sachintha81
asked on
Register an EXE as a Windows Firewall exception using C# code
I have a service (say BS.exe) written using C# of which the installer is created using Wix and C# (which means it has a Custom Action program associated with the Wix installer program as well). Now, after the program in installed there is a need to go to Windows Firewall settings and register the BS.exe there. That is, go to Windows Firewall -> Change Settings -> Exceptions tab and add BS.exe there.
However, now we need to do this process automatically during the installation time. I guess the Custom Action program associated with the Wix is the best place. So is there a way to register this EXE as a Firewall exception using C#?
Thanks in advance!
However, now we need to do this process automatically during the installation time. I guess the Custom Action program associated with the Wix is the best place. So is there a way to register this EXE as a Firewall exception using C#?
Thanks in advance!
I'm not sure of how can it be done or if it's possible... but, if it is really possible to do I think it's a major security issue in windows firewall, although fw prompts user for confirmation at least...
Yes, you have to add a new entry in windows registry at:
HKEY_LOCAL_MACHINE\SYSTEM\ ControlSet 001\Servic es\SharedA ccess\Para meters\Fir ewallPolic y\Standard Profile\Au thorizedAp plications \List
The entry must have this format:
Name: [AppFullPath]
Type: REG_SZ (Alphanumeric)
Value: [AppFullPath]:*:Enabled:[A pp Description]
Hope this helps.
HKEY_LOCAL_MACHINE\SYSTEM\
The entry must have this format:
Name: [AppFullPath]
Type: REG_SZ (Alphanumeric)
Value: [AppFullPath]:*:Enabled:[A
Hope this helps.
ASKER
@japete
What exactly are the values I am supposed to write into the registry entry? Here is the code I used, tell me what I'm doing wrong because it doesn't give the expected result.
[code]
RegistryKey RegKey = Registry.LocalMachine.Crea teSubKey(@ "SYSTEM\Co ntrolSet00 1\Services \SharedAcc ess\Parame ters\Firew allPolicy\ StandardPr ofile\Auth orizedAppl ications\L ist");
RegKey.SetValue(@"C:\Windo ws\Notepad .exe", Enabled);
[/code]
What exactly are the values I am supposed to write into the registry entry? Here is the code I used, tell me what I'm doing wrong because it doesn't give the expected result.
[code]
RegistryKey RegKey = Registry.LocalMachine.Crea
RegKey.SetValue(@"C:\Windo
[/code]
These are the lines:
RegistryKey RegKey = Registry.LocalMachine.Crea teSubKey(@ "SYSTEM\Co ntrolSet00 1\Services \SharedAcc ess\Parame ters\Firew allPolicy\ StandardPr ofile\Auth orizedAppl ications\L ist");
RegKey.SetValue(@"C:\Windo ws\Notepad .exe", @"C:\Windows\Notepad.exe:* :Enabled:N otepad application");
Regards.
RegistryKey RegKey = Registry.LocalMachine.Crea
RegKey.SetValue(@"C:\Windo
Regards.
ASKER
It writes the registry entry as you've specified. However, it doesn't register the application (Notepad.exe, in this case) as a Firewall exception. Do I have to restart the Firewall/System? I was hoping for a method that wouldn't prompt me to do that.
No, it is not necessary restart firewall/sysam, after registry update I see notepad entry in firewall exception tab (see image).
notepad-firewall.gif
notepad-firewall.gif
ASKER
That's funny because I did exactly the same but it doesn't register the Notepad in exceptions. Note that I'm using Windows Vista Business.
Ah, ok. In windows vista firewall registry entries are different.
Try this:
1) Add app exception manually in Firewall config
2) Go to windows registry: HKEY_LOCAL_MACHINE\SYSTEM\ ControlSet 001\Servic es\SharedA ccess\Para meters\Fir ewallPolic y\Firewall Rules
3) Copy the new 2 rules that appear in windows registry to your install script
4) Then remove manually app exception from firewall config
5) Run your script to check that works fine
Let me know if it works.
Regards.
Try this:
1) Add app exception manually in Firewall config
2) Go to windows registry: HKEY_LOCAL_MACHINE\SYSTEM\
3) Copy the new 2 rules that appear in windows registry to your install script
4) Then remove manually app exception from firewall config
5) Run your script to check that works fine
Let me know if it works.
Regards.
ASKER
japete, thanks for the info. However, I think we're still doing something wrong.
After adding the exception manually, this is how the above said location in my registry looks like. So I'm guessing this is not what you expected.
Reg.jpg
After adding the exception manually, this is how the above said location in my registry looks like. So I'm guessing this is not what you expected.
Reg.jpg
Yes, it's correct. Look for 2 lines like this:
"v2.0|Action=Allow|Active= TRUE|Dir=I n|Protocol =6|Profile =Public|Ap p=C:\\wind ows\\notep ad.exe|Nam e=notepad| Edge=FALSE |"
Take care in look for App=XXX, and set this 2 lines in your installation script with the same Name and Value that are in registry entry.
"v2.0|Action=Allow|Active=
Take care in look for App=XXX, and set this 2 lines in your installation script with the same Name and Value that are in registry entry.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.