diff --git a/src/ext/Firewall/test/WixToolsetTest.Firewall/FirewallExtensionFixture.cs b/src/ext/Firewall/test/WixToolsetTest.Firewall/FirewallExtensionFixture.cs
index 06a877f6a..1b5bedb69 100644
--- a/src/ext/Firewall/test/WixToolsetTest.Firewall/FirewallExtensionFixture.cs
+++ b/src/ext/Firewall/test/WixToolsetTest.Firewall/FirewallExtensionFixture.cs
@@ -28,7 +28,11 @@ public void CanBuildUsingFirewall()
"CustomAction:Wix4SchedFirewallExceptionsInstall_X86\t1\tWix4FWCA_X86\tSchedFirewallExceptionsInstall\t",
"CustomAction:Wix4SchedFirewallExceptionsUninstall_X86\t1\tWix4FWCA_X86\tSchedFirewallExceptionsUninstall\t",
"Wix4FirewallException:ExampleFirewall\tExampleApp\t*\t42\t6\t[#filNdJBJmq3UCUIwmXS8x21aAsvqzk]\t0\t2147483647\tfilNdJBJmq3UCUIwmXS8x21aAsvqzk\tAn app-based firewall exception\t1",
+ "Wix4FirewallException:fex_ZpDsnKyHlYiA24JHzvFxm3uLZ8\tExampleDefaultGatewayScope\tDefaultGateway\t4432\t6\t\t0\t2\tfilNdJBJmq3UCUIwmXS8x21aAsvqzk\tdefaultGateway scope firewall exception\t1",
+ "Wix4FirewallException:fex6bkfWwpiRGI.wVFx0T7W4LXIHxU\tExampleDHCPScope\tdhcp\t\t211\ttest.exe\t0\t4\tfilNdJBJmq3UCUIwmXS8x21aAsvqzk\tDHCP scope firewall exception\t1",
"Wix4FirewallException:fex70IVsYNnbwiHQrEepmdTPKH8XYs\tExamplePort\tLocalSubnet\t42\t6\t\t0\t2147483647\tfilNdJBJmq3UCUIwmXS8x21aAsvqzk\tA port-based firewall exception\t2",
+ "Wix4FirewallException:fexXxaXCXXFh.UxO_BjmZxi1B1du_Q\tExampleWINSScope\twins\t6573\t6\t\t0\t1\tfilNdJBJmq3UCUIwmXS8x21aAsvqzk\tWINS scope firewall exception\t1",
+ "Wix4FirewallException:fexxY71H2ZBkPalv7uid1Yy4qaA_lA\tExampleDNSScope\tdns\t356\t17\t\t0\t2147483647\tfilNdJBJmq3UCUIwmXS8x21aAsvqzk\tDNS scope firewall exception\t1",
}, results);
}
@@ -48,7 +52,11 @@ public void CanBuildUsingFirewallARM64()
"CustomAction:Wix4SchedFirewallExceptionsInstall_A64\t1\tWix4FWCA_A64\tSchedFirewallExceptionsInstall\t",
"CustomAction:Wix4SchedFirewallExceptionsUninstall_A64\t1\tWix4FWCA_A64\tSchedFirewallExceptionsUninstall\t",
"Wix4FirewallException:ExampleFirewall\tExampleApp\t*\t42\t6\t[#filNdJBJmq3UCUIwmXS8x21aAsvqzk]\t0\t2147483647\tfilNdJBJmq3UCUIwmXS8x21aAsvqzk\tAn app-based firewall exception\t1",
+ "Wix4FirewallException:fex_ZpDsnKyHlYiA24JHzvFxm3uLZ8\tExampleDefaultGatewayScope\tDefaultGateway\t4432\t6\t\t0\t2\tfilNdJBJmq3UCUIwmXS8x21aAsvqzk\tdefaultGateway scope firewall exception\t1",
+ "Wix4FirewallException:fex6bkfWwpiRGI.wVFx0T7W4LXIHxU\tExampleDHCPScope\tdhcp\t\t211\ttest.exe\t0\t4\tfilNdJBJmq3UCUIwmXS8x21aAsvqzk\tDHCP scope firewall exception\t1",
"Wix4FirewallException:fex70IVsYNnbwiHQrEepmdTPKH8XYs\tExamplePort\tLocalSubnet\t42\t6\t\t0\t2147483647\tfilNdJBJmq3UCUIwmXS8x21aAsvqzk\tA port-based firewall exception\t2",
+ "Wix4FirewallException:fexXxaXCXXFh.UxO_BjmZxi1B1du_Q\tExampleWINSScope\twins\t6573\t6\t\t0\t1\tfilNdJBJmq3UCUIwmXS8x21aAsvqzk\tWINS scope firewall exception\t1",
+ "Wix4FirewallException:fexxY71H2ZBkPalv7uid1Yy4qaA_lA\tExampleDNSScope\tdns\t356\t17\t\t0\t2147483647\tfilNdJBJmq3UCUIwmXS8x21aAsvqzk\tDNS scope firewall exception\t1",
}, results);
}
@@ -71,8 +79,17 @@ public void CanRoundtripFirewallExceptions()
{
"FirewallException",
"FirewallException",
+ "FirewallException",
+ "FirewallException",
+ "FirewallException",
