How to block everything (all incoming and outgoing internet access) except those applications are in firewall white-list?
Solution 1
Description:
Simple tool to configure Windows Filtering Platform (WFP) which can configure network activity on your computer.
The lightweight application is less than a megabyte, and it is compatible with Windows Vista and higher operating systems.
For correct working, need administrator rights.
Features:
- Free and open source
- Simple interface without annoying pop ups
- Rules editor (create your own rules)
- Internal blocklist (block Windows spy / telemetry)
- Dropped packets information with notification and logging to a file feature (win7+)
- Allowed packets information with logging to a file feature (win8+)
- Windows Subsystem for Linux (WSL) support (win10)
- Windows Store support (win8+)
- Windows services support
- Localization support
- IPv6 support
Website: www.henrypp.org
Solution 2
You do not need any 3rd party firewall software.
By default windows firewall functions as follows:
- Inbound - Block all unless in the list (Whitelist)
- Outbound - Allow all unless in the list (Blacklist)
You want to Block all Inbound and all Outbound connections by default.
You can do this using Windows built-in Firewall. The way to do this (though somewhat hidden away way) is to change the settings as follows in these 3 easy steps:Go to: Control Panel\System and Security\Windows Firewall
-
There, right-click as shown in screen shot to get the properties:
Change Outbound Connections to Block for each profile Now you can add only the programs you want to the list.
You can import/export rules by right clicking the same as in screenshot above and selecting Export Policy. It imports/exports the whole thing. So you can experiment, disabling rules and making your machine more secure. For example my settings are as follows (excluding my programs):
Inbound - there's not a single rule here!
Outbound - only "Core Networking - DNS (UDP-Out)" is enabled
If you're using OpenVPN you will also need to add two more Outbound rules:
Core Networking - Dynamic Host Configuration Protocol (DHCP-Out)
and a rule to allow openvpn.exe
Solution 3
In an elevated shell window, do
Set all profiles to block inbound/outbound traffic:
netsh advfirewall set allprofiles firewallpolicy blockinbound,blockoutbound
Remove all rules:
netsh advfirewall firewall delete rule all
Allow basic outbound rules for ports 80,443,53,67,68
netsh advfirewall firewall add rule name="Core Networking (HTTP-Out)" dir=out action=allow protocol=TCP remoteport=80
netsh advfirewall firewall add rule name="Core Networking (HTTPS-Out)" dir=out action=allow protocol=TCP remoteport=443
netsh advfirewall firewall add rule name="Core Networking (DNS-Out)" dir=out action=allow protocol=UDP remoteport=53 program="%%systemroot%%\system32\svchost.exe" service="dnscache"
netsh advfirewall firewall add rule name="Core Networking (DHCP-Out)" dir=out action=allow protocol=UDP localport=68 remoteport=67 program="%%systemroot%%\system32\svchost.exe" service="dhcp"
And to reset firewall to default values
NETSH advfirewall reset
** All changes take effect immediately
Solution 4
Another very useful, powerful and of course free here:
TinyWall
TinyWall takes a different approach from traditional Firewalls. It does not display popups that "urge users to allow". In fact, it will not notify you of any blocked action at all.
Instead of showing popups, TinyWall makes it easy to whitelist or unblock applications by different means.
For example, you can just initiate whitelisting by a hotkey, then click on a window that you want to allow. Or, you can select an application from the list of running processes.
Of course, the traditional way of selecting an executable also works. This approach avoids popups, but still keeps the firewall very easy to use.
Most importantly, with the no-popup approach, the user will only notice that a program has been denied internet access when he can't use it anymore.
Consequently, users will only unblock applications that they actually need and none more, which is optimal from a security standpoint.
Feature overview
- Multiple and easy ways to whitelist programs
- Automatic learning mode
- Firewall tampering protection
- Password lockdown of settings
- Quick modes, like Normal protection, Allow outgoing, Block all, Allow all and Learning mode
- Support for temporary/timed firewall rules
- Port and domain blocklists
- Hosts file protection
- Option to always allow communication within LAN
- Option to restrict an application to the LAN
- Recognition of safe software and impostors
- Full IPv6 support
- List established and blocked connections
- View open ports on your machine
- 100% free and clean software. No fees, no ads, no paid upgrades.
You can see the Thiny wall white-list in below image:
Solution 5
Firewall App Blocker WhiteList Mode: It will block everything except on the white listed items, to activate it tick the “Enable WhiteList” box on the right bottom corner.
