I need to open up the Windows Firewall for outbound connections for an application I'm writing.
The best answers I've been able to locate are here:
http://www.shafqatahmed.com/2008/01/controlling-win.html
http://www.vincenzo.net/isxkb/index.php?title=Adding_a_rule_to_the_Windows_firewall
The problem is that method only creates an inbound rule, and not an outbound rule. (Both the C# and InnoSetup script use the same method.) This is entirely useless for me.
The default behaviour for the Windows Firewall is to allow outbound traffic, but that doesn't guarantee that someone won't change that.
I would prefer to do this in the installer (using InnoSetup) rather than doing it in C#.
Did I miss something?
Does anyone know how to create an outbound rule?
To create an inbound port ruleOpen the Group Policy Management Console to Windows Defender Firewall with Advanced Security. In the navigation pane, click Inbound Rules. Click Action, and then click New rule. On the Rule Type page of the New Inbound Rule Wizard, click Custom, and then click Next.
You can use netsh if you need add some exceptions for your application.
write in command line (for XP):
netsh firewall add allowedprogram ?
write in command line (for W7):
netsh advfirewall firewall add rule ?
This difference becouse netsh firewall command is deprecated. Instead, we have to use the command netsh advfirewall firewall.
More information about using the command netsh advfirewall firewall instead of the netsh firewall command we can see in Knowledge Base there: http://go.microsoft.com/fwlink/?linkid=121488
Examples:
Adding a rule for incoming traffic without security encapsulation for messenger.exe:
netsh advfirewall firewall add rule name="allow messenger" dir=in program="c:\programfiles\messenger\msmsgs.exe" security=authnoencap action=allow
Adding a rule for outgoing traffic at the port 80:
netsh advfirewall firewall add rule name="allow80" protocol=TCP dir=out localport=80 action=block
Adding rules to inbound traffic with safety & traffic encryption for TCP through port 80:
netsh advfirewall firewall add rule name="Require Encryption for Inbound TCP/80" protocol=TCP dir=in localport=80 security=authdynenc action=allow
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With