Allow an app through firewall

Hi All,

This is my first post and I thought I should share something on how can "Allow an app through Windows Firewall" setting for Windows be played with while packaging an application.

Sometimes, the shortcut of a software might required to be allowed through the firewall as part of the automation (as a part of your package), so that when the users launch that shortcut, they don't see the prompt and can use the software. Something like the below snapshot:

This can be suppressed through UI by going to the following in "All Control Panel Items":
Control Panel\All Control Panel Items\Windows Firewall\Allowed applications

Cleck on "Change Settings".
Then click on "Allow another app..." and browse you application exe.


Now to accomplish this programmatically, there is a command line utility called "netsh". Below are listed, two commands, which add and remove a respective firewall rule:
The command line options can be explored and used by typing "netsh advfirewall /?" on command prompt to suit your needs.

In some cases/organizations/client environments, you might not want to configure such settings via your package. Never mind, these commands can come in handy, when you are trying to push a script through GPO or something.

Add a rule:
 netsh advfirewall firewall add rule name="Test" profile=domain,private protocol=any enable=yes DIR=In program="%ProgramFiles%\Test\Test.exe" Action=Allow

Remove the rule:
 netsh advfirewall firewall delete rule profile=domain,private name="Test"

These commands can be called as deferred custom actions in an MSI (or MST) to be run in System Context.

Any additions/comments to this blog are most welcome. Please do share your views if you find it helpful.



This post is locked

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login


This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