Jump to content

Recommended Posts

  • Moderators

Hi, ricky03. I will look into writing out to a log. I'm leaning toward writing to the Event Viewer at the moment, unless there is a compelling reason to do it another way. Thanks for the suggestion.

"Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball

How to get your question answered on this forum!

Link to post
Share on other sites
  • 3 weeks later...

Hi,

Thaks for the UDF, it looks like it could be very useful.

Could the same principles be used to specify which connections are protected by the firewall?

Example, a two PCs. PC1 has two LAN connections - Public, Private. PC2 has one connection - Private, only connected to PC1.

For PC1, Public network connection should have the firewall enabled, Private should have it disabled.

For PC2, Private network connection needs no firewall.

So it would be useful to call a function and tell it the name of the connection (e.g., "Local Area Connection 2") and have the function uncheck the box for each firewall profile so the NIC is not firewalled.

Conversely, a function to make sure the NIC is protected by the firewall would also be useful.

E.g., leave the firewall enabled but toggle the state only for a specific network connection.

Is there a Microsoft technote that describes how this could be done? I don't find one, if we find a way maybe we can add to this UDF.

Always carry a towel.

Link to post
Share on other sites
  • Moderators

It sounds like you're describing some of the rules that can be done at the LAN, Interface, Service, etc. level when using the Advanced Security API (link below). This is something I am looking to add into the UDF at present, as I have the time.

http://msdn.microsoft.com/en-us/library/windows/desktop/aa366418(v=vs.85).aspx

"Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball

How to get your question answered on this forum!

Link to post
Share on other sites
  • 3 months later...

Hello,

thanks for this UDF, but I want to list the authorized apps and ports from all profiles, how can I do that?

I try to find over internet, but nothing, strange.

Thanks in advance for your help

Link to post
Share on other sites
  • 1 year later...

Powerful script you have here, thanks for putting this together.

 

In the AddPort function you have one of the Scope options being "2 - Custom List" but where do you define the Custom list and what would the format be?

 

Thanks for your help, Hopefully you are still watching this thread.

Link to post
Share on other sites
  • Moderators

Hi, @NANorman. That script is definitely in need of some updating. I am traveling at the moment, so haven't had a chance to look closely. But at first glance you should be able to modify the function like so to include your addresses:

Func _AddPort($Name, $PortNumber, $Scope = 0, $Protocol = 6, $Enabled = "False", $sRemoteList = "")
    _createFWMgrObject()

    Local $aPorts = $profile.GloballyOpenPorts
    Local $PortNum = $aPorts.Item($PortNumber,$Protocol)
        If IsObj($PortNum) Then
            If $PortNum.Enabled = True Then
                Return SetError(1, 3, "")
            ElseIf $PortNum.Enabled = False Then
                Return SetError(1, 4, "")
            EndIf
        Else
            $port = ObjCreate("HNetCfg.FWOpenPort")
                If Not IsObj($port) Then Return SetError(1, 5, "")
            $port.Name = $Name
            $port.Port = $PortNumber
            $port.Protocol = $Protocol
            $port.Enabled = $Enabled
            
            If $Scope = 2 Then
                $port.RemoteAddresses = $sRemoteList
            Else
                $port.Scope = $Scope
            EndIf

            $profile.GloballyOpenPorts.Add($port)
                If @error <> 0 Then Return SetError(1, 6, "")
        EndIf
EndFunc

Calling the function like this seems to work for me. Again, brief test on WIN10, haven't checked it thoroughly on all OS's yet.

_AddPort("MyTestPort", 9999, 2, Default, "True", "10.1.1.1/255.255.255.255,12.5.0.0/255.255.0.0")

 

"Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball

How to get your question answered on this forum!

Link to post
Share on other sites
  • 2 weeks later...

Hello,

Sorry for my bad English.
Somebody have such a problem?
If my App is  "D:\test.exe"

_AddAuthorizedApp ("Test_FireWall","D:\test.exe",2,1,1)
In  Win7 , the path add to firewall correct.
In  Win8.1 , the path add to firewall and show always "C:5\test.exe"

Edited by acer351
Link to post
Share on other sites

Ok, another question on the same script, I need to open a massive range of ports to just a single IP address.  1024-65535 TCP is the range in question.

Obviously calling out the function to open a single port 64000 times isn't feasible, there must be a way to specify a range?

Thank you for any assistance,

 

-NAN

Link to post
Share on other sites
  • Moderators

@NANorman a quick glance at the MSDN pages for the firewall do not show a parameter to allow you to add thousands of ports in a single pass. You are more than welcome to look on MSDN for yourself. Most of what I find uses a loop; I have never needed to myself, and can find no examples of anyone else needing to, add 64000 ports at a time.

"Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball

How to get your question answered on this forum!

Link to post
Share on other sites

you dont need to open 64000 ports, you just need to close 1000.  and that is a more than reasonable loop.

,-. .--. ________ .-. .-. ,---. ,-. .-. .-. .-.
|(| / /\ \ |\ /| |__ __||| | | || .-' | |/ / \ \_/ )/
(_) / /__\ \ |(\ / | )| | | `-' | | `-. | | / __ \ (_)
| | | __ | (_)\/ | (_) | | .-. | | .-' | | \ |__| ) (
| | | | |)| | \ / | | | | | |)| | `--. | |) \ | |
`-' |_| (_) | |\/| | `-' /( (_)/( __.' |((_)-' /(_|
'-' '-' (__) (__) (_) (__)

Link to post
Share on other sites
  • 1 year later...
  • Moderators

@Nareshm that depends on a whole lot. What OS are you running? What is your current firewall config, is the application listed as an Exception or an Authorized App?

"Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball

How to get your question answered on this forum!

Link to post
Share on other sites
36 minutes ago, JLogan3o13 said:

@Nareshm that depends on a whole lot. What OS are you running? What is your current firewall config, is the application listed as an Exception or an Authorized App?

@JLogan3o13
I am Running windows 7 pro 64 bit, and My application is added to inbond outbond rules. i want to only alllow or block it using autoit.

Link to post
Share on other sites
  • 11 months later...

Hi,

 

i know this topic is very old but i have a question. for our company i have to create an installation guide for a few programms. during this i have to open incoming and outging ports / apps...

 

so i am able to create incomeing firewall rules (ports and apps) but not for outgoing ones...is there a possibility to realize it?

 

 

thanks a lot

 

tommii

Link to post
Share on other sites

@tommii

Much easier to use the cmd line NETSH

Example :

netsh advfirewall firewall add rule name="NetBIOS UDP Port 137" dir=in action=allow protocol=UDP localport=137
netsh advfirewall firewall add rule name="NetBIOS UDP Port 137" dir=out action=allow protocol=UDP localport=137

You can define IN or OUT going...

 

Link to post
Share on other sites
  • 1 year later...

Hi @JLogan3o13, i have a problem with your UDF when i run in Windows Server 2012 R2 for add a new listening port, here is my script:
 

#include <RegSearch.au3>
#include <Windows Firewall.au3>

Global Const $TCP = 6
Global Const $UDP = 17

ConsoleWrite(_RemotePort_Add(3380, $TCP) & @CRLF)

Func _RemotePort_Add($iPort, $iType = 6)
    If StringRegExp($iPort, '^(6553[0-5]|655[0-2]\d|65[0-4]\d\d|6[0-4]\d{3}|[1-5]\d{4}|[1-9]\d{0,3})$') And StringRegExp($iType, '^[6]{1}|[17]{2}$') Then
        Local Const $sRegMainPath = "HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations"
        Local Const $asRegValueType[12] = ["REG_NONE", "REG_SZ", "REG_EXPAND_SZ", "REG_BINARY", "REG_DWORD", "REG_DWORD_BIG_ENDIAN", "REG_LINK", "REG_MULTI_SZ", "REG_RESOURCE_LIST", "REG_FULL_RESOURCE_DESCRIPTOR", "REG_RESOURCE_REQUIREMENTS_LIST", "REG_QWORD"]

        If Not StringInStr(_RegSearch("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations", $iPort, 4), "PortNumber = " & $iPort) Then
            For $i = 1 To 1000
                Local $sRegMainPathValue = RegEnumVal($sRegMainPath & "\RDP-Tcp", $i)

                If @error <> 0 Then
                    ContinueLoop
                EndIf
                If $sRegMainPathValue <> "PortNumber" Then
                    Local $sRegRead = RegRead($sRegMainPath & "\RDP-Tcp", $sRegMainPathValue)
                    Local $sRegType = $asRegValueType[@extended]

                    If RegWrite("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp-" & $iPort, $sRegMainPathValue, $sRegType, $sRegRead) = @error Then
                        Return SetError(-3, 0, -3)
                    EndIf
                EndIf
            Next

            If RegWrite("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp-" & $iPort, "PortNumber", "REG_DWORD", $iPort) = @error Then
                Return SetError(-3, 0, -3)
            EndIf

