Developper - How add rules with generated exe/bat ?


I’m developper and I’m really ennoyed by the firewall. I’m working on project using Android, Assembler and C programs and I need to shutdown completely the firewall if I want “build and run” on Android for instance. Same thing about assembler. But I got a bigger problem with AtmelStudio 6.1 because even if I shutdown the firewall it’s not working, the build got the error “access refused” and I need to start the firewall to accept manually all generated executables with ONE minutes between each “query” and there are about 4 query to compile. So I need about 4 minutes just to build my application. Like I said, I got a problem here.

The main problem is the .bat and .exe are generated by the IDE and even if I try to remember the choice or add the application in the white list, I still get the checks by the firewall.

What can I do?

Thank you.

Are all the executables run from the same folder?

What version of cis r u using.

I’m using the version 6.3.297838.2953
Yes I’m pretty sure the generated files will be on the same directory, I’ll check.


Kind of generated name .bat: make4336-1.bat

the easiest way to allow firewall alerts for your applications will be to create a new file group and give firewall permissions to this group.

(im doing all this by memory so if the wording is off i apologize)

to create a new group go into the advanced settings and go to hips → protected objects → then right click in the white space and select groups. Add a new group and name it whatever you want. Then click ok and right click your new group and select add → folder → now add the folder that contain your generated files and click ok.

Now go to firewall → application rules and select add → groups → select your newly created group. Now you will have to select what rules you want applied to these files. It sounds like you want them allowed so just use the predefined allowed ruleset.

Just use caution with this method because anything run from this folder will have the “allowed” ruleset

Hope this helps, if you have any more questions let us know.

I did everything you said but it’s still asking each time.

In the groups I have now the group “Authorized dir” which contains the directories I want always being authorized. (C:\Users~USER~\AppData\Local\Temp*)
In the Firewall => application rules => I have now the “Authorized dir” with the default rule Authorized.

But it’s still asking when I run the compilation. The directories I have authorized are good, so I don’t understand.

You also need D+ permissions. If you have not enabled the HIPS please do. Then make a rule under Active HIPS rules for the compiler and similar programs. Give them the Installer/Updater policy. This will allow them to start unknown executable without alerting the user.

In HIPS rules I added a new rule with my “Authorized dir” with the predefined rule “Authorized” but it’s still not working.
I didn’t find “rules for compiler” or installer/updater policy.

I changed the HIPS mode from “Secured” to “Learning” and now everything is working.

In HIPS rules you need to makes rules for the mentioned programs. Give them the Installer/Updater policy. Look for the arrow thingy at the bottom and click on it. Then choose Add. The process is described in Creating or Modifying a HIPS Ruleset.

I changed the HIPS mode from "Secured" to "Learning" and now everything is working.
That should also work but only use it shortly because if a virus gets caught the virus will also be allowed.