.Net application and WinXP SP2 Firewall

[md]

I recently installed Windows XP SP2 (Had no problems with it at all FWIW).
One of the applications I am writing has a server piece that communicates on
a TCP/IP port that is blocked by default in SP2. When I tried to run the
server the firewall asked me if I wanted to make an exception for this
application, which I did, and then the app worked just fine.

However, if you go into the Windows Firewall and go to the dialog where you
can edit the exceptions, my .net application has a blank where the other
exceptions show an application title or some text. My app shows nothing. I
took a look at all the version information in one of the applications that
the exception showed a name, but nothing in the version information matched
what the firewall was showing.

I haven't tried adding an exception to my application manually to see if
that helps. I'll do that, but I wondered if anyone has seen this and is
there a fix. IT doesn't interfere with the app in any way, it's just one of
those things I'd like to fix.

Thanks

Matt

 

[Guest]

Matt,

I ran into the same problem and I'm in the process of investigating it. It
looks like you have to programatically add your app to the exceptions list.

Check this MSDN document for details..
http://msdn.microsoft.com/security/productinfo/XPSP2/networkprotection/firewall_devimp.aspx

I found that the example in the doc has a few typo's and the typelib used in
the doc is an older version ( all occurances of NetFw4 should just be NetFw,
and a few property names have changed ). I wrote the following sample, and
it builds... but I haven't tested it in an installer yet....

using System;
using System.Collections;
using System.ComponentModel;

using System.Configuration.Install;
using NetFwTypeLib;

namespace iWMS.ICFInstaller
{
[RunInstaller(true)]
public class ICFAppListInstaller : Installer
{
private string name, image, enabled;
private bool appEnabled = false;

private INetFwMgr GetNewManager()
{
INetFwMgr mgr = null;

try
{
mgr = (INetFwMgr) System.Activator.CreateInstance(
System.Type.GetTypeFromProgID( "HNetCfg.FwMgr" ) );
}
catch
{
}

return ( mgr );

}

private INetFwAuthorizedApplication GetNewAuthorizedApplication()
{
INetFwAuthorizedApplication app = null;

try
{
app = (INetFwAuthorizedApplication) System.Activator.CreateInstance(
System.Type.GetTypeFromProgID( "HNetCfg.FwAuthorizedApplication" )
);
}
catch
{
}

return ( app );

}

public override void Install(IDictionary state)
{
GetArgs();
base.Install(state);

INetFwMgr mgr = this.GetNewManager();

if( mgr == null )
return;

try
{
AddToPermissionsList(this.name, this.image, this.appEnabled,
mgr.LocalPolicy.CurrentProfile);
}
catch (Exception e)
{
Context.LogMessage(e.Message);
throw new InstallException(e.Message);
}
}

public override void Uninstall(IDictionary state)
{
GetArgs();

INetFwMgr mgr = this.GetNewManager();

if( mgr == null )
return;

try
{
RemoveFromPermissionsList(this.image, mgr.LocalPolicy.CurrentProfile);
base.Uninstall(state);
}
catch (Exception e)
{
Context.LogMessage(e.Message);
throw new InstallException(e.Message);
}
}

private void GetArgs()
{
name = this.Context.Parameters["Name"];
if (name == "")
throw new InstallException("No name specified");

image = this.Context.Parameters["Image"];
if (image == "")
throw new InstallException("No image name specified");

enabled = this.Context.Parameters["Enabled"];
switch (enabled.ToUpper())
{
case "1":
appEnabled = true;
break;
case "0":
appEnabled = false;
break;
}

}

private void AddToPermissionsList(string name, string imageName,
bool enabled, INetFwProfile profile)
{
INetFwAuthorizedApplication app = this.GetNewAuthorizedApplication();

app.Enabled = enabled;
app.Scope = NET_FW_SCOPE_.NET_FW_SCOPE_LOCAL_SUBNET;
app.Name = name;
app.ProcessImageFileName = imageName;

profile.AuthorizedApplications.Add(app);
}

private void RemoveFromPermissionsList(string imageName, INetFwProfile
profile)
{
profile.AuthorizedApplications.Remove( imageName );
}
}

}