+ "FirewallException",
}, actual.Select(a => a.Name).ToArray());
+ }
+ [Fact]
+ public void RoundtripAttributesAreCorrectForApp()
+ {
+ var actual = BuildAndDecompileAndBuild("http://wixtoolset.org/schemas/v4/wxs/firewall", "ExampleApp");
WixAssert.CompareLineByLine(new[]
{
"Id=ExampleFirewall",
@@ -85,8 +102,13 @@ public void CanRoundtripFirewallExceptions()
"Description=An app-based firewall exception",
"Outbound=no",
"xmlns=http://wixtoolset.org/schemas/v4/wxs/firewall",
- }, actual[0].Attributes);
+ }, actual.Attributes);
+ }
+ [Fact]
+ public void RoundtripAttributesAreCorrectForPort()
+ {
+ var actual = BuildAndDecompileAndBuild("http://wixtoolset.org/schemas/v4/wxs/firewall", "ExamplePort");
WixAssert.CompareLineByLine(new[]
{
"Id=fex70IVsYNnbwiHQrEepmdTPKH8XYs",
@@ -98,7 +120,79 @@ public void CanRoundtripFirewallExceptions()
"Description=A port-based firewall exception",
"Outbound=yes",
"xmlns=http://wixtoolset.org/schemas/v4/wxs/firewall",
- }, actual[1].Attributes);
+ }, actual.Attributes);
+ }
+
+ [Fact]
+ public void RoundtripAttributesAreCorrectForDNSScope()
+ {
+ var actual = BuildAndDecompileAndBuild("http://wixtoolset.org/schemas/v4/wxs/firewall", "ExampleDNSScope");
+ WixAssert.CompareLineByLine(new[]
+ {
+ "Id=fexxY71H2ZBkPalv7uid1Yy4qaA_lA",
+ "Name=ExampleDNSScope",
+ "Scope=DNS",
+ "Port=356",
+ "Protocol=udp",
+ "Profile=all",
+ "Description=DNS scope firewall exception",
+ "Outbound=no",
+ "xmlns=http://wixtoolset.org/schemas/v4/wxs/firewall",
+ }, actual.Attributes);
+ }
+
+ [Fact]
+ public void RoundtripAttributesAreCorrectForDHCPScope()
+ {
+ var actual = BuildAndDecompileAndBuild("http://wixtoolset.org/schemas/v4/wxs/firewall", "ExampleDHCPScope");
+ WixAssert.CompareLineByLine(new[]
+ {
+ "Id=fex6bkfWwpiRGI.wVFx0T7W4LXIHxU",
+ "Name=ExampleDHCPScope",
+ "Scope=DHCP",
+ "Protocol=211",
+ "Program=test.exe",
+ "Profile=public",
+ "Description=DHCP scope firewall exception",
+ "Outbound=no",
+ "xmlns=http://wixtoolset.org/schemas/v4/wxs/firewall"
+ }, actual.Attributes);
+ }
+
+ [Fact]
+ public void RoundtripAttributesAreCorrectForWINSScope()
+ {
+ var actual = BuildAndDecompileAndBuild("http://wixtoolset.org/schemas/v4/wxs/firewall", "ExampleWINSScope");
+ WixAssert.CompareLineByLine(new[]
+ {
+ "Id=fexXxaXCXXFh.UxO_BjmZxi1B1du_Q",
+ "Name=ExampleWINSScope",
+ "Scope=WINS",
+ "Port=6573",
+ "Protocol=tcp",
+ "Profile=domain",
+ "Description=WINS scope firewall exception",
+ "Outbound=no",
+ "xmlns=http://wixtoolset.org/schemas/v4/wxs/firewall",
+ }, actual.Attributes);
+ }
+
+ [Fact]
+ public void RoundtripAttributesAreCorrectForDefaultGatewayScope()
+ {
+ var actual = BuildAndDecompileAndBuild("http://wixtoolset.org/schemas/v4/wxs/firewall", "ExampleDefaultGatewayScope");
+ WixAssert.CompareLineByLine(new[]
+ {
+ "Id=fex_ZpDsnKyHlYiA24JHzvFxm3uLZ8",
+ "Name=ExampleDefaultGatewayScope",
+ "Scope=defaultGateway",
+ "Port=4432",
+ "Protocol=tcp",
+ "Profile=private",
+ "Description=defaultGateway scope firewall exception",
+ "Outbound=no",
+ "xmlns=http://wixtoolset.org/schemas/v4/wxs/firewall",
+ }, actual.Attributes);
}
private static void Build(string[] args)
@@ -122,5 +216,31 @@ private static void Decompile(string[] args)
var result = WixRunner.Execute(args);
