Feature Request - Firewall Permissions & Ruleset controls

How GlassWire is currently:
Users can only Allow or Deny a program from accessing the WAN or LAN. User has no granular controls over permissions.

How GlassWire could be:
When the user gets the popup to “Allow” or “Deny” and clicks “Allow”, a rule is created based on the specific connection: program, protocol, direction, host, port. If the program ever makes a new request with different rules another popup should happen prompting the user to Allow or Deny the new rule. The user should also have the ability to “Allow All” at any time to never prompt again for the program and just allow it to create new rules as needed.

Currently, users see this:

Something like this would be better:

Other firewall examples:
To give an idea on how editing or creating rulesets could look, I would draw attention to another firewall for example, in this case it is Outpost Firewall:

Here is the popup from Outpost Firewall:

2 Likes

@glasshole

Thanks for your feedback. GlassWire 2.0 is coming in October and we plan to have firewall profiles.

Can you please explain what “profiles” are and how they are intended to be used?

We have gone back and forth between calling it “profiles” or “rules” but it does what you are requesting. For example “allow all” and “block all” exists as you requested, and you can also save different profiles (or rules).

So if you want to have a profile at night “block all but Outlook” then always have that profile available and switch that profile on at night you can do so.

I don’t want to give it all away before the update but I think you’ll find it useful.

As a free user, in Glasswire how to manually add Rules - allow or block IP Address, Service and Application (Inbound / Outbound) ?

@Rafale

We are still working on 2.0 as explained above. Sorry for the delay.

Thanks a lot. Look forward to 2.0
Hope there will be new features added in 2.0 for free users :slight_smile:

Still can’t do any of that?

GlassWire has had profiles for many years.
https://www.glasswire.com/userguide/#Firewall_Tab

In the center of the firewall window is the “Firewall Profiles” option. You can create and save a firewall profile depending on your location, or how you use your device. For example, you can turn on “Ask to connect” mode and deny everything but Internet Explorer so nothing else accesses the network. You can then use this profile while you’re on a metered Internet connection to save data usage.

Our beta Android app also has profiles.

Is that what you mean?

I was referring to the possibility of allow one application in “ask to connect” and don’t have to allow every time the app updates. Is that possible?

2 Likes

@Ismus10

We recently updated our plans and I can confirm we plan to add something like this.

Profiles are fundamentally different from what OP was proposing. In fact, they are on the other end of the spectrum when it comes to granularity.

Profiles are network-wide while OP was asking about rules based on combination of connection’s application, port, IP, in/out direction.

To give you a real life example: there’s a first time connection from PowerShell, when invoking Update-Help cmdlet. I want to allow it, but only for this particular IP - most likely a Microsoft server.

Untill I modify/extend the ruleset, all other combinations of above mentioned parameters should block PowerShell from accessing the network - including incoming requests above all else.

Right now it’s just Allow/Block a particular app or deny all apps - not very granular and profiles do not help at all in this use-case, even though they are useful in their own right.

1 Like