IcemanND Posted October 9, 2003 Share Posted October 9, 2003 I'm in the process of finishing up my unatened install cd, and was wondering if it is posible to turn on the built in XP firewall via script. And if anyone knew how. Link to comment Share on other sites More sharing options...
squallgreg Posted October 9, 2003 Share Posted October 9, 2003 I know you have a reg tweak for enabling the service related to the xp firewall. Link to comment Share on other sites More sharing options...
IcemanND Posted October 9, 2003 Author Share Posted October 9, 2003 I can turn the service (Internet Connection Firewall (ICF) / Internet Connection Sharing (ICS)) to be enabled/disabled, but this does not actually turn the firewall on for the network connection.I found a script on M$ site that will allow me to enable it.And I have been able to modify it to enable the firewall on every connection in the machine, but it comes up with a dialog box at the end I haven't been able to work around.Its asking if you want to allow WScript.exe to access Internet Connection Protection settings, and gives you yes (default), no, help. If you click yes it works great. But I haven't been able to autoclick the YES.Edit heres my modified script which turns on the firewall for all available connections:OPTION EXPLICITDIM ICSSC_DEFAULT, CONNECTION_PUBLIC, CONNECTION_PRIVATE, CONNECTION_ALLDIM NetSharingManagerDIM PublicConnection, PrivateConnectionDIM EveryConnectionCollectionDIM objArgsDIM con ICSSC_DEFAULT = 0CONNECTION_PUBLIC = 0CONNECTION_PRIVATE = 1CONNECTION_ALL = 2Main( )sub Main( ) if Initialize() = TRUE then GetConnectionObjects() FirewallTestByName(con) end ifend subsub FirewallTestByName(conName)on error resume next DIM Item DIM EveryConnection DIM objNCProps DIM szMsg DIM bFound bFound = false for each Item in EveryConnectionCollection set EveryConnection = NetSharingManager.INetSharingConfigurationForINetConnection(Item) set objNCProps = NetSharingManager.NetConnectionProps(Item) bFound = true EveryConnection.EnableInternetFirewall nextend subfunction Initialize() DIM bReturn bReturn = FALSE set NetSharingManager = Wscript.CreateObject("HNetCfg.HNetShare.1") if (IsObject(NetSharingManager)) = FALSE then Wscript.Echo("Unable to get the HNetCfg.HnetShare.1 object") else if (IsNull(NetSharingManager.SharingInstalled) = TRUE) then Wscript.Echo("Sharing isn't available on this platform.") else bReturn = TRUE end if end if Initialize = bReturnend functionfunction GetConnectionObjects() DIM bReturn DIM Item bReturn = TRUE if GetConnection(CONNECTION_PUBLIC) = FALSE then bReturn = FALSE end if if GetConnection(CONNECTION_PRIVATE) = FALSE then bReturn = FALSE end if if GetConnection(CONNECTION_ALL) = FALSE then bReturn = FALSE end if GetConnectionObjects = bReturn end functionfunction GetConnection(CONNECTION_TYPE) DIM bReturn DIM Connection DIM Item bReturn = TRUE if (CONNECTION_PUBLIC = CONNECTION_TYPE) then set Connection = NetSharingManager.EnumPublicConnections(ICSSC_DEFAULT) if (Connection.Count > 0) and (Connection.Count < 2) then for each Item in Connection set PublicConnection = NetSharingManager.INetSharingConfigurationForINetConnection(Item) next else bReturn = FALSE end if elseif (CONNECTION_PRIVATE = CONNECTION_TYPE) then set Connection = NetSharingManager.EnumPrivateConnections(ICSSC_DEFAULT) if (Connection.Count > 0) and (Connection.Count < 2) then for each Item in Connection set PrivateConnection = NetSharingManager.INetSharingConfigurationForINetConnection(Item) next else bReturn = FALSE end if elseif (CONNECTION_ALL = CONNECTION_TYPE) then set Connection = NetSharingManager.EnumEveryConnection if (Connection.Count > 0) then set EveryConnectionCollection = Connection else bReturn = FALSE end if else bReturn = FALSE end if if (TRUE = bReturn) then if (Connection.Count = 0) then Wscript.Echo("No " + CStr(ConvertConnectionTypeToString(CONNECTION_TYPE)) + " connections exist (Connection.Count gave us 0)") bReturn = FALSE elseif (Connection.Count > 1) and (CONNECTION_ALL <> CONNECTION_TYPE) then Wscript.Echo("ERROR: There was more than one " + ConvertConnectionTypeToString(CONNECTION_TYPE) + " connection (" + CStr(Connection.Count) + ")") bReturn = FALSE end if end if GetConnection = bReturnend functionfunction ConvertConnectionTypeToString(ConnectionID) DIM ConnectionString if (ConnectionID = CONNECTION_PUBLIC) then ConnectionString = "public" elseif (ConnectionID = CONNECTION_PRIVATE) then ConnectionString = "private" elseif (ConnectionID = CONNECTION_ALL) then ConnectionString = "all" else ConnectionString = "Unknown: " + CStr(ConnectionID) end if ConvertConnectionTypeToString = ConnectionStringend function Link to comment Share on other sites More sharing options...
