This build introduced a major change in how services are handled!
Service Tag information is now ignored for all services which are not hosted in svchost.exe, hence all other service firewall rules are now applied as per the service binary path only.
This change was required as the way windows handles the service TAG information which is set on thread creation is not reliable. Threads created using thread-pool APIs do not get the Service Tag set. Hence network connections created from such worker threads are not attributed properly to the issuing service thus rules created for the service will be ignored.
To remedy this misbehavior its required to whenever possible create rules for the service binary itself and not set the Service Tag field. Such rules will apply to all sockets of all threads created by the issuing process.
And since, aside of windows itself, using shared service host process is not really a thing this workaround should have no drawbacks.
Update Note
The tool should properly import old configuration data, but it is recommended to make a settings backup before updating.
And to DISABLE rule guard actions, just in case, to ensure if an issue occurs the firewall configuration does not get messed up.
[0.74] - 2019-12-21
Changed
- changed service tag handling to only apply to svchost.exe hosted services
- all other services will only be handled as regular programs identifyed by their path
- the program window now by default always sets the service binary path when a service is selected
Fixed
- when opening the program window comboboxes were not properly disabled
- fixed issue with updating service PID cache