forked from wokhan/WFN
-
Notifications
You must be signed in to change notification settings - Fork 2
Home
harrwiss edited this page Jan 28, 2020
·
6 revisions
Latest work in progress release binaries: Click here
The binaries are provided as is - use at your own risk.
This is a list of updates implemented in this fork since 30.9.2019 based on the last published release WFN 2.0 Beta 3 (March 2018).
08.12.2019
General
- Changed the multiple instance policy for the scheduler task from Parallel to Queue (to avoid problems with notifier window on heavy load)
- Changed checkbox defaults for ip and ports to make more sense
23.11.2019
Notifier
- Implemented a tray notiy icon for notifier which is shown when minimizing
- Keep notifier minimized (silent) when the tray icon is shown
- Anmimated the tray icon when blocking events triggered
- Added TargetInfoUrl (https://bgpview.io/ip/{0}) and TargetPortUrl (only in app.config) for customization. The previously used TargetInfoUrl displayed a captcha.
Settings
- Had to change CustomSettingsProvider#SectionName to be consistent with the namespace used in the Settings class. Mainly because the Settings.Designer in VS inserted entries in the wrong section in app.config.
- Improved parsing in the CustomSettingsProvider on missing or corrupted settings which lead to illegal reference exception. E.g: Loghelper failed to read the FirstRun setting when trying to log an error and then WFN crashed.
LogHelper
- Improved null checks, most importantly on Settings.Default.FirstRun which lead to app crash on startup. To avoid this a default setting is used for missing ones.
app.config
- Settings are stored under a different section
- Old: Wokhan.WindowsFirewallNotifier.Configuration
- New: Wokhan.WindowsFirewallNotifier.Common.Settings
- Consequence: User settings in Options are lost/set to defaults from app.config.
Connections and Map
- Added DNS host name resolution for ip addresses
Test Projects
- Created new test projects for Console.Tests and Common.Tests
09.11.2019
Security Log
- Added tcp only filter checkbox and remote host name column
- Added DnsResolver to resolve remote ip's to hostname using dns asynchronous
- Improved filter lookup to include wfp state which includes filters from other filter providers besides windows firewall (e.g third party firewall)
Options/Settings
- Added Enable DNS host name resolver setting for Security Log
- Added Enable successful connection events setting for Security Log (auditpol /success:enable)
TestProject
- Added additional tests for NetshHelper and DnsResolver
- Cleanup namespace
Various
- Removed old ip database (IPDatabase.gz)
- Cleanup and fix some warnings
20.10.2019
Map Improvement
- Added GeoConnection2 to use the Maxmind GeoIP-City database and API instead of the CSV files
- Changed the Map to use GeoConnection2
New TestProject
- Added a TestProject for unit testing the new GeoConnection2
FirewallHelper
- Add code for IANA protocol SDRP connections
04.10.2019
Security event log
- Added coloring and font style to the Dir, Action column
30.9.2019
Security event log
- New columns: PID, App, Service, FilterId, Dir, and Action
- App: Shows the filename for better readability and displays the full path as a tooltip
- Service: Detects the service name based on PID (given the service is still started)
- Dir: Direction In/Out
- FilterId: Filter rule id which caused the connection to block
- Action: Displays whether the connection was blocked/allowed based on the eventid logged e.g. 5157. In addition, other eventid's are supported as well when such events are produced (depends on the audit policy settings)
- Improved the performance and also increased the nr of rows to 1500
- Improved the extraction of app icons by expanding env variables in the path
- Clicking on a row stops automatic refresh to avoid that scrolling is interrupted
Event details and filter name
Clicking on a cell in the action column shows additional details from the event log and also tries to identify the blocking filter rule using NetShellHelper
Options
- Added console width/height settings (needs restart after change)
- Some layout improvements and tooltips added
- Removed (commented out) MinimizeToTry because it's not working