driver, which is based on the Windows Filtering Platform (WFP). WFP is a set of system services and APIs provided by Microsoft that allows developers to create network filtering applications for Windows.
By using its own kernel driver based on WFP, Fort Firewall can efficiently and securely filter network traffic, ensuring high performance and reliability. This approach provides a solid foundation for Fort Firewall's advanced features and enables seamless integration with the Windows operating system.
Filtering logic
Filtering, when Driver is not running:
- If "Block traffic when Fort Firewall is not running" is on, then BLOCK
Filtering, when Service is not running:
-
If address is 127.* or 255.255.255.255 and "Filter Local Addresses" is off, then PERMIT
-
If "Block traffic when Fort Firewall is not running" is on, then BLOCK
Filtering, when Service is running:
-
If "Filter Enabled" is off, then PERMIT
-
If "Block All Traffic" is on, then BLOCK
-
If address is 127.* and "Filter Local Addresses" is off, then PERMIT
-
If "Block Internet and LAN Traffic" is on, then BLOCK
-
If address is 255.255.255.255 and "Filter Local Addresses" is off, then PERMIT
-
If address is from "Local Network Addresses" and "Filter Local Network" is off, then PERMIT
-
If "Block Internet Traffic" is on, then BLOCK
-
If address is from "Block Internet Addresses", then BLOCK
-
If Global Rule, applied before Apps, is filtered, then PERMIT/BLOCK
-
If app path is blocked, then BLOCK
-
If app's Group is disabled, then BLOCK
-
If app has "Block Internet Traffic" and address is not from "Local Network Addresses", then BLOCK
-
If app has Zones and address is rejected or not accepted by Zones, then BLOCK
-
If app's Rule is filtered, then PERMIT/BLOCK
-
If Global Rule, applied after Apps, is filtered, then PERMIT/BLOCK
-
PERMIT/BLOCK due to “Filter Mode” option
Command-line parameters
FortFirewall.exe -c ...
home show
filter on|off
filter-mode learn|ask|block|allow|ignore
block no|inet|lan|inet-lan|all
prog add|del|allow|block|kill|show [app-path]
backup export|import [dir-path]
zone update
For example, the FortFirewall.exe -c home show command will open the "My Fort" window of running Fort instance.
SvcHost.exe service names
By using SvcHost.exe service names, Fort Firewall effectively filters network traffic.
Custom icons
With the ability to add your own custom icons, Fort Firewall allows you to personalize the look and feel of your firewall. See the details.
Portability
Fort Firewall offers a portable installation option. This enhances flexibility, as you can carry it on a USB stick or other portable devices. Furthermore, it leaves no trace on the host system, enhancing privacy.
Disadvantages of the portable installation:
- you have to run the program as Administrator.
Please don't remove the README.portable file, as this will reverse the portability of the application!
How to uninstall a portable installation:
- Run the Fort Firewall as Administrator.
- Open the 'My Fort' window and click on Portable:
Uninstallbutton. - Close the running Fort Firewall.
- Delete the Fort Firewall application's folder.
Password Protection
Password protection of settings enhances security by requiring a password to access and modify critical firewall configurations, effectively preventing unauthorized changes. This safeguard ensures that only authorized users can manage the firewall settings, strengthening system security.
How to remove a forgotten password:
- Edit "FortFirewall.ini" to remove "passwordHash=" line.
- Remove "HKLM\SOFTWARE\Fort Firewall\passwordHash" key from Registry.
Comparison with other firewalls
- FFw: Fort Firewall
- CF: Comodo Firewall
- NL: NetLimiter
- WFC: Binisoft Windows Firewall Control
- TW: TinyWall
- Sw: Simplewall
- GW: GlassWire
- Pm: Portmaster
- PB: PeerBlock
| Feature | FFw | CF | NL | WFC | TW | Sw | GW | Pm | PB |
|---|---|---|---|---|---|---|---|---|---|
| Has own driver (based on WFP) | + | + | + | - | - | - | + | + | + |
| Network rules per program | + | + | + | + | + | + | - | + | - |
| Domain names in network rules | - | + | + | - | - | - | - | + | - |
| Pause connection on notification | - | + | + | - | - | - | - | + | - |
| Wildcards in program paths | + | + | + | ~ | - | - | - | - | - |
| Speed limiting | + | - | + | - | - | - | - | - | - |
| Program groups | + | ? | + | + | - | - | - | - | - |
| Traffic statistics | + | ? | + | - | - | - | + | + | - |
| SvcHost services handling for Windows Update | + | ? | ? | - | - | - | - | - | - |
| Effective IP list filtering with thousands addresses | + | ? | ? | - | - | - | - | - | + |
| Boot time filter | + | + | + | + | + | + | - | + | - |
| Password protection of settings | + | + | + | + | + | - | + | + | - |
| Separate Windows Service | + | + | + | + | + | - | + | + | - |
| Can filter localhost (127.0.0.1) | + | + | + | - | - | ~ | - | + | + |
| Customizable block-lists to (auto)download | + | ? | + | - | - | - | - | - | + |
| Open Source | + | - | - | - | + | + | - | + | + |