programs that are located on mounted/removable drives don't get recognized after unmount/mount

[tokariu]

I discovered a problem with the recognition of programs when they are on removable/mountable drives.

for instance:
i've got a an encrypted container which i can mount under the label K:. on this drive is a program that wants to connect to the internet, and simplewall detects it and shows a notification. I choose ALLOW and everything is fine.

now when i unmount K:\ and later i mount K:\ again, simplewall does not recognize the program anymore. in simplewall it is marked with RED color, saying this program is missing (even though I just mounted it again and it is available). In the Error log it reads:

FwpmGetAppIdFromFileName() failed with error code 0x00000003 (K:\myprogram\bin\javaw.exe) [2.1.4]

At this point, simplewall blocks all packets of the program, because it doesn't recognize it. It also doesn't show a new notification popup to ask me if I want to allow it to connect to the internet.
When I close simplewall and start it again, the program gets recognized and it can connect to the internet.

I think simplewall needs a new method that recognize when programs are available on removable / mountable drives.

EDIT: If you hit F5 to refresh the app-list in simplewall, it works again. But it shouldn't depend on manually hitting refresh. It would be better if simplewall keeps track of available programs automatically.

[tokariu]

I wonder how other firewalls handle this. Did they implement an "app-is-available-check"-method that gets called everytime an app tries to make a connection? Maybe this would be a solution for simplewall aswell?

i think simplewall also just needs to add refresh-method that gets called everytime an app tries to make a connection attempt. then it would always get the current state of the app that tries to connect.

[tokariu]

well, it seems like it's partially working now in v2.2.1 beta, isn't it?
the apps get recognized as "online" when they are mounted again.

however it seems like there is something missing. when such an app gets mounted, simplewall detects the app as available again, but when this app first tries to connect online, simplewall fires up a notification popup whether it should allow it or not. until clicking on "allow" all packets get dropped, despite having the app already ticked as allowed app and simplewall should actually just allow any connection attempts without notifications - even after unmounting/mounting the drive on which the app resides.

is there any intention with this behaviour or is something wrong?

[tokariu]

just an update on this issue on v.2.2.3:

when I boot my computer and simplewall has started it checked all the existing apps and marks those not existing in red color.
when I mount a drive with programm on it, i still need to hit F5 in simplewall to refresh the apps list. only then the already allowed app on the mounted drive is able to connect to the internet.

so this problem unfortunately still exists/or exists again in v2.2.3.

[henrypp]

when I mount a drive with programm on it, i still need to hit F5 in simplewall to refresh the apps list. only then the already allowed app on the mounted drive is able to connect to the internet.

Method checking new devices mounted and refresh filters when new device available already exists long time ago. So check 2.2.5 Beta!

[tokariu]

@henrypp maybe the problem relies in new devices mounted. Because it's actually not really a new hardware device that gets mounted in this case, but just an encrypted container (the containers of bestcrypt/truecrypt/veracrypt and these kind of mounts).
the problem still exists in 2.2.5 beta. i guess the method doesn't work with these kind of mountable "devices"

[henrypp]

@tokariu check 2.2.7

All encrypted file containers are mounted as normal harddisk, i just install veracrypt now and all worked as well, it seems simplewall does not see any notification about device change on your system, in 2.2.7 maybe fixed.

[tokariu]

@henrypp did check 2.2.7RC. But it's still the same.

just for testing purposes try to have f.i. jdownloader2 in a VC container and mount it as lets say.. drive X:
run it once and whitelist both jdownloader2.exe and javaw.exe in this case so it can get online.

then shut everything down, make a reboot for example and back in simplewall both programs show up as red/offline, that of course is normal, because the container with the program is not mounted yet.
then mount the container to the same drive letter again, and after that simplewall SHOULD be able to see the programs exist at the saved path and that they are online. However, simplewall does not recognize them and jdownloader in this case is not able to get online.
Hitting F5 in simplewall refreshes the apps list and voila the app is showing up as available and it can get online.

PS:
the errors shown are:

FwpmGetAppIdFromFileName() failed with error code 0x00000003 (X:\jdownloader v2.0\jdownloader2.exe) [2.2.7]
FwpmGetAppIdFromFileName() failed with error code 0x00000003 (X:\jdownloader v2.0\jre\bin\javaw.exe) [2.2.7]

[tokariu]

@henrypp I'm using v2.3 currently, but this issue is still alive. I'm still having the same problem with mounted drives in v2.3. #128 is still reproducible for me.