NsisFirewall plug-in: Difference between revisions
From NSIS Wiki
Jump to navigationJump to search
No edit summary |
No edit summary |
||
| Line 45: | Line 45: | ||
>0: this should never be returned (positive HRESULTs are success codes) | >0: this should never be returned (positive HRESULTs are success codes) | ||
</pre> | </pre> | ||
Common HRESULT values: | |||
0x800706D9 - The firewall is not running, the exact error is "There are no more endpoints available from the endpoint mapper." | |||
== Download == | == Download == | ||
Latest revision as of 15:36, 1 December 2009
| Author: Wizou (talk, contrib) |
Links
nsisFirewall Plugin Homepage - Version 1.1
Presentation
nsisFirewall is a small NSIS plugin that allows you to perform easily 2 tasks :
- Add an application to Windows Firewall exception list
- Remove an application from Windows Firewall exception list
There exist already 2 NSIS plugins that deal with Windows built-in Firewall :
- A big one providing a lot of functionalities : Most of them you will probably never use
- A small one that can only disable/enable the firewall globally : This is a completely insecure idea !!! (nsisFirewall is even smaller than this one)
But what most installers requires is only a simple way to ensure the application about to be installed will be able to access Internet. And in particular :
- You don't want to wonder if this version of Windows has a built-in Firewall : nsisFirewall can be used on all version of Windows and will report gracefully if the action could not be performed
- You don't want to wonder if the built-in Firewall is currently enabled or not : Just register your application. So if the Firewall gets activated, you can still access Internet
- You don't want to disable the Firewall globally, even temporarily : This is insecure ! Do you think the user would be happy with that ?
- You don't need to open a specific port : By registering your application, you give it already full right to access Internet and listen to incoming connection
So here comes nsisFirewall
Usage
The following is taken from the readme file in the downloadable zip file:
nsisFirewall::AddAuthorizedApplication "<application path>" "<rule name>" nsisFirewall::RemoveAuthorizedApplication "<application path>" <application path> is the full path to the application you want to be authorized to access the network (or accept incoming connections) <rule name> is the title that will be given to this exception entry in the firewall control panel list Return Value ------------ Those 2 functions returns an integer status on the top of the stack Possible status are: 0: Action was performed successfully <0: An error occured (the value is an HRESULT error code, see MSDN for information) >0: this should never be returned (positive HRESULTs are success codes)
Common HRESULT values: 0x800706D9 - The firewall is not running, the exact error is "There are no more endpoints available from the endpoint mapper."
Download
ZIP archive contains the plug-in DLL as well as documentation, source code and sample script
