This is my first post and I thought I should share something on how can "Allow an app through Windows Firewall" setting for Windows be played with while packaging an application.
Sometimes, the shortcut of a software might required to be allowed through the firewall as part of the automation (as a part of your package), so that when the users launch that shortcut, they don't see the prompt and can use the software. Something like the below snapshot:
This can be suppressed through UI by going to the following in "All Control Panel Items":
Control Panel\All Control Panel Items\Windows Firewall\Allowed applications
Cleck on "Change Settings".
Then click on "Allow another app..." and browse you application exe.
Automation:
Now to accomplish this programmatically, there is a command line utility called "netsh". Below are listed, two commands, which add and remove a respective firewall rule:
The command line options can be explored and used by typing "netsh advfirewall /?" on command prompt to suit your needs.
In some cases/organizations/client environments, you might not want to configure such settings via your package. Never mind, these commands can come in handy, when you are trying to push a script through GPO or something.
Add a rule:
netsh advfirewall firewall add rule name="Test" profile=domain,private protocol=any enable=yes DIR=In program="%ProgramFiles%\Test\Test.exe" Action=Allow
Remove the rule:
netsh advfirewall firewall delete rule profile=domain,private name="Test"
These commands can be called as deferred custom actions in an MSI (or MST) to be run in System Context.
Any additions/comments to this blog are most welcome. Please do share your views if you find it helpful.
Cheers!!!
Comments