result.AssertSuccess();
}
+ class AttributeVerifier
+ {
+ public string Name { get; set; }
+ public string[] Attributes { get; set; }
+ }
+
+ private static AttributeVerifier BuildAndDecompileAndBuild(string nameSpace, string ruleName)
+ {
+ var folder = TestData.Get(@"TestData", "UsingFirewall");
+ var build = new Builder(folder, typeof(FirewallExtensionFactory), new[] { folder });
+ var output = Path.Combine(folder, $"Firewall{ruleName}.xml");
+
+ build.BuildAndDecompileAndBuild(Build, Decompile, output);
+
+ var doc = XDocument.Load(output);
+ var actual = doc.Descendants()
+ .Where(e => e.Name.Namespace == nameSpace)
+ .Select(fe => new AttributeVerifier
+ {
+ Name = fe.Attributes().Single(a => a.Name.LocalName == "Name").Value,
+ Attributes = fe.Attributes().Select(a => $"{a.Name.LocalName}={a.Value}").ToArray()
+ })
+ .Single(av => av.Name == ruleName);
+
+ return actual;
+ }
}
}
diff --git a/src/ext/Firewall/test/WixToolsetTest.Firewall/TestData/UsingFirewall/PackageComponents.wxs b/src/ext/Firewall/test/WixToolsetTest.Firewall/TestData/UsingFirewall/PackageComponents.wxs
index c712d8959..957aa6427 100644
--- a/src/ext/Firewall/test/WixToolsetTest.Firewall/TestData/UsingFirewall/PackageComponents.wxs
+++ b/src/ext/Firewall/test/WixToolsetTest.Firewall/TestData/UsingFirewall/PackageComponents.wxs
@@ -12,6 +12,10 @@
+
+
+
+
diff --git a/src/ext/Firewall/wixext/FirewallCompiler.cs b/src/ext/Firewall/wixext/FirewallCompiler.cs
index 19ee0b6dc..0264262d5 100644
--- a/src/ext/Firewall/wixext/FirewallCompiler.cs
+++ b/src/ext/Firewall/wixext/FirewallCompiler.cs
@@ -135,7 +135,12 @@ private void ParseFirewallExceptionElement(Intermediate intermediate, Intermedia
protocol = FirewallConstants.NET_FW_IP_PROTOCOL_UDP;
break;
default:
- this.Messaging.Write(ErrorMessages.IllegalAttributeValue(sourceLineNumbers, element.Name.LocalName, "Protocol", protocolValue, "tcp", "udp"));
+ int parsedProtocol;
+ if (!Int32.TryParse(protocolValue, out parsedProtocol) || parsedProtocol > 255 || parsedProtocol < 0)
+ {
+ this.Messaging.Write(ErrorMessages.IllegalAttributeValue(sourceLineNumbers, element.Name.LocalName, "Protocol", protocolValue, "tcp", "udp", "0-255"));
+ }
+ protocol = parsedProtocol;
break;
}
break;
@@ -149,8 +154,20 @@ private void ParseFirewallExceptionElement(Intermediate intermediate, Intermedia
case "localSubnet":
remoteAddresses = "LocalSubnet";
break;
+ case "DNS":
+ remoteAddresses = "dns";
+ break;
+ case "DHCP":
+ remoteAddresses = "dhcp";
+ break;
+ case "WINS":
+ remoteAddresses = "wins";
+ break;
+ case "defaultGateway":
+ remoteAddresses = "DefaultGateway";
+ break;
default:
- this.Messaging.Write(ErrorMessages.IllegalAttributeValue(sourceLineNumbers, element.Name.LocalName, "Scope", scope, "any", "localSubnet"));
+ this.Messaging.Write(ErrorMessages.IllegalAttributeValue(sourceLineNumbers, element.Name.LocalName, "Scope", scope, "any", "localSubnet", "DNS", "DHCP", "WINS", "defaultGateway"));
break;
}
break;
@@ -251,6 +268,21 @@ private void ParseFirewallExceptionElement(Intermediate intermediate, Intermedia
this.Messaging.Write(FirewallErrors.NoExceptionSpecified(sourceLineNumbers));
}
+ // Ports can only be specified if the protocol is TCP or UDP.
