Hope to add a port blocking feature

[EsuRt]

Sometimes we block software from accessing specific ports, but can’t block all ports. However, the current fort cannot achieve this purpose. We hope it can be enhanced.

[hiccup7]

For some applications, I would like to allow port 53 for DNS on UDP protocol, but block all other UDP ports. I am waiting for fort to have this capability before I install fort.

[graham00]

One real annoyance with Windows is that a lot of network traffic ends up showing up as "NT Kernel & System" (ping.exe traffic, for example, and a lot of other traffic). If we could add port/protocol based rules (even globally, not linked to a specific application profile) then we could for instance globally allow things that aren't really major security concerns like ICMP, DNS, etc.

Without that, the only option as far as I can tell using Fort is to whitelist "NT Kernel & System". The problem with that is that it then opens up god knows what else to escape out via that broad exemption.

If I'm misunderstanding something let me know, but I just thought it might be good to highlight the security importance of this feature. Fort seems to be so close to perfect (open source, great regex wildcard path options, portability, etc) and as far as I can tell, it's only the ability to add (even if only global) traffic rules based on ports and protocols that would let it work as a perfect solution to harden workstation security.

This project is far outside my experience, but if I can find the time I'll try to dive in and see if I can manage something.

[tnodir]

a lot of network traffic ends up showing up as "NT Kernel & System"

It's usually for ping.exe only. I allow the "System" with "Block Internet" flag.

DNS is by DNSCache service. Make it trackable SvcHost service, if it doesn't work as separate process.

traffic rules based on ports and protocols

Yes, it's an important feature. I'm working on it, but it takes a time..