            If $iType = $TCP Then
                If _AddPort("RDP Listening Port to Terminal Server", $iPort, 0, $TCP, "True") = @error Then
                    Return SetError(-4, 0, -4)
                Else
                    Return SetExtended(0, "SUCCESS: <" & $iPort & "> TCP port has been successfully opened!")
                EndIf
            Else
                If _AddPort("RDP Listening Port to Terminal Server", $iPort, 0, $UDP, "True") = @error Then
                    Return SetError(-4, 0, -4)
                Else
                    Return SetExtended(0, "SUCCESS: <" & $iPort & "> UDP port has been successfully opened!")
                EndIf
            EndIf
        Else
            Return SetExtended(0, 0)
        EndIf
    Else
        Return SetError(-1, 0, -1)
    EndIf
EndFunc   ;==>_RemotePort_Add

_RemotePort_Add.au3

And my output in server is:

>"C:\Program Files (x86)\AutoIt3\SciTE\..\AutoIt3.exe" "C:\Program Files (x86)\AutoIt3\SciTE\AutoIt3Wrapper\AutoIt3Wrapper.au3" /run /prod /ErrorStdOut /in "C:\Users\.NetFramework\Desktop\22.au3" /UserParams    
+>11:16:22 Starting AutoIt3Wrapper (19.1127.1402.0} from:SciTE.exe (4.2.0.0)  Keyboard:00000409  OS:WIN_2012R2/  CPU:X64 OS:X64  Environment(Language:0409)  CodePage:0  utf8.auto.check:4
+>         SciTEDir => C:\Program Files (x86)\AutoIt3\SciTE   UserDir => C:\Users\.NetFramework\AppData\Local\AutoIt v3\SciTE\AutoIt3Wrapper   SCITE_USERHOME => C:\Users\.NetFramework\AppData\Local\AutoIt v3\SciTE 
>Running AU3Check (3.3.14.5)  from:C:\Program Files (x86)\AutoIt3  input:C:\Users\.NetFramework\Desktop\22.au3
+>11:16:22 AU3Check ended.rc:0
>Running:(3.3.14.5):C:\Program Files (x86)\AutoIt3\autoit3.exe "C:\Users\.NetFramework\Desktop\22.au3"    
+>Setting Hotkeys...--> Press Ctrl+Alt+Break to Restart or Ctrl+BREAK to Stop.
0
"C:\Program Files (x86)\AutoIt3\Include\Windows Firewall.au3" (112) : ==> The requested action with this object has failed.:
Local $PortNum = $aPorts.Item($PortNumber, $Protocol)
Local $PortNum = $aPorts^ ERROR
->11:16:22 AutoIt3.exe ended.rc:1
+>11:16:22 AutoIt3Wrapper Finished.
>Exit code: 1    Time: 1.327

 

Link to post
Share on other sites
  • Moderators

@Colduction I will take a look if I get some time this weekend, but this UDF has not been touched since 2014, as there are much easier ways to deal with the local firewall now so it doesn't surprise me some things no longer work. 

At a high level, from the error it is clear that $aPorts is not being populated during your call to _AddPort(). That function first creates the FW object, then opens the object's .LocalPolicy.CurrentProfile to see what profiles are in use. This seems to work fine, as you are receiving no errors creating the $profile. $aPorts is the GloballyOpenPorts on that profile, and that is where you seem to be failing. If you want to do some quick error checking, you can modify the opening line in the _AddPort function of the UDF to gather all the $profile properties so you can see what is there and what is not.

 

"Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball

How to get your question answered on this forum!