+ if (!String.IsNullOrEmpty(port) && protocol.HasValue)
+ {
+ switch(protocol.Value)
+ {
+ case FirewallConstants.NET_FW_IP_PROTOCOL_TCP:
+ case FirewallConstants.NET_FW_IP_PROTOCOL_UDP:
+ break;
+
+ default:
+ this.Messaging.Write(ErrorMessages.IllegalAttributeWithOtherAttribute(sourceLineNumbers, element.Name.LocalName, "Port", "Protocol", protocol.Value.ToString()));
+ break;
+ }
+ }
+
if (!this.Messaging.EncounteredError)
{
// at this point, File attribute and File parent element are treated the same
diff --git a/src/ext/Firewall/wixext/FirewallDecompiler.cs b/src/ext/Firewall/wixext/FirewallDecompiler.cs
index 69f2c3f4d..559aa9609 100644
--- a/src/ext/Firewall/wixext/FirewallDecompiler.cs
+++ b/src/ext/Firewall/wixext/FirewallDecompiler.cs
@@ -69,18 +69,29 @@ private void DecompileWixFirewallExceptionTable(Table table)
string[] addresses = ((string)row[2]).Split(',');
if (addresses.Length == 1)
{
- // special-case the Scope attribute values
- if (addresses[0] == "*")
+ switch(addresses[0])
{
- firewallException.Add(new XAttribute("Scope", "any"));
- }
- else if (addresses[0] == "LocalSubnet")
- {
- firewallException.Add(new XAttribute("Scope", "localSubnet"));
- }
- else
- {
- FirewallDecompiler.AddRemoteAddress(firewallException, addresses[0]);
+ case "*":
+ firewallException.Add(new XAttribute("Scope", "any"));
+ break;
+ case "LocalSubnet":
+ firewallException.Add(new XAttribute("Scope", "localSubnet"));
+ break;
+ case "dns":
+ firewallException.Add(new XAttribute("Scope", "DNS"));
+ break;
+ case "dhcp":
+ firewallException.Add(new XAttribute("Scope", "DHCP"));
+ break;
+ case "wins":
+ firewallException.Add(new XAttribute("Scope", "WINS"));
+ break;
+ case "DefaultGateway":
+ firewallException.Add(new XAttribute("Scope", "defaultGateway"));
+ break;
+ default:
+ FirewallDecompiler.AddRemoteAddress(firewallException, addresses[0]);
+ break;
}
}
else
@@ -107,6 +118,9 @@ private void DecompileWixFirewallExceptionTable(Table table)
case FirewallConstants.NET_FW_IP_PROTOCOL_UDP:
firewallException.Add(new XAttribute("Protocol", "udp"));
break;
+ default:
+ firewallException.Add(new XAttribute("Protocol", row[4]));
+ break;
}
}
diff --git a/src/ext/Firewall/wixext/FirewallTableDefinitions.cs b/src/ext/Firewall/wixext/FirewallTableDefinitions.cs
index 04918f5f0..f23b2807e 100644
--- a/src/ext/Firewall/wixext/FirewallTableDefinitions.cs
+++ b/src/ext/Firewall/wixext/FirewallTableDefinitions.cs
@@ -15,7 +15,7 @@ public static class FirewallTableDefinitions
new ColumnDefinition("Name", ColumnType.Localized, 255, primaryKey: false, nullable: true, ColumnCategory.Formatted, description: "Localizable display name.", modularizeType: ColumnModularizeType.Property),
new ColumnDefinition("RemoteAddresses", ColumnType.String, 0, primaryKey: false, nullable: false, ColumnCategory.Formatted, description: "Remote address to accept incoming connections from.", modularizeType: ColumnModularizeType.Property),
new ColumnDefinition("Port", ColumnType.String, 0, primaryKey: false, nullable: true, ColumnCategory.Formatted, minValue: 1, description: "Port number.", modularizeType: ColumnModularizeType.Property),
- new ColumnDefinition("Protocol", ColumnType.Number, 1, primaryKey: false, nullable: true, ColumnCategory.Integer, minValue: 6, maxValue: 17, description: "Protocol (6=TCP; 17=UDP)."),
