Some Firewall rules are applied wrong

So I noticed firewall rules data in the Glasswire app and in the Firewall setup are wrong!

  • blackdesert64.exe was blocked in the firewall setup (showing red on top) while Glasswire was showing it unblocked (I had to press Block/Unblock in the GW app to make it correctly apply the firewall rule)

This is brand new, completely clean installation of 2.3.318 done yesterday

(top of the screenshot comes from Malwarebytes Windows Firewall Control app)

reproduced, selecting “Allow” from notification popup keeps it blocked in the Firewall rule but shows Allowed in GW.
GW does not re-apply the rules after allowing via notification?

@SHADOW13

Sorry for the issue.

Are you using two firewalls simultaneously? If so it can break the API we use so it does not work correctly. Please let me know if you are and I can suggest a quick fix.

If you’re in “Ask to connect” mode, then the app should be blocked by default until you receive a notification to unblock it. So unless I’m misunderstanding I think the behavior would be correct?

no, just Glasswire,

I use “Malwarebytes Windows Firewall Control” to lookup Windows Firewall rules but there’s nothing else that controls it

GW seems to automatically create Block rule (as expected in Ask to Connect mode) but after allowing an app through notification popup (that shows on the first connect attempt), GW does not apply Allow rule when I allow the app via notification

Using two firewalls simultaneously that access the Windows Firewall API can break things and will cause all sorts of issues.

With GlassWire, if you don’t want to use our app to block then just turn our firewall to “off” and we won’t touch your rules at all. Unfortunately other apps don’t work this way and it causes all sorts of issues.

You can choose to use GlassWire to block, or you can use another app to block. If you choose to use another app to block please be sure GlassWire’s firewall is set to “off” and never turn it on.

If you choose to use GlassWire to block then go to add/remove programs and uninstall GlassWire along with any other app that accesses the Windows Firewall API.

Now go to the Windows Firewall and choose “restore defaults”.

REBOOT - It’s important.

Now install the latest version of GlassWire with “clean install” and “reset firewall” checked. Everything should work normally now.

I am using ONLY Glasswire

Already said, I installed it WITH “clean install” and “reset firewall”, it’s completely fresh installation and it is not applying ALLOW rules when I click “allow” in the Glasswire notification popup

Do you have this application installed? Sorry if I’m confused.

Yes but it does not control anything on its own, it’s just to read Firewall rules,
it does not set anything actively or prevent anything else from setting it up.
It’s a passive app, not active one.
It’s been running with GW for years and I had no issues until recent release

Interesting. I’m not familiar with that app.

Have you ever used that app to change your rules in any way? If so, GlassWire tries to revert the rules back to protect its blocking, so it could cause this issue theoretically. If that’s the case you should follow the clean reset instructions.

We have not changed anything at all with blocking with this new version and the previous one.

Yes, I know GW stores the rules internally as well.

I only use “Malwarebytes Windows Firewall Control” to delete rules not created by GW, there is no conflict between the apps.

I noticed something is wrong with GW rules because the game would not be able to connect despite I allowed it in GW.

I only used “Malwarebytes Windows Firewall Control”, to read firewall rules, to see the GW rule setup in the firewall. And I noticed it was set to Block (red colour) despite GW is not blocking it (as per screenshot)
After I re-applied manually the rule (by toggling the fire icon in GW), it correctly changed in firewall rules to “Allow” (green colour).

Therefore the verdict:

  • GW created blocking rule at the start (expected and correct with “Ask to Connect” mode)
  • After I press “Allow” on the GW notification popup, GW stored internally that the rule is allowed
  • BUT GW did not re-apply the new rule on the Windows firewall afterwards, it stayed Blocked until I reapplied it manually in the app
  • therefore - allowing apps through notification popup is either not working or sometimes not working

Thanks for your feedback. We haven’t made any changes to the firewall part of GlassWire in awhile so I’m not sure how this happened to you. Sorry for the issue.

We will try to reproduce the issue.

It took some additional look.

Here is Firefox in GW shown us NOT blocked:
gw3

and just to avoid confusion with malwarebytes, I am checking directly in Windows system.
While I can confirm that “Inbound Rules” and “Outbound Rules” are set to Allow as per GW - that looks correct.
I found that the “Monitoring”, “Firewall” section shows the app still being blocked:

and then I decided to toggle the “fire” icon in GW (turn in on and off) and the rule changed and Firefox was able to access the internet:

So the main issue seems to be with “Monitoring”, “Firewall” section not refreshed.
Could be Windows issue (got 19042.985) or maybe GW

Interestingly, while testing, I deleted the Firefox from GW, yet it still stayed in “Monitoring”, “Firewall” section (and turned into “Blocked”)
“Firefox” is gone from the main window app but it’s not gone from those rules in “Monitoring”, “Firewall”
Even if I delete it!

I think it might be something to do with GW service. Just restarting the service sets the rules correctly
So it’s like the main app window/notifications are setting some things but the service isn’t correctly applying it at the time. Still, the deletion of the app in main GW app is still not clearing it in “Monitoring”, “Firewall”. (and the service keeps setting it back again after reset, it’s like GW service database and GW app database are not in sync)

still an issue on the latest version

Thanks for your report. We will continue to try to recreate this.