News:

Masm32 SDK description, downloads and other helpful links
Message to All Guests
NB: Posting URL's See here: Posted URL Change

Main Menu

Challenge: Firewall Exception

Started by aw27, March 13, 2019, 10:04:25 PM

Previous topic - Next topic

aw27

This challenge is:
What is the simplest and shortest way to make an exception for my program (assuming it is running as Administrator) through the Windows Firewall.

Anyone?

felipe

if exception here means to allow the program to accept incoming traffic from the internet and you are running as admin, the simple way i think it will be just to run the program. then windows will prompt you (at least 8.1) if you want to allow this program in the firewall to accept this incoming traffic, you reply yes (clicking 1 button) and that's all... :idea:

Maybe if the session is from a non admin user, even if you are running the program in "admin mode", after clicking the yes button, you will have to type the admin password. but i'm not sure if this is the case... :idea:

aw27

Quote from: felipe on March 13, 2019, 11:55:55 PM
if exception here means to allow the program to accept incoming traffic from the internet and you are running as admin, the simple way i think it will be just to run the program. then windows will prompt you (at least 8.1) if you want to allow this program in the firewall to accept this incoming traffic, you reply yes (clicking 1 button) and that's all... :idea:

Maybe if the session is from a non admin user, even if you are running the program in "admin mode", after clicking the yes button, you will have to type the admin password. but i'm not sure if this is the case... :idea:

Sure, lots of things work by clicking buttons when the user is asked to.
Now, imagine that in addition you want to remove the firewall exception when the programs ends execution. Sure, you can open Control Panel, look for the Firewall applet, look for the program, elevate permissions and remove it. But programmers are not expected to do things this way and are not expected to tell the users to bother doing it that way if they want to use programs (of course, some don't care  :biggrin:).


felipe

i see, ok let me think a little bit on this.

Vortex

Exercising the Firewall using C++

QuoteThe following code example exercises the Windows Firewall profile; displays the current profile, turns off the firewall, turns on the firewall, and adds an application.

https://docs.microsoft.com/en-us/previous-versions//aa364726%28v=vs.85%29

aw27

Quote from: Vortex on March 14, 2019, 06:31:38 AM
Exercising the Firewall using C++

QuoteThe following code example exercises the Windows Firewall profile; displays the current profile, turns off the firewall, turns on the firewall, and adds an application.

https://docs.microsoft.com/en-us/previous-versions//aa364726%28v=vs.85%29

I think most of this approach does not work properly with recent versions of Windows (I mean Windows Vista and later  :icon_rolleyes:).
They have other complicated and obscure approaches, but I meant a really simple and straightforward approach.

fearless

Write to firewall registry location directly maybe?
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ListZ:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe REG_SZ Z:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service

aw27

@fearless

I can see that entry on a XP machine. Probably, is not being used anymore because I could not spot it in Windows 7 or 10.

Vortex

Hi AW,

Thinking about other possible methods. I know it's not a very elegant method but maybe one could extract and run an embedded .vbs script \ batch file to make an exception in the firewall. Just a quick and practical attempt.

aw27

Hi Vortex,

Not elegant, but works, using the function system.
The following 2 are outdated but still work in Windows 10.
fwAppAdd db "netsh firewall add allowedprogram ""%s"" MyApp ENABLE>NULL",0
fwAppDisable db "netsh firewall add allowedprogram ""%s"" MyApp DISABLE>NULL",0

We have also these:
fwAppRemove db "netsh firewall delete allowedprogram ""%s"">NULL",0
fwFirewallOff db "netsh Advfirewall set allprofiles state off>NULL",0
fwFirewallOn db "netsh Advfirewall set allprofiles state on>NULL",0
fwStatus db "netsh Advfirewall show allprofiles",0