Jump to content

Windows Firewall UDF


JLogan3o13
 Share

Recommended Posts

  • Moderators

Thanks for the update. I do not have a Win732bit, only XP (both 32 and 64) and Win7 64bit. It did not work on Win 7 64. I'll add this bit in the description, though. Thanks again.

"Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball

How to get your question answered on this forum!

Link to comment
Share on other sites

I just tested _ListAuthorizedApps on Win7 x64 and it worked ok for me.

Might I suggest though that you have the function return the listing rather than popping up a message box for each one? Seriously annoying when I missed that in the script and I have several apps that have to get listed.

If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.
Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag Gude
How to ask questions the smart way!

I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from.

Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays.  -  ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script.  -  Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label.  -  _FileGetProperty - Retrieve the properties of a file  -  SciTE Toolbar - A toolbar demo for use with the SciTE editor  -  GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI.  -   Latin Square password generator

Link to comment
Share on other sites

  • Moderators

I just tested _ListAuthorizedApps on Win7 x64 and it worked ok for me.

Might I suggest though that you have the function return the listing rather than popping up a message box for each one? Seriously annoying when I missed that in the script and I have several apps that have to get listed.

That is odd; I tested on four or five of my Win7 boxes, and it didn't return anything on any of them. I will have to look into it more. Thanks for the info, BrewManNH, and the confirmation, JScript.

Edit: Found the issue on my end that was preventing it from working on Win7. Updated first post to reflect this. Thanks again, gentlemen.

Edited by JLogan3o13

"Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball

How to get your question answered on this forum!

Link to comment
Share on other sites

  • Moderators

Modified the List functions to return a ListView as suggested by BrewManNH, and added functionality to open and close existing ports. Source updated in first post.

"Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball

How to get your question answered on this forum!

Link to comment
Share on other sites

It's bad practice to use a MsgBox in a UDF to return an error. You should settle for SetError instead and let the user decide how to display the error.

UDF List:

 
_AdapterConnections()_AlwaysRun()_AppMon()_AppMonEx()_ArrayFilter/_ArrayReduce_BinaryBin()_CheckMsgBox()_CmdLineRaw()_ContextMenu()_ConvertLHWebColor()/_ConvertSHWebColor()_DesktopDimensions()_DisplayPassword()_DotNet_Load()/_DotNet_Unload()_Fibonacci()_FileCompare()_FileCompareContents()_FileNameByHandle()_FilePrefix/SRE()_FindInFile()_GetBackgroundColor()/_SetBackgroundColor()_GetConrolID()_GetCtrlClass()_GetDirectoryFormat()_GetDriveMediaType()_GetFilename()/_GetFilenameExt()_GetHardwareID()_GetIP()_GetIP_Country()_GetOSLanguage()_GetSavedSource()_GetStringSize()_GetSystemPaths()_GetURLImage()_GIFImage()_GoogleWeather()_GUICtrlCreateGroup()_GUICtrlListBox_CreateArray()_GUICtrlListView_CreateArray()_GUICtrlListView_SaveCSV()_GUICtrlListView_SaveHTML()_GUICtrlListView_SaveTxt()_GUICtrlListView_SaveXML()_GUICtrlMenu_Recent()_GUICtrlMenu_SetItemImage()_GUICtrlTreeView_CreateArray()_GUIDisable()_GUIImageList_SetIconFromHandle()_GUIRegisterMsg()_GUISetIcon()_Icon_Clear()/_Icon_Set()_IdleTime()_InetGet()_InetGetGUI()_InetGetProgress()_IPDetails()_IsFileOlder()_IsGUID()_IsHex()_IsPalindrome()_IsRegKey()_IsStringRegExp()_IsSystemDrive()_IsUPX()_IsValidType()_IsWebColor()_Language()_Log()_MicrosoftInternetConnectivity()_MSDNDataType()_PathFull/GetRelative/Split()_PathSplitEx()_PrintFromArray()_ProgressSetMarquee()_ReDim()_RockPaperScissors()/_RockPaperScissorsLizardSpock()_ScrollingCredits_SelfDelete()_SelfRename()_SelfUpdate()_SendTo()_ShellAll()_ShellFile()_ShellFolder()_SingletonHWID()_SingletonPID()_Startup()_StringCompact()_StringIsValid()_StringRegExpMetaCharacters()_StringReplaceWholeWord()_StringStripChars()_Temperature()_TrialPeriod()_UKToUSDate()/_USToUKDate()_WinAPI_Create_CTL_CODE()_WinAPI_CreateGUID()_WMIDateStringToDate()/_DateToWMIDateString()Au3 script parsingAutoIt SearchAutoIt3 PortableAutoIt3WrapperToPragmaAutoItWinGetTitle()/AutoItWinSetTitle()CodingDirToHTML5FileInstallrFileReadLastChars()GeoIP databaseGUI - Only Close ButtonGUI ExamplesGUICtrlDeleteImage()GUICtrlGetBkColor()GUICtrlGetStyle()GUIEventsGUIGetBkColor()Int_Parse() & Int_TryParse()IsISBN()LockFile()Mapping CtrlIDsOOP in AutoItParseHeadersToSciTE()PasswordValidPasteBinPosts Per DayPreExpandProtect GlobalsQueue()Resource UpdateResourcesExSciTE JumpSettings INISHELLHOOKShunting-YardSignature CreatorStack()Stopwatch()StringAddLF()/StringStripLF()StringEOLToCRLF()VSCROLLWM_COPYDATAMore Examples...

