Henry++

simplewall

simplewall

Version: 3.6.1
Author:
First release:
Last updated:
License: GPL v3
Language: C
Platform architecture: 32-bit/64-bit/arm64
Supported OS: 7 SP1, 8, 8.1, 10, 11

Development is powered by your donations!


screenshot

Description

Simple tool to configure Windows Filtering Platform (WFP) which can configure network activity on your computer.

The lightweight application is less than a megabyte, and it is compatible with Windows 7 SP1 and higher operating systems.

Nota bene

Keep in mind, simplewall is not a control UI over Windows Firewall, and does not interact in any level with Windows Firewall. It works over Windows Filtering Platform (WFP) which is a set of API and system services that provide a platform for creating network filtering applications. Windows Filtering Platform is a development technology and not a firewall itself, but simplewall is the tool that uses this technology.

Features

  • Simple interface without annoying pop ups
  • Rules editor (create your own rules)
  • Internal blocklist (block Windows spy / telemetry)
  • Dropped packets information with notification and logging to a file feature (win7+)
  • Allowed packets information with logging to a file feature (win8+)
  • Windows Subsystem for Linux (WSL) support
  • Windows Store support
  • Windows services support
  • Free and open source
  • Localization support
  • IPv6 support

You can download either the installer or portable version. For correct working, need administrator rights.

Installation

When install rules, you can choose two modes:

  • Permanent rules. Rules are working until you disable it manually.
  • Temporary rules. Rules are reset after the next reboot.

Uninstall

When you uninstall simplewall, all previously configured filters stay alive in system. To remove all filters created by simplewall, start simplewall and press "Disable filters" button.

Command line

List of arguments for simplewall.exe:

-install - enable filtering.
-install -temp - enable filtering until reboot.
-install -silent - enable filtering without prompt.
-uninstall - remove all installed filters.

FAQ

Q: Are internet connections blocked when simplewall is not running?

A: Yes. Installed filters are working even if simplewall is terminated.

Q: What apps are blocked in default configuration?

A: By default, simplewall blocks all applications, you do not need to create custom rules to block specific application.

Q: Is it safe to use simplewall with Windows Firewall?

A: Yes. You do not need to disable Windows Firewall. This two firewall works independently.

Q: How can i disable blocklist entirely?

A: Open Settings -> Blocklist and then click radio buttons labeled Disable.

Q: Where is blacklist mode?

A: Blacklist was removed many days ago for uselessness. But if you need it, you can still configure it.

Solution: Configure blacklist mode in simplewall:
  1. Open Settings -> Rules
  2. Uncheck Block outbound for all and Block inbound for all options.
  3. Create user rule (green cross on toolbar) with block action, any direction, Block connection name and empty remote and local rule.
  4. You can assign this rule for apps whatever you want to block network access.

Q: Why does my network icon have an exclamation mark?

A: When you are connected to a network, Windows checks for internet connectivity using Active Probing. This feature is named as NCSI (Network Connectivity Status Indicator). You can resolve this by one of this ways:

Solution 1: Enable NCSI through internal system rule:
  1. Open System rules tab.
  2. Allow NCSI rule (enabled by default).
Solution 2: Disable NCSI through system registry:

Create Disable NCSI.reg and import it into registry.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\NetworkConnectivityStatusIndicator]
"NoActiveProbe"=dword:00000001
"DisablePassivePolling"=dword:00000001
Solution 3: Disable NCSI through group policy:
  1. Launch the group policy editor (gpedit.msc ).
  2. Go to Computer Configuration -> Administrative Templates -> System -> Internet Communication Management -> Internet Communication Settings.
  3. Double-click Turn off Windows Network Connectivity Status Indicator active tests and then select Enabled. Click Ok.
  4. Open the Command Prompt (Admin) and enter gpupdate /force to enforce the changes made to the Group Policies.

Portable mode

To activate portable mode, create simplewall.ini in application folder, or move it from %APPDATA%\Henry++\simplewall.

Download

Latest stable release is always here

GPG Signature

Binaries have GPG signature simplewall.exe.sig in application folder.

  • Public key: pubkey.asc (pgpkeys.eu)
  • Key ID: 0x5635B5FD
  • Fingerprint: D985 2361 1524 AB29 BE73 30AC 2881 20A7 5635 B5FD

Languages

Put simplewall.lng file into application directory and restart the program.

Links

Support