blinkdt Posted December 14, 2003 Share Posted December 14, 2003 @IcemanND:Nice work! Installs flawlessly!I used AutoIt to get past the Internet Sharing Configuration nag. I took your code above and saved it as "firewall.vbs," then used notepad to write the following:Run, wscript.exe %systemdrive%\\kill\\firewall.vbsSleep, 2000[ADLIB]Internet Sharing Configuration,, Send, !ySave this as an .aut file and use AutoIt's script compiler to create an executable. The [ADLIB] section takes care of unforeseen events such as nag windows. Now if that window pops up AutoIt will ensure that the clicking is done for you!You may want to adjust the sleep timing, from 2 seconds to say 5 seconds, on a slower machine. If sleep is not set properly this won't work!I don't know if this can be used during the OS install, for example during the Windows Update portion of your unattended. I have included the script in a larger executable that I run from startup following final reboot. All of my post-reboot files are stored on the root in a directory called "kill" Link to comment Share on other sites More sharing options...
visaversa Posted February 5, 2004 Share Posted February 5, 2004 is this reversable?ww Link to comment Share on other sites More sharing options...
prathapml Posted February 5, 2004 Share Posted February 5, 2004 I use this to auto-click a button, its part of windows itself, plus, it looks for a window of the exact name specified, so its safe too. Note that NAV will not allow scripts to run uninterrupted, so run this before NAV installs.nonStop.js:function getWin(win, inc){while (!WshShell.AppActivate(win)) { WScript.Sleep(inc); }return true;}var WshShell = new ActiveXObject("WScript.Shell");getWin("exact title of desired window", 5000);WshShell.SendKeys ("y");WScript.Sleep(100);WScript.quit();In the sendkeys function, change the y (for clicking "yes" to o, if its "OK" that you need to click).I run it like this:ECHO Preparing for installstart %systemroot%\system32\wscript.exe //nologo //B //T:600 %systemdrive%\install\Applications\vmware4\nonStop.jsEXIT run that command from a supplementary cmd window, if you're using runonceex registry keys or XPinstall, other wise, windows waits for wscript.exe to finish, and wscript.exe won't exit unless it has found a window with *that* name, and has performed the scripted operation - so it may get stuck into a loop if it is not run from a secondary location. Link to comment Share on other sites More sharing options...
prathapml Posted February 5, 2004 Share Posted February 5, 2004 @visaversa - its perfectly reversable (though manually).Go into the properties of the NIC you want to disable ICF for, then see the "advanced" tab there. Remove the check-mark from "Protect my computer and network from.......blah.........blah..........blah........." Link to comment Share on other sites More sharing options...
IcemanND Posted February 5, 2004 Author Share Posted February 5, 2004 or change one line of code in the FirewallTestByName subroutine from: EveryConnection.EnableInternetFirewallto EveryConnection.DisableInternetFirewallas shown in the following subroutine (copied from original post and modified).if you want to do all of them at once.sub FirewallTestByName(conName)on error resume next DIM Item DIM EveryConnection DIM objNCProps DIM szMsg DIM bFound bFound = false for each Item in EveryConnectionCollection set EveryConnection = NetSharingManager.INetSharingConfigurationForINetConnection(Item) set objNCProps = NetSharingManager.NetConnectionProps(Item) bFound = true EveryConnection.DisableInternetFirewall nextend sub Link to comment Share on other sites More sharing options...
visaversa Posted February 5, 2004 Share Posted February 5, 2004 Thx guy's you are all very helpfull.Just returned online after a BIG crash.Just did a full install, unattended of course.Lucky there was MSFN and the forum and thanks to my unattended miracle after 45 MINUTES back online.Great to see that all those hours work and all those months forum watching finally pay's off.Happyyyyyyyyy :jump: :excited: :jump: ww Link to comment Share on other sites More sharing options...
Nielson Posted February 6, 2004 Share Posted February 6, 2004 MS has released al little tool to oem's for enabling the firewall on all connections :http://69.50.228.119/main/comments.php?catid=1&id=5790 Link to comment Share on other sites More sharing options...
IcemanND Posted February 6, 2004 Author Share Posted February 6, 2004 took them long enough Link to comment Share on other sites More sharing options...
FthrJACK Posted February 6, 2004 Share Posted February 6, 2004 They where busy fixing the phishing flaw in IE.Come on give them a break, they are a multi billion dollar company, not like they can do everything at once! Link to comment Share on other sites More sharing options...
thomas.g Posted March 30, 2004 Share Posted March 30, 2004 Hi all, this is a wonderful script! Is it possible, to configure ports on this way? Link to comment Share on other sites More sharing options...
gosh Posted March 30, 2004 Share Posted March 30, 2004 SP2 will have new settings that control the firewall, you won't need any scripts to do it. I suggest waiting until sp2 is final, then microsoft will release the final documentation on it. The beta sp2 documentation already documents registry hacks to open ports and such.-gosh Link to comment Share on other sites More sharing options...
thomas.g Posted March 31, 2004 Share Posted March 31, 2004 Do you know, how to enable ICMP-Requests (VBS or JS)?Add Ports: http://msdn.microsoft.com/library/en-us/ic...gs_jscript_.asp Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now