Jump to content

Windows Firewall with sp2

D8TA

By D8TA
in Windows XP

 Share

Recommended Posts

D8TA

D8TA

Posted
Posted

I have successfully deployed XP service pack 2 and prior to deploying the service pack I've created the exceptions needed. My problem now is trying to add addtional exceptions. We don't have a domain environment and this will be used for several of our field offices in which they will add these exceptions via a CD that is shipped to them. Is there an easy way to add these exceptions to the Windows Firewall? There are two ports needed allowed and one application, .exe file. These users don't have administrator rights so I'll need to elevate the priviledges prior to adding the exceptions if needed, which I am guessing would be needed. Any assistance would be greatly appreciated. Thanks!

Link to comment
Share on other sites

cluberti

cluberti

Posted
Posted

You should be able to use the netsh command to add the .exe and it's exceptions to the firewall, and the runas command in the script should make it work.

Use "runas /?" to see all of the options of the runas command.

Link to comment
Share on other sites
gunsmokingman

gunsmokingman

Posted
Posted

Here is a VBS that adds Freecell.exe to the exceptions

Dim Act, SD

Set Act = CreateObject("Wscript.Shell")

SD = Act.ExpandEnvironmentStrings("%SystemDrive%")

Set objFirewall = CreateObject("HNetCfg.FwMgr")

Set objPolicy = objFirewall.LocalPolicy

Set objProfile = objPolicy.GetProfileByType(1)

Set objApplication = CreateObject("HNetCfg.FwAuthorizedApplication")

objApplication.Name = "Free Cell"

objApplication.IPVersion = 2

objApplication.ProcessImageFileName = SD & ":\windows\system32\freecell.exe"

objApplication.RemoteAddresses = "*"

objApplication.Scope = 0

objApplication.Enabled = True

Set colApplications = objProfile.AuthorizedApplications

colApplications.Add(objApplication)

This scripts opens a port
Set objFirewall = CreateObject("HNetCfg.FwMgr")

Set objPolicy = objFirewall.LocalPolicy.CurrentProfile

Set colPorts = objPolicy.GloballyOpenPorts

Set objPort = colPorts.Item(9999,6)

objPort.Enabled = TRUE

This will create a port

Set objFirewall = CreateObject("HNetCfg.FwMgr")

Set objPolicy = objFirewall.LocalPolicy.CurrentProfile

Set objPort = CreateObject("HNetCfg.FwOpenPort")

objPort.Port = 9999

objPort.Name = "Test Port"

objPort.Enabled = FALSE

Set colPorts = objPolicy.GloballyOpenPorts

errReturn = colPorts.Add(objPort)

Link to comment
Share on other sites
Sonic

Sonic

Posted
Posted

You can use reg method ...

Configure all the exceptions on one computer and export

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

and after import the output regfile in new computer ...

After to take effect run in cmd :

net stop SharedAccess
net start SharedAccess

Goodbye.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...