+ new ColumnDefinition("Protocol", ColumnType.Number, 1, primaryKey: false, nullable: true, ColumnCategory.Integer, minValue: 0, maxValue: 255, description: "Protocol (6=TCP; 17=UDP). https://www.iana.org/assignments/protocol-numbers"),
new ColumnDefinition("Program", ColumnType.String, 255, primaryKey: false, nullable: true, ColumnCategory.Formatted, description: "Exception for a program (formatted path name).", modularizeType: ColumnModularizeType.Property),
new ColumnDefinition("Attributes", ColumnType.Number, 4, primaryKey: false, nullable: true, ColumnCategory.Unknown, description: "Vital=1"),
new ColumnDefinition("Profile", ColumnType.Number, 4, primaryKey: false, nullable: false, ColumnCategory.Integer, minValue: 1, maxValue: 2147483647, description: "Profile (1=domain; 2=private; 4=public; 2147483647=all)."),
diff --git a/src/test/msi/TestData/FirewallExtensionTests/ProtocolRules/ProtocolRules.wixproj b/src/test/msi/TestData/FirewallExtensionTests/ProtocolRules/ProtocolRules.wixproj
new file mode 100644
index 000000000..b1770b0f4
--- /dev/null
+++ b/src/test/msi/TestData/FirewallExtensionTests/ProtocolRules/ProtocolRules.wixproj
@@ -0,0 +1,13 @@
+
+
+
+ {4D188568-1CCF-4EEE-BC27-17C3DCC83E58}
+ true
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/src/test/msi/TestData/FirewallExtensionTests/ProtocolRules/product.wxs b/src/test/msi/TestData/FirewallExtensionTests/ProtocolRules/product.wxs
new file mode 100644
index 000000000..6a28ad0ae
--- /dev/null
+++ b/src/test/msi/TestData/FirewallExtensionTests/ProtocolRules/product.wxs
@@ -0,0 +1,23 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/src/test/msi/TestData/FirewallExtensionTests/ScopeRules/ScopeRules.wixproj b/src/test/msi/TestData/FirewallExtensionTests/ScopeRules/ScopeRules.wixproj
new file mode 100644
index 000000000..b1770b0f4
--- /dev/null
+++ b/src/test/msi/TestData/FirewallExtensionTests/ScopeRules/ScopeRules.wixproj
@@ -0,0 +1,13 @@
+
+
+
+ {4D188568-1CCF-4EEE-BC27-17C3DCC83E58}
+ true
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/src/test/msi/TestData/FirewallExtensionTests/ScopeRules/product.wxs b/src/test/msi/TestData/FirewallExtensionTests/ScopeRules/product.wxs
new file mode 100644
index 000000000..776c86750
--- /dev/null
+++ b/src/test/msi/TestData/FirewallExtensionTests/ScopeRules/product.wxs
@@ -0,0 +1,33 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/src/test/msi/WixToolsetTest.MsiE2E/FirewallExtensionTests.cs b/src/test/msi/WixToolsetTest.MsiE2E/FirewallExtensionTests.cs
index 4106cd724..ce55aa142 100644
--- a/src/test/msi/WixToolsetTest.MsiE2E/FirewallExtensionTests.cs
+++ b/src/test/msi/WixToolsetTest.MsiE2E/FirewallExtensionTests.cs
@@ -315,5 +315,222 @@ public void SucceedWhenIgnoreOnFailureIsSet()
var log2 = product.UninstallProduct(MSIExec.MSIExecReturnCode.SUCCESS, "NORULENAME=1");
Assert.True(LogVerifier.MessageInLogFile(log2, "failed to remove firewall rule"));
}
+
+ [RuntimeFact]
+ public void VarietyOfProtocolValuesCanBeUsed()
+ {
+ var product = this.CreatePackageInstaller("ProtocolRules");
+ product.InstallProduct(MSIExec.MSIExecReturnCode.SUCCESS);
+
+ var expected1 = new RuleDetails("WiXToolset401 Test - 0009")
+ {
+ Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW,
+ Description = "WiX Toolset firewall exception rule integration test - protocol TCP",
+ Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN,
+ EdgeTraversal = false,
+ EdgeTraversalOptions = 0,
+ Enabled = true,
+ InterfaceTypes = "All",
+ LocalAddresses = "*",
+ Profiles = Int32.MaxValue,
+ Protocol = 6,
+ RemoteAddresses = "*",
+ SecureFlags = 0,
+ LocalPorts = "900",
+ RemotePorts = "*",
+ };
+
+ Verifier.VerifyFirewallRule("WiXToolset401 Test - 0009", expected1);
+
+
+ var expected2 = new RuleDetails("WiXToolset401 Test - 0010")
+ {
+ Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW,
+ Description = "WiX Toolset firewall exception rule integration test - protocol UDP",
+ Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN,
+ EdgeTraversal = false,
+ EdgeTraversalOptions = 0,
+ Enabled = true,
+ InterfaceTypes = "All",
+ LocalAddresses = "*",
+ Profiles = Int32.MaxValue,
+ Protocol = 17,
+ RemoteAddresses = "*",
+ SecureFlags = 0,
+ LocalPorts = "1000",
+ RemotePorts = "*",
+ };
+
+ Verifier.VerifyFirewallRule("WiXToolset401 Test - 0010", expected2);
+
+
+ var expected3 = new RuleDetails("WiXToolset401 Test - 0011")
+ {
+ Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW,
+ ApplicationName = "test.exe",
+ Description = "WiX Toolset firewall exception rule integration test - ports can only be specified if protocol is TCP or UDP",
+ Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN,
+ EdgeTraversal = true,
+ EdgeTraversalOptions = 1,
+ Enabled = true,
+ InterfaceTypes = "All",
+ LocalAddresses = "*",
+ Profiles = Int32.MaxValue,
+ Protocol = 134,
+ RemoteAddresses = "*",
+ SecureFlags = 0,
+ };
+
+ Verifier.VerifyFirewallRule("WiXToolset401 Test - 0011", expected3);
+
+ product.UninstallProduct(MSIExec.MSIExecReturnCode.SUCCESS);
+
+ // verify the firewall exceptions have been removed.
+ Assert.False(Verifier.FirewallRuleExists("WiXToolset401 Test - 0009"));
+ Assert.False(Verifier.FirewallRuleExists("WiXToolset401 Test - 0010"));
+ Assert.False(Verifier.FirewallRuleExists("WiXToolset401 Test - 0011"));
+ }
+
+ [RuntimeFact]
+ public void FullSetOfScopeValuesCanBeUsed()
+ {
+ var product = this.CreatePackageInstaller("ScopeRules");
+ product.InstallProduct(MSIExec.MSIExecReturnCode.SUCCESS);
+
+ var expected1 = new RuleDetails("WiXToolset401 Test - 0012")
+ {
+ Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW,
+ Description = "WiX Toolset firewall exception rule integration test - scope any",
+ Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN,
+ EdgeTraversal = false,
+ EdgeTraversalOptions = 0,
+ Enabled = true,
+ InterfaceTypes = "All",
+ LocalAddresses = "*",
+ Profiles = Int32.MaxValue,
+ Protocol = 6,
+ RemoteAddresses = "*",
+ SecureFlags = 0,
+ LocalPorts = "1200",
+ RemotePorts = "*",
+ };
+
+ Verifier.VerifyFirewallRule("WiXToolset401 Test - 0012", expected1);
+
+
+ var expected2 = new RuleDetails("WiXToolset401 Test - 0013")
+ {
+ Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW,
+ Description = "WiX Toolset firewall exception rule integration test - scope local subnet",
+ Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN,
+ EdgeTraversal = false,
+ EdgeTraversalOptions = 0,
+ Enabled = true,
+ InterfaceTypes = "All",
