[wix-devs] FirewallException to winmgmt (WMI In)

Joel Budreau joel.budreau at gmail.com
Wed Dec 21 17:09:42 PST 2016 

I've been managing these kinds of advanced firewall exceptions by
implementing #2 like you mentioned above.

My (quite removed) take is that #1 has been unimplemented for so long
because Microsoft doesn't seem too eager to document the C++ or C# APIs
that perform the same tasks that "netsh advfirewall firewall ..." does on
the command line. Wix extensions seem to be designed to help free people
from having to create their own custom action dlls for common installer
tasks. These netsh advanced firewall rules are already accessible without
the need to call windows APIs from code, so my guess is that #1 will never
happen.

On Wed, Dec 21, 2016 at 4:37 PM, Ofir Cohen <ofircohenn at gmail.com> wrote:

> Created: 2008-06-05
> Status: Open
>
> This isn't encouraging :-)
>
> If I were to be pragmatic/realistic about this feature request, what
> would you recommend:
> 1) I implement this (with the help of some WiX devs)
>
> 2) I implement custom actions in my installer to:
>    i. enable this on install/modify (if needed)
>       system("netsh advfirewall firewall set rule name="Windows
> Management Instrumentation (WMI-In)" new enable=yes");
>
>    ii. on uninstall restore the state of this rule?
>
> ?
>
> Thanks!
>
> - Ofir
>
> On 22 December 2016 at 02:18, Rob Mensching <rob at firegiant.com> wrote:
> > https://github.com/wixtoolset/issues/issues/1621
> >
> > _____________________________________________________________
> >  Short replies here. Complete answers over there:
> http://www.firegiant.com/
> >
> > -----Original Message-----
> > From: wix-devs [mailto:wix-devs-bounces at lists.wixtoolset.org] On Behalf
> Of Ofir Cohen
> > Sent: Wednesday, December 21, 2016 3:43 PM
> > To: wix-devs at lists.wixtoolset.org
> > Subject: [wix-devs] FirewallException to winmgmt (WMI In)
> >
> > Hi,
> > This is probably something Rob can comment on.
> >
> > I've been using FirewallException [1] to add firewall exception rules to
> my application.
> >
> > Now it feels like this element is somewhat limited in the sense that I
> *cannot* add a firewall exception for WMI, namely to:
> > Name: Windows Management Instrumentation (WMI-In)
> > Description: Inbound rule to allow WMI traffic for remote Windows
> Management Instrumentation. [TCP]
> >
> > bound to service winmgmt (Windows Management Instrumentation)
> >
> > A little googling shows a feature request [2] to allow firewall
> exceptions for builtin service, but I don't know what's the status of it
> and whether or not it was ever implemented / merged to the codebase.
> >
> > Any idea what's the status on this request, or how can I add firewall
> exception to winmgmt?
> >
> >
> > Thanks,
> > Ofir
> >
> > [1] http://wixtoolset.org/documentation/manual/v3/xsd/
> firewall/firewallexception.html
> > [2] https://sourceforge.net/p/wix/feature-requests/394/
> > ____________________________________________________________________
> > WiX Toolset Developer Mailing List provided by FireGiant
> http://www.firegiant.com/
> > ____________________________________________________________________
> > WiX Toolset Developer Mailing List provided by FireGiant
> http://www.firegiant.com/
> ____________________________________________________________________
> WiX Toolset Developer Mailing List provided by FireGiant
> http://www.firegiant.com/
>

More information about the wix-devs mailing list