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By water
      I have started to rewrite the PowerPoint UDF similar to the Word, Excel and Outlook UDF. The new UDF will not be compatible with the existing one.
      I will add examples, documentation, a section in the wiki etc.
      So far the following functions have been coded - more are on the ToDo list.
      _PPT_Open: Open a connection to a running instance of PowerPoint or start a new one _PPT_Close: Close a PowerPoint instance _PPT_CommentAdd: Add a Comment anywhere on a Slide or connected to a Shape (version 1.5.0.0 2021-08-31) _PPT_CommentDelete: Delete a single Comment from a Slide or all Comments from a SlideRange (version 1.5.0.0 2021-08-31) _PPT_CommentList: Get a list of all Comments in a Presentation (version 1.5.0.0 2021-08-31) _PPT_ConvertUnits: Convert units (like centimeters) to other units (like points) (version 1.3.0.0 2021-08-17) _PPT_HeaderFooterList: Returns a list of Headers and Footers for a Presentation (version 1.1.0.0 2021-07-25, removed with version 1.4.0.0 2021-08-25) _PPT_HeaderFooterSet: Sets the Header/Footer for a Slide/Slides or the Slide-/Notes-/Handout-/Title-Master of the Presentation (version 1.2.0.0 2021-08-09) _PPT_PresentationAttach: Attach to an already opened Presentation _PPT_PresentationClose: Close a Presentation _PPT_PresentationExport: Export one/multiple/all Slides as PDF or XPS. _PPT_PresentationExportGraphic: Export one/multiple/all Slides in a graphic format. _PPT_PresentationList: Returns a list of currently open Presentations (version 1.0.0.0 2021-07-20) _PPT_PresentationNew: Create a new Presentation _PPT_PresentationOpen: Open an existing Presentation _PPT_Print: Print one/multiple/all Slides of a Presentation (version 1.0.0.0 2021-07-20) _PPT_PresentationSave: Save a Presentation _PPT_PresentationSaveAs: Save a Presentation to another location or with another type _PPT_ShapeAdd: Add a Shape to a single or multiple Slides (version 1.1.0.0 2021-07-25) _PPT_ShapeAlignDistribute: Aligns and distributes the Shapes in the specified ShapeRange (version 1.6.0.0 - to be released) _PPT_ShapeCopyMove: Copy/move a Shape(s) of a single Slide to a Slide(s) in the same or a different Presentation (version 1.1.0.0 2021-07-25) _PPT_ShapeDelete: Delete a Shape or Shapes from a single or multiple Slides (version 1.1.0.0 2021-07-25) _PPT_SlideAdd: Add slide(s) to a Presentation _PPT_SlideCopyMove: Copy, move, duplicate Slide(s) _PPT_SlideDelete: Delete Slide(s) _PPT_SlideShow: Show a Presentation _PPT_TableGet: Extract data from a PowerPoint Table Shape to an array (version 1.3.0.0 2021-08-17) _PPT_TableSet: Write data to a PowerPoint Table Shape (version 1.3.0.0 2021-08-17) _PPT_TextFindReplace: Find & replace text throughout entire PowerPoint presentation (version 1.0.0.0 2021-07-20) _PPT_TextSet: Sets/modifies the Text of a Shape or Shapes of a single or multiple Slides (version 1.2.0.0 2021-08-09 Which functions do you want me to add to the UDF?
      ToDo list:
      create slide (JLogan3o13) - Done: _PPT_SlideAdd Apply template to slide (JLogan3o13) - Done: _PPT_SlideAdd Apply theme to slide (JLogan3o13) Cut/Copy/Duplicate/Move/Delete slide(s) (JLogan3o13) - Done: _PPT_SlideCopyMove, _PPT_SlideDelete Export slides (JLogan3o13) - Done: _PPT_PresentationExport Cut/Copy/Duplicate/Move/Delete shape(s) (JLogan3o13): Done : _PPT_ShapeCopyMove, _PPT_ShapeDelete (version 1.1.0.0 2021-07-25) ApplyAnimation, Select, SetDefaultProperties, and zOrder for shape(s) (JLogan3o13) Searching and replacing text (pcjunki) - Done: _PPT_TextFindReplace (version 1.0.0.0 2021-07-20) Export slides in a graphic format (JPG, GIF, PNG ...) (UEZ) - Done: _PPT_PresentationExportGraphic The UDF can be downloaded from the download forum.
       
    • By p4sCh
      Hello everyone,
      I've created a UDF for basic communication with SSH servers. I know there is already such a UDF, but I wasn't satisfied with it for my purpose, so I created a new one.
      This UDF also acts as a wrapper for the plink executable. Its essential functions are _SSHConnect, _SSHSend, _SSHRecv and _SSHCloseSocket.
      It does support multiple simultaneous connections and aims to be pretty robust. Feel free to share your opinions
      Two of the included examples use a slightly modified version of Vintage Terminal by @Chimp
      Download
      The download includes ssh.au3 (UDF), plink.exe (necessary), vintage terminal and code examples:
      SSH UDF.zip
    • By seadoggie01
      This UDF is because I'm tired of trying to use UI Automation and Send to automate Adobe Acrobat. I often need to read the contents of PDFs and Acrobat is not easy to work with as a window.  The functions are based on the API Reference from Adobe located here.
      Acrobat Pro is required for all functions.
      It's very beta right now, but it still seems to work. Currently, the functions are based around page level manipulation of PDF documents: re-arranging, swapping, deleting, and moving pages as this is what I use the most.
      Please feel free to request/suggest features!
       