+ LocalAddresses = "*",
+ Profiles = Int32.MaxValue,
+ Protocol = 6,
+ RemoteAddresses = "LocalSubnet",
+ SecureFlags = 0,
+ LocalPorts = "1300",
+ RemotePorts = "*",
+ };
+
+ Verifier.VerifyFirewallRule("WiXToolset401 Test - 0013", expected2);
+
+
+ var expected3 = new RuleDetails("WiXToolset401 Test - 0014")
+ {
+ Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW,
+ Description = "WiX Toolset firewall exception rule integration test - scope DNS",
+ Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN,
+ EdgeTraversal = false,
+ EdgeTraversalOptions = 0,
+ Enabled = true,
+ InterfaceTypes = "All",
+ LocalAddresses = "*",
+ Profiles = Int32.MaxValue,
+ Protocol = 6,
+ RemoteAddresses = "DNS",
+ SecureFlags = 0,
+ LocalPorts = "1400",
+ RemotePorts = "*",
+ };
+
+ Verifier.VerifyFirewallRule("WiXToolset401 Test - 0014", expected3);
+
+
+ var expected4 = new RuleDetails("WiXToolset401 Test - 0015")
+ {
+ Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW,
+ Description = "WiX Toolset firewall exception rule integration test - scope DHCP",
+ Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN,
+ EdgeTraversal = false,
+ EdgeTraversalOptions = 0,
+ Enabled = true,
+ InterfaceTypes = "All",
+ LocalAddresses = "*",
+ Profiles = Int32.MaxValue,
+ Protocol = 6,
+ RemoteAddresses = "DHCP",
+ SecureFlags = 0,
+ LocalPorts = "1500",
+ RemotePorts = "*",
+ };
+
+ Verifier.VerifyFirewallRule("WiXToolset401 Test - 0015", expected4);
+
+
+ var expected5 = new RuleDetails("WiXToolset401 Test - 0016")
+ {
+ Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW,
+ Description = "WiX Toolset firewall exception rule integration test - scope WINS",
+ Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN,
+ EdgeTraversal = false,
+ EdgeTraversalOptions = 0,
+ Enabled = true,
+ InterfaceTypes = "All",
+ LocalAddresses = "*",
+ Profiles = Int32.MaxValue,
+ Protocol = 6,
+ RemoteAddresses = "WINS",
+ SecureFlags = 0,
+ LocalPorts = "1600",
+ RemotePorts = "*",
+ };
+
+ Verifier.VerifyFirewallRule("WiXToolset401 Test - 0016", expected5);
+
+
+ var expected6 = new RuleDetails("WiXToolset401 Test - 0017")
+ {
+ Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW,
+ Description = "WiX Toolset firewall exception rule integration test - scope default gateway",
+ Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN,
+ EdgeTraversal = false,
+ EdgeTraversalOptions = 0,
+ Enabled = true,
+ InterfaceTypes = "All",
+ LocalAddresses = "*",
+ Profiles = Int32.MaxValue,
+ Protocol = 6,
+ RemoteAddresses = "DefaultGateway",
+ SecureFlags = 0,
+ LocalPorts = "1700",
+ RemotePorts = "*",
+ };
+
+ Verifier.VerifyFirewallRule("WiXToolset401 Test - 0017", expected6);
+
+ product.UninstallProduct(MSIExec.MSIExecReturnCode.SUCCESS);
+
+ // verify the firewall exceptions have been removed.
+ Assert.False(Verifier.FirewallRuleExists("WiXToolset401 Test - 0012"));
+ Assert.False(Verifier.FirewallRuleExists("WiXToolset401 Test - 0013"));
+ Assert.False(Verifier.FirewallRuleExists("WiXToolset401 Test - 0014"));
+ Assert.False(Verifier.FirewallRuleExists("WiXToolset401 Test - 0015"));
+ Assert.False(Verifier.FirewallRuleExists("WiXToolset401 Test - 0016"));
+ Assert.False(Verifier.FirewallRuleExists("WiXToolset401 Test - 0017"));
+ }
}
}