Firewall rules: how to get list of allow program through firewall?

Discussion in 'Windows Vista Security' started by Manoj Chanchawat, Symantec Corporation., Oct 18, 2006.

  1. Manoj Chanchawat, Symantec Corporation.

    Manoj Chanchawat, Symantec Corporation. Guest

    Hey all,

    From the given list of all windows firewall, how can we extract the list of
    firewall rules which give me the exceptions (Program & Port allowed through
    firewall). How can we diffrentiate between exception firewall rules and other
    firewall rules.

    Just for information:
    1. the firewall rules can be found out at:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules

    2. the exceptions rules are always have name in form of GUID. for ex:
    {78A1E056-FBC3-42D6-AE0B-22F8E019315E}

    Thanks,
    Regards,
    Manoj
     
    Manoj Chanchawat, Symantec Corporation., Oct 18, 2006
    #1

    1. Advertisements

  2. Manoj Chanchawat, Symantec Corporation.

    Steve Riley [MSFT] Guest

    "Exceptions" is the old XP language that we're trying not to use anymore. The XP firewall had only exceptions, meaning rules that allow programs to listen for incoming connections. The Vista firewall has inbound and outbound rules, which you typically configure this way:
    a.. inbound rules allow programs and ports and users and computers to accept incoming connections
    b.. outbound rules prohibit programs and ports and users and computers from creating outgoing connections
    Because you're asking about exceptions, I assume that you're asking about all inbound rules? In the registry, these would be all rules that include "Action=Allow|Active=TRUE|Dir=In" in the rule text. You could also simply open the MMC, navigate to "Inbound Rules," and export the whole list.

    I have to say this here, of course... while you can see all the rules in the registry, editing them here is untested and unsupported. You should use only the MMC to make rule changes.

    ______________________________________________________
    Steve Riley

    http://blogs.technet.com/steriley
    http://www.protectyourwindowsnetwork.com


    Hey all,

    From the given list of all windows firewall, how can we extract the list of
    firewall rules which give me the exceptions (Program & Port allowed through
    firewall). How can we diffrentiate between exception firewall rules and other
    firewall rules.

    Just for information:
    1. the firewall rules can be found out at:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules

    2. the exceptions rules are always have name in form of GUID. for ex:
    {78A1E056-FBC3-42D6-AE0B-22F8E019315E}

    Thanks,
    Regards,
    Manoj
     
    Steve Riley [MSFT], Oct 18, 2006
    #2

    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.
Similar Threads

  1. how to uninstall a program that is not list under the program list

  2. I need help getting a program through my firewall

  3. Uninstalled Program, but Program Name Remains in Program & Featur

  4. it doesn't allow me to add anymore rules.

  5. How to allow Windows/Office update through a Firewall.

  6. How to get on to the beta program list

  7. how to remove programs/ program groups from Start->Program list?

  8. how to allow more than 32k of exchange rules

Loading...