Updated: 22/04/2018

Link to comment
Share on other sites

  • Moderators

Thanks for the suggestions, I will take a look at some other UDFs regarding how best to set/use SetError.

"Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball

How to get your question answered on this forum!

Link to comment
Share on other sites

  • 2 weeks later...

I've just grabbed this UDF as it would address a number of FW issues I have to deal with pertaining to an install & management app I am working on. My Dev & Test system is Win-7/64 but I also have Vista-32 & XP-32 on separate machines for testing...

I have been working with an alternative method of creating Firewall rules, opening specific ports, TCP & UDP as required.

Some points I've hit with this UDF. (possibly [Keyboard <-> Chair interface] failure but unlikely)

For testing purposes I made a mini applet with #RequireAdmin otherwise it doesn't work ... Might suggest making a note for that in the first posting as not everyone would likely be aware of that little detail.

_AddAuthorizedApp("App-Test", "D:MynewAppBinMyApp.exe", 2, 0, True)

creates an InBound rule perfectly

does not create an Outbound rule. Possibly a switch for Inbound / Outbound rule

does not address specific ports for App-Test. opening a specific app and allowing it to use only certain ports IE ports:9000-9002 TCP / UDP or ALL (Security being a point here)

_AddPort("MyTestPort", 9999, 0, 6, "True")

does not appear to add any ports to any previous in/out bound rules

it creates a separate rule for the specified port. does not specify which rule to add it to (for example App-Test) if created above. Also does not specify which excutable to allow it for, as it just opens the port to all apps which would be a potential security issue.

_ListAuthorizedApps()

lists previously manually configed apps and App-Test and does this nicely

_ListAuthorizedPorts()

shows "All Authorized Applications" (line 334) which should show "All Authorized Ports"

Sample C# code which shows using the netsh to accomplish adding an app with specified ports, protocol (tcp/udp), in/out bound

static public void OpenFirewallPort(string ruleName, int portNumber)
{           
    switch (Environment.OSVersion.Version.Major)            
    {
        // Is Windows XP running (Windows NT 5)?
        case 5:                  
            // Opening port for both TCP and UDP : removing eventual existing rule then creating new one                    
            RunShellCommand("netsh firewall delete portopening all " + portNumber.ToString());                  
            RunShellCommand("netsh firewall add portopening all " + portNumber.ToString());                  
            break;               
            // Is Windows Vista running (Windows NT 6)?             
        case 6:                  
            // Opening port for TCP : removing eventual existing rule then creating new one                 
            RunShellCommand("netsh advfirewall firewall delete rule name=" + ruleName + " dir=in protocol=tcp localport=" + portNumber.ToString());                 
            RunShellCommand("netsh advfirewall firewall add rule name=" + ruleName + " dir=in action=allow enable=yes protocol=tcp localport=" + portNumber.ToString());                     
            // Opening port for UDP : removing eventual existing rule then creating new one                 
            RunShellCommand("netsh advfirewall firewall delete rule name=" + ruleName + " dir=in protocol=udp localport=" + portNumber.ToString());                 
            RunShellCommand("netsh advfirewall firewall add rule name=AAA_MyTest dir=in action=allow enable=yes protocol=udp localport=8002-8005,8007,9000-9010" + portNumber.ToString());                   
        break;          
    }       
}

Thanks for the great work ! Hope my suggestions / thoughts help,

WhiteStar

~ WhiteStar Magic

Always tuned to http://www.superbluesradio.com/  Tune in at http://87.117.217.41:8036/

Link to comment
Share on other sites

  • 1 year later...

Hello,

thanks for your udf, I'm testing it in my computer with autoIt 3.3.10.2 but in _ListAuthorizedApps() the parameters to the ArrayDisplay are wrong because by default noting appears and without the parameters the script find some apps.

You need to replace by :

In _ListAuthorizedApps() replace by :

_ArrayDisplay($aArray, "All Authorized Applications", 7, 0, "|", "Application Name|Enabled - True or False|IP Version|File Name|Remote Addresses|Scope")

In _ListAuthorizedPorts() replace by :

_ArrayDisplay($aArray, "All Authorized Applications", 8, 0, "|", "Port Name|Port Number|IP Version|Protocol TCP(6) or UDP(17)" & _
        "|Remote Addresses|Scope|Enabled|Builtin")
Edited by ricky03
Link to comment
Share on other sites

  • Moderators

Hi, ricky03. I am revisiting all my work since the recent upgrade. Thank you for the suggestions, I will look into updating this soon.

"Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball

How to get your question answered on this forum!

Link to comment
Share on other sites

  • Moderators

Hi, AutID. Changing to SetError has been suggested already, and will be implemented in the rewrite that I mentioned above.

"Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball

How to get your question answered on this forum!

Link to comment
Share on other sites

  • 2 weeks later...

Nice update. You might want to change the names of your global variables though, they are very generic. I went with $__g_WF_fwMgr and $__g_WF_fwProfile. You could probably also use an IsObj() check in your _create function to avoid reinitializing the global object on each call.

Edited by wraithdu
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...