Req: Ability to create a rule right at the alert window

It would be great if we could specify IP ranges in the first alert window when an application first tries to use the Internet connection and tries to contact a specific IP.

Right now we can either allow the connection, which means CFW will allow any connection for that application until the rule is edited, block the connection, or use any of the predefined rulesets that refer to protocols and ports for general type apps, like browser, email client, etc.

If we could create a rule on the spot when first alerted it would save a lot of time in customizing the rule later in the network policy application rules window.

For example if an app wants to do an outbound connection to AA.BB.CC.DD and CFW is showing the alert, the window could also include options to allow or block connections to only that IP at least, or also allow entering IP ranges in the form of AA...* or AA-CC...* etc.

All this may be too much for a beginner to handle but these options can be hidden in the window and shown only when the user wants to create a rule on the spot.

Also, an integrated Whois search to any area where an IP is shown as part of a communication that CFW intercepts would be immensely useful.

Thank you very much for the consideration.


Hi Paros, if you change Firewall/Advanced/Firewall Behavior Settings/Alert settings—>to Very High when you get an alert if in Custom polcy it should have the IP address and Port,which will be created as a rule if you have remember my answer ticked.



Thank you!

With the Very High setting at least I the rule that is initially created refers only to the IP the app wanted to connect to.

Then I could edit the rule for a range or any additional IPs.



yes. but it is not a good solution. still need to be improved.