The whitelist mode denies access to all network interfaces, After enabling WhiteList Mode Drag and drop an Application/Applications on the “Firewall Application Blocker” interface to Allow it/them , It was the most wanted feature:
Related videos on Youtube
02 : 55
06 : 38
04 : 44
04 : 09
11 : 37
02 : 09
03 : 01
Comments
-
Mojtaba Reyhani over 1 year
Is it possible to auto block all applications incoming/outgoing internet connection except for example Firefox with default windows firewall?
I would like to block everything, even including windows update and other software updates.
I would like to allow only one web browser like firefox, chrome or opera.
How can I set up a config like this in windows Firewall? I see for blocking application but seems you need to add one by one and it is a tedious task.What I wish to achieve is a "whitelisting" - meaning that I set up 1 rule on a firewall that says "block everything" (
deny all any/any, where
"deny" = don't let anything through,
"all" = all types of traffic,
"any/any" = any source, any destination).
Then, I set up the "white list" - meaning the list of good destinations that I want to allow.
A list of applications that I'd like to grant network access to them. Only application in this list will be able to communicate.
Notice that whitelisting is different than blacklisting, in that whitelisting blocks everything and then allows a few things later. With that definition in mind, everything is automatically blocked and cannot be used.I'd like there should be an option or button to makes it possible for me to edit, add or delete application in this list manually.
I'm not an expert, So please try to give a detailed answer as I don't know anything about ports and some other expressions that I came across when googleing this.
Thanks,-
Narzan Q. about 7 yearsDuplicate question, everything from firewall, also you can make alerts there superuser.com/questions/599743/… -
Mojtaba Reyhani about 7 yearsNo, my question is more pervasive and practical.
-
Arjan almost 7 yearsThis has now become an off-topic question, asking for product recommendations. -
Mojtaba Reyhani almost 7 years@Arjan: Thanks Arjan, My question about the applications that have the white-list technology, not compare and recommendation about them
-
Arjan almost 7 yearsVery well, I've edited your question to remove the software recommendation part.
-
Mojtaba Reyhani almost 7 years@Arjan: Thank you So much for your help ;-)
-
-
Mojtaba Reyhani about 7 yearsThank's again for your help, are you using any third-party white-list firewall tools, Which of them do you recommend?
-
Admin about 7 yearsI myself use Comodo at home and ESET at work. Of course, I use interactive whitelist mode; everytime an app wants to connect to the Internet, Comodo asks me what to do. -
Mojtaba Reyhani about 7 yearsDo you know Has
Kaspersky internet security (KIS)such as this feature? -
Admin about 7 yearsKIS had such a feature, but I haven't worked with it since 2011.
-
Admin about 7 years@MojtabaReyhani I normally don't mention this, but I think I should do so in your case: Comodo Internet Security is free.
-
Mojtaba Reyhani almost 7 yearsThank you so much for your help and attention, but none of
Comodo Free Firewall, ZoneAlarm Free Firewall, or Private firewallhaven't any straightforward whitelist option likeTiny Wall. -
harrymc almost 7 yearsYou could try Microsoft's firewall together with Windows Firewall Control.. -
Thalys almost 7 yearsThat looks kinda different from what I remember, what version is it on?
-
harrymc almost 7 years@JourneymanGeek: Windows 10.
-
harrymc almost 7 years@MojtabaReyhani: For Comodo see this post.
-
Arash almost 7 years@harrymc: Is there any white-list options or settings like
Comodo Free FirewallinZoneAlarm Free Firewall? Thanks. -
harrymc almost 7 years@Arash: Unfortunately not, so I have deleted ZoneAlarm from my answer. Comodo is still left and is one of the most powerful such products.
-
Mojtaba Reyhani almost 7 yearsAre there any white-list options or settings like
Comodo Free FirewallinESET Internet Security? it seems thatZoneAlarmhasn't white-list capability, Thanks. -
Admin almost 7 years@MojtabaReyhani All the three personal firewalls that I mentioned can work in white-list mode. Also, you asked this question in February. Now, it is July!
-
Hames almost 7 yearsHope it was what you needed. -
Arash almost 7 years
-
Mojtaba Reyhani over 6 yearsThanks for your help and replay. I appreciate you sincerely.
-
Kevin over 5 yearsquestion states with default firewall
-
Kevin over 5 yearsquestion states with default firewall
-
Kevin over 5 yearsquestion states with default firewall
-
Kevin over 5 yearsquestion states with default firewall
-
Kevin over 5 yearsquestion states with default firewall
-
v25 over 4 yearsI found this really helpful. I actually wanted to disable all rules, not delete them, which can be done with:
netsh advfirewall firewall set rule all new enable=no -
OneAndOnly about 2 yearsI did this but adding whiteslist doesnt work? i added both cmd and ping.exe files to whitelist of outbound but i still cant ping?
