Page 1 of 2

Windows Firewall Plug-In

Posted: Tue Jan 09, 2007 9:49 am
by Tinus
The Windows Firewall Plug-In allows you to add or delete exception rules for the Windows Firewall in your setup.

More information and download is here:
http://www.axonet.de/products/other-pro ... stallaware

If you have any comments, problems, suggestions please post to this thread.

Posted: Wed Jan 10, 2007 8:26 am
by jimo
Martin,

Very well done, the entire InstallAware community will benefit greatly from the work you have done on this set of plugins. Especially the Firewall plugin.

Great job!

Thanks,

Posted: Mon Jan 15, 2007 3:20 pm
by Steve
Hi Martin;
I installed your firewall plugin. Thanks VERY much for creating this for the community.

I am hoping that you can advise me on how to handle this particular firewall configuration problem via your plugin.
I see in your plugin that I can specify what installed application I need to create an exception for. However, what I am trying to do is essentially turn off the firewall (or create an exception) for the IA installation itself.

I know that this is not a very clear explaination so perhaps an example would be of benefit.
While IA in in the process of installing my application, I need to run an SQL script to create a database, however I need to turn off the firewall (or create an exception) prior to when InstallAware runs the SQL Database creation script (via IA's SQL Databases feature).
So the installation steps would be:
> run the InstallAware setup to install 'MyApp'
> turn off the firewall or create an exception for the running InstallAware process.
> Run my SQL database creation script during the InstallAware install of MyApp. NOte that InstallAware connects to the SQL Instance at this point in time in order to generate the DB.
>(optionally) turn on the firewall again or remove the InstallAware process excpetion.

In your plugin I can specify my application name for the purposes of creating an excpetion, however would only be of benefit in the future, when my application has been installed. How would I specify that it is InstallAware that needs to be granted the exception during the InstallAware installation process?

Posted: Mon Jan 15, 2007 3:23 pm
by jimo
Steve,

Don't add a program add specific ports, I think 1433-1434 TCP and UDP should do the trick.

Posted: Mon Jan 15, 2007 4:25 pm
by Tinus
Steve,

first try to use the ports from Jims post.

If this doesn't work you can try to create an exception and use $EXEFILE$ as the program. Put this command in front of your SQL action.

Code: Select all

~InstallAware Clipboard Data~
~Firewall~
~{890B7CF9-3ECE-4D94-AD1F-7EF4AABD7E19}~
~0,"$TITLE$ setup",0,$EXEFILE$,,0,0,,3~
~FirewallIDEPlugIn.dll\\FirewallIDEPlugIn.dll~


After your SQL action delete this exception rule:

Code: Select all

~InstallAware Clipboard Data~
~Firewall~
~{890B7CF9-3ECE-4D94-AD1F-7EF4AABD7E19}~
~1,"$TITLE$ setup",0,$EXEFILE$,,0,0,,3~
~FirewallIDEPlugIn.dll\\FirewallIDEPlugIn.dll~

Posted: Mon Jan 15, 2007 5:27 pm
by Steve
Thanks Jim and thanks Martin.
I will give this a try and report back to this post.

Steve

Posted: Wed May 16, 2007 4:31 am
by crustyzz
Does it work for MS Vista Firwall too ?

Posted: Wed May 16, 2007 5:32 am
by Tinus
It should work for incoming rules in the Windows Firewall in Vista.
Vista has added outgoing rules which you can't configure with the plug-in.

Posted: Thu Jun 14, 2007 11:30 am
by Edhy
Hi Martin,

Thank you very much for your contributions.

Iwas checking the Volume Info Plug-In, and would like to suggest including the return of the UNC path from the volume, I think this would be useful. I am playing with the API function WNetGetConnection to get this value, but after looking at your plug-in thought that this function may fit very well in this plug-in.

Posted: Mon Jul 16, 2007 1:52 am
by Tinus
Edhy,

I have enhanced the volume info plug-in to return the UNC path name.

More information and download is here:
http://www.axonet.de/eng/Axo/plugins_fo ... laware.htm

Posted: Wed Feb 06, 2008 3:01 pm
by Ryan Lee
Firstly, thanks for an excellent plugin and making it available to the public.

I am using version 2. 1.0.20 and the plugin does not appear to work for Vista (x64). I have not tested it on 32 bit versions of Vista. The user that is running the installer is logged in as an administrator. I am trying to add a program exception and the exception does not appear in the firewall exception list. Here is the installaware code that I use to add the exception:

Code: Select all

~InstallAware Clipboard Data~

~Windows Firewall~

~{BE0C043C-A2CF-4566-8B8F-C7847EEAC2A2}~

~0,MyApp.exe,0,$TARGETDIR$\\MyApp.exe,,2,0,,3~

~FirewallIDEPlugIn.dll\\FirewallEXEPlugIn.dll~


Any help would be greatly appreciated. thanks!

Posted: Thu Feb 07, 2008 11:30 am
by Tinus
Ryan, I made a test in x86 mode and in 64 Bit mode on Vista 64 and found no problems with the plug-in.

Please check: have you placed the call to the plug-in after Apply Install?
Is MyApp.exe installed before you call the plug-in?

Regards

Posted: Thu Feb 07, 2008 1:21 pm
by Ryan Lee
1. the call to plugin is made after apply install, so MyApp.exe is already installed in it's target folder during the call.

With regards to the questions in your PM:

can you give me some more details? You have build a 64Bit Installer?
- I have built a hybrid win32/x64 installer that detects the type of os and sets installation mode to win32/x64 as necessary.
Basically the sequence of steps (for the failure)
1. set installation mode to x64
2. run gui / specify files to install
3. apply install
4. configure windows firewall

What problem do you have?
- After making the call to the configure windows firewall plugin, the exception is not present.

What version of Vista x64?
Vista Business x64

Vista/64 Cannot add Port to Firewall Exception List

Posted: Mon May 04, 2009 2:28 pm
by ComputerAidedTech
All,

Just checked to see if anyone has added a Port exception using this plug-in under Vista/64.

I can add applications just fine.

Works find under XP.

Posted: Tue May 05, 2009 1:47 am
by Tinus
That's on my list for a later version. Can't give any schedule right now.