Jump to content

Windows Firewall - Configure with Winnt.sif

Ludewiko
 Share

Recommended Posts

Ludewiko

Ludewiko

Posted
Posted

Hi

I am trying to configure the Firewall. I want to tell XP which programs are allowed to connect to the internet.

I use the following in WINNT.SIF, but it does not work. especially the AllowedPrograms.

Anyone who has an answer?

Thanks

Ludewiko

[WindowsFirewall]

Profiles = WindowsFirewall.Standard

LogFile = "%WINDIR%\pfirewall.log"

LogSize = 4096

LogDroppedPackets = 1

LogConnections = 1

[WindowsFirewall.Standard]

Type = 3

Mode = 1

Exceptions = 1

Notifications = 1

MulticastBroadcastResponse = 1

AllowedPrograms = WindowsFirewall.RealVNCServer, WindowsFirewall.RealVNCViewer, WindowsFirewall.eMule

Services = WindowsFirewall.RemoteDesktop

PortOpenings = WindowsFirewall.WebService

IcmpSettings = WindowsFirewall.EchoRequest

[WindowsFirewall.RealVNCServer]

Program = "%ProgramFiles%\RealVNC\VNC4\winvnc4.exe"

Name = "RealVNCServer"

Mode = 1

Scope = 0

[WindowsFirewall.RealVNCViewer]

Program = "%ProgramFiles%\RealVNC\VNC4\vncviewer.exe"

Name = "RealVNCViewer"

Mode = 1

Scope = 0

[WindowsFirewall.eMule]

Program = "%ProgramFiles%\eMule\eMule.exe"

Name = "eMule"

Mode = 1

Scope = 0

[WindowsFirewall.WebService]

Protocol= 6

Port = 80

Name = "Web Server (TCP 80)"

Mode = 1

Scope = 2

Addresses = "192.168.0.5,LocalSubnet"

[WindowsFirewall.EchoRequest]

Type = 8

Mode = 1

Link to comment
Share on other sites

hulala.[uk]

hulala.[uk]

Posted
Posted

use netfw.inf and put it into $OEM$\$$\inf folder use winnt.sif to do what netfw cant like logging. works very well and can be easily adjusted in the future when you decide to add or take something out.

example is my itunes rule:

;Application Authorization Rule: Itunes

HKLM,"SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List","%ProgramFiles%\iTunes\iTunes.exe",0x00000000,"%ProgramFiles%\iTunes\iTunes.exe:LocalSubnet:Enabled:itunes music application"

after win is installed you can find this file in %windir%\inf

you most likely will be using StandardProfile rather than DomainProfile.

the rest is self-explainatory i guess.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...