aabraham Posted May 5, 2004 Share Posted May 5, 2004 Hi guysI just tried the firewall vb code and it works fine. I cant get the SendKeys VB script to work though. Id rather not use AutoIT if possible.Can someone tell me what code is requried to complete the firewall vb script so it automatically answers Yes..Thanks Link to comment Share on other sites More sharing options...
slinger Posted May 5, 2004 Share Posted May 5, 2004 I use the following method to enable firewall on all of my PC's I build and load Windows XP on. It will be enabled when I run sysprep and the end user first powers on the PC and enters in his user info. Get the Enable Firewall Utility hereEnabling the Internet Connection Firewall in the master installation The first procedure explains how to enable the Internet Connection Firewall in your master installation when you start from an OPK configuration set. To run Oemfwall.exe on the first boot of a master installation, using an OPK configuration set: 1. Open the \Cfgsets folder on the technician computer, where you have installed the OPK tools. 2. Copy Oemfwall.exe into your configuation set: - Copy Oemfwall.exe to \Cfgsets\\$OEM$\$$\SYSTEM32 3. Create a \Sysprep directory and a Sysprep.inf answer file: - Create the directory \Cfgsets\ - Name>\$OEM$\$1\SYSPREP - Create a Sysprep.inf file in that folder, with at least this minimum syntax: [GUIRUNONCE] - Command0 = "C:\WINDOWS\SYSTEM32\OEMFWALL.EXE" 4. Start the newly-assembed destination computer using Windows PE, connect to the technician computer over the network, and install the configuration set. 5. Verify Oemfwall.exe is on the destination computer 6. Verify Sysprep.inf entries are present on the destination computer in C:\Sysprep. 7. Run Sysprep -reseal and reboot the destination computer. 8. When the destination computer starts, complete Windows Welcome. 9. Verify Oemfwall.exe runs on first boot. 10. Verify ICF is enabled. - On the Start menu, click Run.v - In the Open box, type NCPA.CPL. Click OK - Right-click your local area network/wireless connection and open the Properties page. - Verify that Internet Connection Firewall check box is selectedthis is from the Microsoft support forum. It works for me in my unattend build. Link to comment Share on other sites More sharing options...
aabraham Posted May 5, 2004 Share Posted May 5, 2004 SlingerYour exe works beautifully.. Do you have a method for adding port changes to the firewall? I need to be able to add port changes remotely and be in control of all firewall settings. Do u have any code for doing this? I know XP SP2 has this in GPO but I need this flexibility today...ThanksAnthony Link to comment Share on other sites More sharing options...
slinger Posted May 6, 2004 Share Posted May 6, 2004 let me look into it when I am at work again tomorrow and post what I find out.... Link to comment Share on other sites More sharing options...
thomas.g Posted May 28, 2004 Share Posted May 28, 2004 Hi. A method for adding port changes to the firewall:ICSSC_DEFAULT = 0;ICSTT_NAME = 0;ICSTT_IPADDRESS = 1;// from netcon.idl//NCM_SHAREDACCESSHOST_LAN = 8;//NCM_SHAREDACCESSHOST_RAS = 9;NAT_PROTOCOL_TCP = 6NAT_PROTOCOL_UDP = 17// from netcon.idlNCCF_SHARED = 0x0100; // Connection is sharedNCCF_FIREWALLED = 0x0400; // Connection is firewalled// WScript.Echo ("Starting....");Main();// WScript.Echo ("Ending....");function Main(){ var objShare = new ActiveXObject("HNetCfg.HNetShare.1"); if (objShare == null) WScript.Echo ("failed to create HNetCfg.HNetShare object!"); else DoTheWork (objShare); return;}function DoTheWork (objShare){ var objEveryConnColl = objShare.EnumEveryConnection; if (objEveryConnColl == null) WScript.Echo ("failed to get EveryConnectionCollection!"); else { // enum INetConnections until props are correct var objEveryEnum = new Enumerator (objEveryConnColl); if (objEveryEnum == null) WScript.Echo ("failed to create Enumerator from EveryConnectionCollection"); else { for (objEveryEnum.moveFirst(); !objEveryEnum.atEnd(); objEveryEnum.moveNext()) { var objNetConn = objEveryEnum.item(); if (objNetConn == null) WScript.Echo ("can't get any net connections!"); else { var objNetConnProps = objShare.NetConnectionProps (objNetConn); if (objNetConnProps == null) WScript.Echo ("can't get net connection props!"); else { if ((objNetConnProps.Characteristics & NCCF_SHARED) || (objNetConnProps.Characteristics & NCCF_FIREWALLED)) { // found one! var objShareConf = objShare.INetSharingConfigurationForINetConnection (objNetConn); if (objShareConf == null) WScript.Echo ("can't make INetSharingConfiguration object!"); else { AddAsymmetricPortMapping (objShareConf); // WScript.Echo ("added a port mapping named 'Ben's Port Mapping'."); } } } } } } } // do other work here. // when you're done, // clean up port mapping // WScript.Echo ("cleaning up"); // if (objShareConf != null) // DeletePortMapping (objShareConf, NAT_PROTOCOL_TCP, 555, 444);}function AddAsymmetricPortMapping (objShareConf){ // in case it exists already.... // DeletePortMapping (objShareConf, NAT_PROTOCOL_TCP, 555, 444); var objPortMapping = objShareConf.AddPortMapping ( "Manager", NAT_PROTOCOL_TCP, 5912, 5912, 0, "127.0.0.1", ICSTT_NAME);// or "192.168.0.2", ICSTT_IPADDRESS); // if (objPortMapping != null) { // WScript.Echo ("just added NAT_PROTOCOL_UDP, 1761, 1761!"); objPortMapping.Enable(); // WScript.Echo ("just enabled port mapping!"); // } else // WScript.Echo ("failed to add asymmetric port mapping!");}function DeletePortMapping (objShareConf, typeProtocol, iExternalPort, iInternalPort){ // enum, deleting match, if any var objPMColl = objShareConf.EnumPortMappings (ICSSC_DEFAULT); if (objPMColl == null) WScript.Echo ("can't get 'every' collection!"); else { var varEnumerator = new Enumerator (objPMColl); if (varEnumerator != null) { for (varEnumerator.moveFirst(); !varEnumerator.atEnd(); varEnumerator.moveNext()) { var objPortMapping = varEnumerator.item(); if (objPortMapping != null) { var objPMProps = objPortMapping.Properties; if (objPMProps != null) { if ((objPMProps.IPProtocol == typeProtocol ) && (objPMProps.ExternalPort == iExternalPort) && (objPMProps.InternalPort == iInternalPort)) { objPortMapping.Delete(); // or objShareConf.RemovePortMapping (objPortMapping); WScript.Echo ("just deleted " + typeProtocol + ", " + iExternalPort + ", " + iInternalPort + "!") } } } } } }}You have to change the var objPortMapping settings. In this example:- Manager (Name of the service)- NAT_PROTOCOL_TCP (Protocol: TCP or UDP)- 5912 (Portnumber)Save as .js Link to comment Share on other sites More sharing options...
IcemanND Posted May 28, 2004 Author Share Posted May 28, 2004 Check out the ICFutil at:http://msdn.microsoft.com/library/default..../icf_enable.asp - ICFUtil /AddService <enable/disable> <service name> <external port> <internal port> <name/IP address> <tcp/udp> [/Q /L [pathname]] For example: ICFUtil /AddService enable "ftp server" 21 21 localhost tcpand you can use it to enable the firewall on all connections and view status of the firewall on connections. Link to comment Share on other sites More sharing options...
urgan Posted June 4, 2004 Share Posted June 4, 2004 Am I missing something here ?I just added the 3 first lines on winnt.sif, don't really know if the rest is really required, but, it works quite well, and without the use of any utlility.[Homenet]InternetConnectionFirewall = Adapter1ShowTrayIcon = Yes[NetProtocols]MS_TCPIP=params.MS_TCPIP[params.MS_TCPIP]EnableICMPRedirect = NoEnableSecurity = Yes Link to comment Share on other sites More sharing options...
Bastian_W Posted July 8, 2004 Share Posted July 8, 2004 Yes... I added the same to my winnt.sifI found it hereBut I don´t found a solution to configure the firewall via the winnt.sif Link to comment Share on other sites More sharing options...
IcemanND Posted July 9, 2004 Author Share Posted July 9, 2004 Ifyou are only doing this for one machine type with a known config that would work fine, but if you have multiple adapters/configurations it doesn't always work, but the utils will. Link to comment Share on other sites More sharing options...
GreenMachine Posted July 9, 2004 Share Posted July 9, 2004 A quick welcome back to Icemannd!So ... that kid of yours finally letting y'all get some sleep! Link to comment Share on other sites More sharing options...
tozaki Posted August 21, 2004 Share Posted August 21, 2004 Here is a program that I wrote but microsoft also has an equivelant icfutil.exemine is firewall.exe I wrote it in vb.netbut it lets you enable the firewall and add ports and enable them.Firewall.exe Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now