PC Review Forums Newsgroups Windows XP Windows XP Setup Re: using WindowsFirewall in unattend.txt

Reply

Re: using WindowsFirewall in unattend.txt
 
Thread Tools Rate Thread
Old 25-08-2004, 06:55 AM   #1
Mikael Pehrsson
Guest
 
Posts: n/a
Default Re: using WindowsFirewall in unattend.txt


Nitin wrote:
> I have read some documentation on how to create the [WindowsFirewall] section
> in the unattend.txt. However, I am not able to open multiple ports. What am
> i doing wrong?... below is my firewall section of the unattend.txt.
>
> [WindowsFirewall]
> Profiles = WindowsFirewall.Standard
> Logfile = "%WINDIR%\pfirewall.log"
> LogSize = 4096
> LogDroppedPackets = 1
> LogConnections = 1
>
> [WindowsFirewall.Standard]
> Type = 3
> Mode = 1
> Exceptions = 1
> Notifications = 1
> MulticastBroadcastResponse = 1
> AllowedPrograms = WindowsFirewall.RemoteAssistance
> AllowedPrograms = WindowsFirewall.smsClient
> Services = WindowsFirewall.RemoteDesktop
> PortOpenings = WindowsFirewall.smsRC1, WindowsFirewall.smsRC2
>
> [WindowsFirewall.RemoteAssistance]
> Program = "%WINDIR%\System32\Sessmgr.exe"
> Name = "Remote Assistance"
> Mode = 1
> Scope = 0
>
> [WindowsFirewall.smsClient]
> Program = "%WINDIR%\MS\SMS\clicomp\RemCtrl\Wuser32.exe"
> Name = "SMS Remote Control"
> Mode = 1
> Scope = 0
>
> [WindowsFirewall.RemoteDesktop]
> Type = 5
> Mode = 1
> Scope = 0
>
> [WindowsFirewall.smsRC1]
> Protocol= 6
> Port = 2701
> Name = "SMS Remote Control 1"
> Mode = 1
> Scope = 0
>
> [WindowsFirewall.smsRC2]
> Protocol= 6
> Port = 2702
> Name = "SMS Remote Control 2"
> Mode = 1
> Scope = 0

I'm not shure but my approach was to install sp2 on one machine and
manually open desired ports and export registry, then make a runonce of
it. Is there a smarter way? or is it a correct way to do this?

Mikael Pehrsson
  Reply With Quote
Old 25-08-2004, 02:30 PM   #2
Patrick J. LoPresti
Guest
 
Posts: n/a
Default Re: using WindowsFirewall in unattend.txt
Mikael Pehrsson <mikael.pehrsson@af.se> writes:

> I'm not shure but my approach was to install sp2 on one machine and
> manually open desired ports and export registry, then make a runonce
> of it. Is there a smarter way? or is it a correct way to do this?

Yes; use the "netsh firewall" command. See
<http://support.microsoft.com/?id=875357#13> for a quick overview.

But the original poster is correct that it should be configurable from
unattend.txt. All of this is fully documented in "Deploying Windows
Firewall Settings for Microsoft Windows XP with Service Pack 2":

http://www.microsoft.com/downloads/...cd-499f73a637d1

- Pat
http://unattended.sourceforge.net/
  Reply With Quote
Reply

Archive


Thread Tools
Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off