Disable automatic rule creation in Windows Firewall

Windows Firewall is included in most Windows operating systems it’s a really nice piece of software, clean and simple, but sometimes an installed app or a newly installed app will automatically create unwanted rules even without asking, this “feature” cannot be officially disabled so let’s tweak it.

Tools required:
SubInACL (subinacl.exe) from Microsoft
wf.zip (wf.bat) from Oueta

Tested operating systems:
Windows 7 x64
Windows 10 x64

1. Download subinacl and wf.zip, unpack them in C:\Windows (subinacl.exe and wf.bat, administrator rights are needed)

2. Create shortcut to desktop for wf.bat and rename it to Windows Firewall

Send shortcut to desktop
Send shortcut to desktop

3. Allow to “Run as administrator”, right click on Windows Firewall shortcut -> Properties -> Advanced -> Check “Run as administrator”

Windows Firewall, run as administrator
Windows Firewall, run as administrator

4. Open “Windows Firewall” shortcut from desktop when rule creation is needed, otherwise rules cannot be created.

How it works?

Open wf.bat with a text editor to see the process, wf.bat sets read/write permission to registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\ and starts Windows Firewall, while the window is open rules can be created after that rule creation is denied.