Reputation: 61
Howto open firewall ports during installation?
How can I open Windows Firewall ports during installation with install4j?
I found this solution for c#, but I'm unable to port it to install4j custom code:
http://www.codeproject.com/Articles/14906/Open-Windows-Firewall-During-Installation
Perhaps someone has an idea or alternate solution?
Upvotes: 4
Views: 2602
Answers (2)
Reputation: 30305
It's been a while since the question was asked, but here's how I did it with install4j 5.1/6.1
For every firewall rule I used the "run executable or batch file" action with the following parameters:
Executable: ${installer:sys.system32Dir}\netsh.exe
Working Directory: ${installer:sys.system32Dir}
Arguments: depending on the rule I wanted to create using the netsh syntax.
For example: advfirewall; firewall; add; rule; name=${compiler:sys.shortName} UDP IN; dir=in; action=allow; service=${compiler:sys.shortName}; localip=any; remoteip=any; localport=any; remoteport=any; protocol=udp; interfacetype=any; security=notrequired; edge=no; profile=any; enable=yes
or, from the edit dialog:
advfirewall
firewall
add
rule
name=${compiler:sys.shortName} UDP IN
dir=in
action=allow
service=${compiler:sys.shortName}
localip=any
remoteip=any
localport=any
remoteport=any
protocol=udp
interfacetype=any
security=notrequired
edge=no
profile=any
enable=yes
A word of advice:
netsh is finicky with regard to the parameters it receives. And even worse, it tends to print very unhelpful and misleading messages when it fails to parse your input. So note the following:
- Pass each netsh command as a separate argument. In the property sheet separate them using semicolons. In the edit dialog separate by newlines.
- Don't use quotes in your arguments. If the Microsoft documentation tells you to specify a rule name like this:
name="rule name", then do that in the command line only. From install4j, the argument should bename=rule namewithout quotes. - Make sure that your arguments don't contain anything they shouldn't, like white spaces in places where they don't belong. netsh doesn't like that.
Upvotes: 4
Reputation: 61
Thx, I found a similar solution, I just created a "firewall.cmd" with the rules let it run from install4j during install. Content of "firewall.cmd":
netsh.exe advfirewall firewall delete rule name="QOMET-IN"
netsh.exe advfirewall firewall delete rule name="QOMET-OUT"
netsh.exe advfirewall firewall add rule name="QOMET-IN" protocol=TCP dir=in localport=3050,29418-29430,14416 security=notrequired action=allow profile=any enable=yes
netsh.exe advfirewall firewall add rule name="QOMET-OUT" protocol=TCP dir=out remoteport=3050,29418-29430,14416,20,21,25,587,80 security=notrequired action=allow profile=any enable=yes
Upvotes: 1
Related Questions
- Java Application and Windows Firewall
- Inno Setup - How to automatically allow Java through firewall
- Modifying Windows Firewall rules from Java Web Start (JNLP)
- Open a port in firewall with Java?
- Windows firewall on/off using JAVA
- Install4j Prompt user to specify port number to run JBoss Server
- How to go through firewall from java program
- Creation of Firewall rule during installation: netsh or WindowsFirewall API?
- Mac firewall setting with java
- Java Firewall Check? Tell the server admin to turn the firewall off