Open port on XP firewall
Hi,
How can I check if the XP Firewall is enabled and if a port is open?
And if it is not, is it possible to open it from my NSIS script?
Archive: Open port on XP firewall
Open port on XP firewall
Hi,
How can I check if the XP Firewall is enabled and if a port is open?
And if it is not, is it possible to open it from my NSIS script?
Well it is possible to open a port on the XP firewall(SP21 AND SP2!) , it took me three months to figure it out, and i'm quite experienced in programming. I will not give you any code since this can be mis-used also. So, it IS possible without user intervention to open a port via client software. A NSIS plugin could be created since it involves a LOT of low level stuff. So if you really want it you know you can have success, maybe tht is good motivation.
My advise is however you should refrase your question and tell us what you want to achieve, it is possible that there is a better way... because the path you want to walk no will be loooong an difficult.
Open port on XP firewall
and what if I want to ask the user to open the port during install time, and without launching my app?
thanks
Try this and see if it helps:
http://support.microsoft.com/default.aspx?kbid=875357
Toward the bottom of the article, it describes a command line tool called NetSh that you might be able to take advantage of. However, it will require that your installation is run under and administrator account.
The one problem I see is that the Windows firewall is only one of many available firewall products available to users. Seems to me it would be better to address these issues from within the application (not the installation). But that's just my opinion.
it would be too easy for malware to open any port in windows firewall - lol
but if it works - lmao - but windows firewall ist the worst firewall you can use - all leaktests passed this crap wall
A lot of open source p2p apps can open ports in the xp firewall so not showing the code bcuz of security is wrong IMHO
I know, and if a lot of open source p2p apps do this, why not use that code as example then? I think I'm still entitled not to show my code since IMHO it can be used to disadvantage by some others.
Do not forget a customer has a firewall for a reason: to prevent mis-use.
IMHO: If you don't have anything to say: Don't.
This took me 30 min to create. And I seems to work fine.
Hope it helps!
Function OpenFWPort
Var /global PORT
Push $0
StrCpy $PORT "80"
FileOpen $0 '$TEMP\OpenFWPort.vbs' w
FileWrite $0 "Option Explicit$\n"
FileWrite $0 "On Error GoTo 0$\n"
FileWrite $0 "'Set Constants$\n"
FileWrite $0 "Const NET_FW_IP_PROTOCOL_UDP = 17$\n"
FileWrite $0 "Const NET_FW_IP_PROTOCOL_TCP = 6$\n"
FileWrite $0 "Const NET_FW_SCOPE_ALL = 0$\n"
FileWrite $0 "Const NET_FW_SCOPE_LOCAL_SUBNET = 1$\n"
FileWrite $0 "'Declare variables$\n"
FileWrite $0 "Dim errornum$\n"
FileWrite $0 "'Create the firewall manager object.$\n"
FileWrite $0 "Dim fwMgr$\n"
FileWrite $0 "Set fwMgr = CreateObject($\"HNetCfg.FwMgr$\")$\n"
FileWrite $0 "'Get the current profile for the local firewall policy.$\n"
FileWrite $0 "Dim profile$\n"
FileWrite $0 "Dim port$\n"
FileWrite $0 "Set profile = fwMgr.LocalPolicy.CurrentProfile$\n"
FileWrite $0 "Set port = CreateObject($\"HNetCfg.FWOpenPort$\")$\n"
FileWrite $0 "port.Name = $\"${_PRODUCT}$\"$\n"
FileWrite $0 "port.Protocol = NET_FW_IP_PROTOCOL_TCP$\n"
FileWrite $0 "port.Port = $PORT$\n"
FileWrite $0 "'If using Scope, don't use RemoteAddresses$\n"
FileWrite $0 "port.Scope = NET_FW_SCOPE_ALL$\n"
FileWrite $0 "'Use this line to scope the port to Local Subnet only$\n"
FileWrite $0 "'port.Scope = NET_FW_SCOPE_LOCAL_SUBNET$\n"
FileWrite $0 "port.Enabled = TRUE$\n"
FileWrite $0 "On Error Resume Next$\n"
FileWrite $0 "profile.GloballyOpenPorts.Add port$\n"
FileWrite $0 "errornum = E******mber$\n"
FileWrite $0 "If errornum <> 0 Then$\n"
FileWrite $0 " WScript.Echo($\"Adding the port failed. Error Number: $\" & errornum)$\n"
FileWrite $0 "End If$\n"
FileClose $0
DetailPrint 'Opening firewall port $PORT'
nsExec::Exec /TIMEOUT=20000 '"$SYSDIR\cscript.exe" "$TEMP\OpenFWPort.vbs"'
Pop $1
StrCmp $1 '0' OpenPortSucceded
DetailPrint 'Error $1 in OpenFWPort.vbs'
Delete "$TEMP\OpenFWPort.vbs"
Abort 'Failed to open port'
OpenPortSucceded:
DetailPrint 'Succeded opening port'
Delete "$TEMP\OpenFWPort.vbs"
Pop $0
FunctionEnd