Portable Minimal Firewall 2.0 (x64)

Portable Software
287

minimal-firewall-portable

 

Minimal Firewall Portable works in conjuncton with Windows Firewall to block all unknown connections by default, prompting you to create application based rules to mitigate malware, telemetry, and data leaks. Completely rid yourself of apps phoning home without your knowledge.

Core Features

  • Lockdown Mode: The heart of Minimal Firewall Portable. When enabled, it configures the Windows Firewall to block all outbound connections that don’t have an explicit “Allow” rule. No program connects without your say-so.

  • Real-Time Connection Alerts: Get instant notifications when a blocked program attempts network access. Choose between interactive pop-ups for immediate action or silent, in-app alerts on the dashboard to review later.

  • Simple & Advanced Rule Creation:

    • Program Rules: Allow or block applications with a single click.

    • Advanced Rules: Create detailed rules based on protocol (TCP/UDP/ICMP), local/remote ports, IP addresses, services, and network profiles (Domain, Private, Public).

  • Firewall Auditing: The Audit tab shows you a log of firewall rules that were created, modified, or deleted by other applications, giving you visibility into background changes.

  • Live Traffic Monitoring: The “Live Connections” tab displays all active TCP connections on your system in real-time, showing which process is connected to which remote address.

  • Wildcard Rules: Easily manage applications that update frequently (like web browsers) by creating rules that apply to any executable within a specific folder.

  • UWP & Service Support: Manage rules for modern Windows Store (UWP) apps and background system services, not just traditional desktop programs.

  • Light & Dark Themes: A clean, modern user interface that’s easy on the eyes, day or night.

  • 100% Local and Private: Minimal Firewall Portable contains no telemetry, does not connect to the internet, and stores all rules and logs locally on your machine.

  • Portable: Minimal Firewall Portable is a single executable that requires no installation. All rules are native to Windows Firewall, so no custom drivers or services are left behind.

Security by Default

 

By leveraging the battle-tested Windows Defender Firewall, Minimal Firewall Portable avoids reinventing the wheel. It uses documented Microsoft APIs to ensure stability and security.

  • No Service Required: Creates persistent Windows Firewall rules, eliminating the need for its own background service.

  • No Network Activity: The application itself makes no network connections. No telemetry, no update checks, no “phoning home.”

  • Auditing: Allows you to see if other applications silently add or change rules in the Windows Firewall.

Secure Rule Creation

 

  • Follows Microsoft’s best practices for firewall management by favoring application-based rules over risky port-based rules.

  • Rules are program-specific, tied to an executable’s path or a UWP app’s Package Family Name, preventing malicious programs from impersonating an allowed app on the same port.

Technical Architecture

 

Minimal Firewall Portable is a Windows Forms application written in C# on the .NET 8 platform. It serves as a user-friendly management layer for the native Windows Firewall with Advanced Security.

  • Core Interaction: It uses the NetFwTypeLib COM Interop library to interact with the INetFwPolicy2 interface, which is the standard API for managing Windows Firewall rules and policies.

  • Connection Alerting: It listens for Event ID 5157 (“The Windows Filtering Platform has blocked a connection”) in the Windows Security event log. This is a native, efficient way to detect blocked connection attempts without a custom driver.

  • Auditing: It uses a ManagementEventWatcher (WMI) to monitor for real-time changes to the MSFT_NetFirewallRule class, allowing it to detect when other processes modify the firewall ruleset.

  • Live Traffic: The live connection monitor uses the GetExtendedTcpTable function from iphlpapi.dll to retrieve a list of active TCP connections and their associated Process IDs.

  • No Drivers: It does not use any custom kernel drivers, relying entirely on documented Windows APIs for maximum stability and security.

Release Notes:

Features

  • Live Traffic Monitoring: A new “Live Connections” tab has been added to monitor active TCP connections and their associated processes in real-time, similar to tools like TCPView. More updates to come in this tab.
  • Firewall Rule Groups: You can now manage firewall rule groups directly from a dedicated “Groups” tab, allowing you to enable or disable entire sets of rules at once.
  • Enhanced Foreign Rule Detection: The previous manual scan for external rule changes has been replaced by a real-time Sentry Service. It uses WMI to watch for modifications the moment they happen and presents them in the “Audit” tab.
  • Performance Caching: A new RuleCacheService has been implemented to significantly speed up application startup and data refreshes. It caches firewall rules both in-memory and to a local disk file to reduce reliance on slow API calls. When you close it to tray, it further reduces memory consumption.

UI

  • Complete UI Rewrite: The user interface has been completely rebuilt using Windows Forms, replacing the previous WPF front-end.
  • Custom Dark Mode Engine: A comprehensive dark mode system (DarkModeCS.cs) was modified from DarkModeForms to provide a consistent and modern look and feel in Windows Forms.
  • Adaptive Advanced Rule Creator: The “Create Advanced Rule” form is now smarter. It adaptively shows or hides UI sections based on the selected network protocol (e.g., showing Port fields only for TCP/UDP).

Code & Backend Refactoring

  • Framework Modernization: The entire project has been upgraded from the legacy .NET Framework 4.8 to .NET 8.
  • Direct API Interaction: Advanced rules are now created by interacting directly with the NetFwTypeLib COM API, replacing the previous method of generating and executing PowerShell commands. This provides more robust and reliable rule creation.
  • More Robust Services:
    • TheAdminTaskService for running privileged operations like auditpol.exe now has improved error handling and output redirection .
    • TheSystemDiscoveryService features an improved parser for extracting executable paths from Win32_Service WMI queries .
  • Typed Data Models: New strongly-typed classes for PortRange and IPAddressRange have been introduced for more reliable parsing and handling of complex rule parameters.

 

 

Download Minimal Firewall Portable

Filespayout – 6.7 MB
RapidGator – 6.7 MB

You might also like
Portable Software

Portable LibreOffice 25.8.1 Multilingual

Portable Software

Portable Social Browser 2.0.24.8 (x64)

Portable Software

Portable InternetTest Pro 9.0.1 Multilingual

Portable Software

Portable FreeTube 0.23.8