       
    • By DonChunior
      Introduction 
      In the course of my research for a project involving, among other things, the transfer of large amounts of data, I came across the BITS service and from that the idea for this UDF was born.
      For a brief overview, I'll quote from Microsoft's BITS website (https://docs.microsoft.com/en-us/windows/win32/bits/background-intelligent-transfer-service-portal).
      Availability 🛒
      The BITS UDF can be downloaded from my GitHub repository:
      🔗 https://github.com/DonChunior/BITS-UDF
      Comments 💬
      Currently, only an alpha version of the UDF is available.
      This contains by and large the full functionality of the object interfaces, but still completely lacks error checking and handling.
      I will implement this in the upcoming beta version.
      Therefore I ask you to use the UDF only for testing purposes but not in productive code!
      Acknowledgment 🤝
      Many thanks to @Nine and @Danyfirex.
      You helped me very well in solving some tricky problems.
    • By Hermes
      I have Index.html where it contains a frame with a source "frame1.html". I can select/highlight elements in index.html but unable to select/highlight elements inside the frame with the src "frame1.html", the autoit output is throwing error:
      __WD_Post: URL=HTTP://127.0.0.1:9515/session/2143396006437be4005db3b84acc1496/element/8be1c3c4-5bb1-42b1-8cde-7954765cbc61/element; $sData={"using":"css selector","value":"frameset:nth-of-type(1)"} __WD_Post: StatusCode=404; ResponseText={"value":{"error":"no such element","message":"no such element: Unable to locate element: {\"method\... __WD_Post ==> No match: {"value":{"error":"no such element","message":"no such element: Unable to locate element: {\"method\":\"css selector\",\"selector\":\"frameset:nth-of-type(1)\"}\n (Session info: chrome=90.0.4430.212)","stacktrace":"Backtrace:\n\tOrdinal0 [0x00FCE7D3+124883]\n\tOrdinal0 [0x00FCE7B1+124849]\n\tGetHandleVerifier [0x01218688+193832]\n\tGetHandleVerifier [0x0123C478+340760]\n\tGetHandleVerifier [0x012361F1+315537]\n\tGetHandleVerifier [0x012516BA+427354]\n\tGetHandleVerifier [0x01236176+315414]\n\tGetHandleVerifier [0x0125174A+427498]\n\tGetHandleVerifier [0x0125D6EB+476555]\n\tGetHandleVerifier [0x0125154B+426987]\n\tGetHandleVerifier [0x01234FFD+310941]\n\tGetHandleVerifier [0x01235D8E+314414]\n\tGetHandleVerifier [0x01235D19+314297]\n\tGetHandleVerifier [0x012F31EC+1089676]\n\tGetHandleVerifier [0x012F17C9+1082985]\n\tGetHandleVerifier [0x012F13A3+1081923]\n\tGetHandleVerifier [0x013ED9FD+2115741]\n\tOrdinal0 [0x0111B82E+1488942]\n\tOrdinal0 [0x010B5A7D+1071741]\n\tOrdinal0 [0x010B559B+1070491]\n\tOrdinal0 [0x010B54B1+1070257]\n\tOrdinal0 [0x010EFF53+1310547]\n\tBaseThreadInitThunk [0x770662C4+36]\n\tRtlSubscribeWnfStateChangeNotification [0x776B1B69+1081]\n\tRtlSubscribeWnfStateChangeNotification [0x776B1B34+1028]\n"}} Auto IT Script:
      #Include "wd_core.au3" #Include "wd_helper.au3" Local $sDesiredCapabilities, $sSession SetupChrome() _WD_Startup() $sSession = _WD_CreateSession($sDesiredCapabilities) _WD_Navigate($sSession, 'index.html') _WD_LoadWait($sSession) Local $index = _WD_FindElement($sSession, $_WD_LOCATOR_ByCSSSelector, "frameset:nth-of-type(1)") Local $index1 = _WD_FindElement($sSession, $_WD_LOCATOR_ByCSSSelector, "frameset:nth-of-type(1)", $index) Local $index2 = _WD_FindElement($sSession, $_WD_LOCATOR_ByCSSSelector, "frame:nth-of-type(1)", $index1) Local $index3 = _WD_FindElement($sSession, $_WD_LOCATOR_ByCSSSelector, "frameset:nth-of-type(1)", $index2) _WD_HighlightElement($sSession, $index2, 1) _WD_HighlightElement($sSession, $index3, 1) _WD_Shutdown() Func SetupChrome() _WD_Option('Driver', 'chromedriver.exe') _WD_Option('Port', 9515) _WD_Option('DriverParams', '--log-path="' & @ScriptDir & '\chrome.log"') $sDesiredCapabilities = '{"capabilities": {"alwaysMatch": {"goog:chromeOptions": {"w3c": true, "args":["start-maximized","disable-infobars"]}}}}' EndFunc ;==>SetupChrome  

      frame1.html index.html
×
×
  • Create New...