Log Active Connections

Is there any way to log all active connections from Windows start-up to shutdown?

Greetings, and welcome to the forums!

I suppose you want to do it with CFP 3.
Yes, there’s a way for doing this.
Go to Firewall → Advanced → Network Security Policy → Global Rules and create a global rule like this:

Action: Allow
Protocol: TCP or UDP
Direction: Out
Source Adress: Any/Your IP
Destination Adress: Any
Source Port: Any
Destination Port: Any/Ports you allow outgoing traffic on

Next to ‘Action’, check ‘Log as a firewall event if this rule is fired’. Place this above all blocking rules (red ones). If you have a rule that allows incoming connections on a specific port, just open it and check ‘Log as a firewall event if this rule is fired’.
If you want to, you can make a similiar one for ICMP.

Now create this rule:

Action: Block
Protocol: IP
Direction: In/Out
Source Adress: Any
Destination Adress: Any

Again, check ‘Log as a firewall event if this rule is fired’. Place this rule under all allowing rules (green ones).

This will log all traffic. Blocked traffic will be logged as ‘Intrusion Attempts’. Go to Firewall-> View Firewall Events → More… → All The Times to view all traffic. Click File → Export to HTML → Firewall Logs if you wish to save it. After it’s saved, you can go to File → Clear → Firewall Logs and clear out all of the logs.
CFP 3 will display application (Windows Operating System if there’s none), action (blocked or allowed), protocol, source and destination IPs and what ports that were used.

If you should have some questions, feel free to ask.

Cheers,
Ragwing