Öffnen der FirewallOktober 2013
Achtung! Die beschriebenen Aufrufe funktionieren nicht mehr zuverlässig mit aktuelleren InnoSetup-Versionen (so ab Mitte 2023).
Das Installationsprogramm kann wegen eines Speicherzugriffsfehlers ohne Rückmeldung abstürzen.
Besser ist es, das Programm
netsh
zu verwenden um die Firewall-Regeln zu setzen:
procedure SetFirewallException(AppName,FileName:string);
var
ResultCode: Integer;
begin
try begin
// see https://learn.microsoft.com/de-de/troubleshoot/windows-server/networking/netsh-advfirewall-firewall-control-firewall-behavior
Exec('netsh', 'advfirewall firewall add rule name="'+AppName+'" dir=in action=allow program="'+FileName+'" enable=yes', '', SW_HIDE, ewWaitUntilTerminated, ResultCode);
Log(Format('netsh advfirewall result: %d', [ResultCode]));
end;
except
MsgBox('Adding firewall settings failed.'#13#10'Please set firewall settings manually.', mbCriticalError, MB_OK);
end;
end;
procedure RemoveFirewallException( AppName, FileName:string );
var
ResultCode: Integer;
begin
try
begin
// see https://learn.microsoft.com/de-de/troubleshoot/windows-server/networking/netsh-advfirewall-firewall-control-firewall-behavior
Exec('netsh', 'advfirewall firewall delete rule name="'+AppName+'"', '', SW_HIDE, ewWaitUntilTerminated, ResultCode);
Log(Format('netsh advfirewall result: %d', [ResultCode]));
end;
except
MsgBox('Removing firewall settings failed.'#13#10'Please remove firewall settings manually.', mbCriticalError, MB_OK);
end;
end;
Für Windows XP und Windows Vista/Windows 7 werden zwei verschiedene Funktionsaufrufe benötigt, um für ein Program die Firewall zu öffnen. Der Windows XP-Aufruf fügt bei neueren Windows-Versionen die Firewall-Regeln nicht für öffentliche und private Netzwerke zu (sondern nur für eines der Beiden), deshalb ist hier ein anderer Funktionsaufruf nötig.
const
NET_FW_SCOPE_ALL = 0;
NET_FW_IP_VERSION_ANY = 2;
// Add programs to the windows firewall rules
// Code originally from http://news.jrsoftware.org/news/innosetup/msg43799.html
// works for Windows XP
procedure SetFirewallExceptionOld(AppName,FileName:string);
var
FirewallObject: Variant;
FirewallManager: Variant;
FirewallProfile: Variant; // INetFwProfile
begin
try
FirewallObject := CreateOleObject('HNetCfg.FwAuthorizedApplication');
FirewallObject.ProcessImageFileName := FileName;
FirewallObject.Name := AppName;
FirewallObject.Scope := NET_FW_SCOPE_ALL;
FirewallObject.IpVersion := NET_FW_IP_VERSION_ANY;
FirewallObject.Enabled := True;
FirewallManager := CreateOleObject('HNetCfg.FwMgr');
FirewallProfile := FirewallManager.LocalPolicy.CurrentProfile;
FirewallProfile.AuthorizedApplications.Add(FirewallObject);
except
end;
end;
const
NET_FW_PROFILE2_DOMAIN = 1;
NET_FW_PROFILE2_PRIVATE = 2;
NET_FW_PROFILE2_PUBLIC = 4;
NET_FW_IP_PROTOCOL_TCP = 6;
NET_FW_ACTION_ALLOW = 1;
// Add programs to the windows firewall rules
// works for Windows Vista and Windows 7
// from http://forum.lazarus.freepascal.org/index.php?topic=21372.0
procedure SetFirewallExceptionNew(Const Caption, Executable: String);
var
fwPolicy2 : Variant;
RulesObject : Variant;
Profile : Integer;
NewRule : Variant;
begin
Profile := NET_FW_PROFILE2_PRIVATE OR NET_FW_PROFILE2_PUBLIC;
fwPolicy2 := CreateOleObject('HNetCfg.FwPolicy2');
RulesObject := fwPolicy2.Rules;
NewRule := CreateOleObject('HNetCfg.FWRule');
NewRule.Name := Caption;
NewRule.Description := Caption;
NewRule.Applicationname := Executable;
NewRule.Protocol := NET_FW_IP_PROTOCOL_TCP;
NewRule.Enabled := TRUE;
NewRule.Profiles := Profile;
NewRule.Action := NET_FW_ACTION_ALLOW;
RulesObject.Add(NewRule);
end;
procedure SetFirewallException(AppName,FileName:string);
begin
try begin
try
SetFirewallExceptionNew(AppName, FileName);
except
SetFirewallExceptionOld(AppName, FileName);
end;
end;
except
MsgBox('Adding firewall settings failed.'#13#10'Please set firewall settings manually.', mbCriticalError, MB_OK);
end;
end;
// Remove programs from the windows firewall rules
// Code originally from http://news.jrsoftware.org/news/innosetup/msg43799.html
// works for Windows XP
procedure RemoveFirewallExceptionOld( FileName:string );
var
FirewallManager: Variant;
FirewallProfile: Variant;
begin
FirewallManager := CreateOleObject('HNetCfg.FwMgr');
FirewallProfile := FirewallManager.LocalPolicy.CurrentProfile;
FireWallProfile.AuthorizedApplications.Remove(FileName);
end;
// Remove programs from the windows firewall rules
// works for Windows Vista and Windows 7
procedure RemoveFirewallExceptionNew( exCaption:string );
var
fwPolicy2 : Variant;
begin
fwPolicy2 := CreateOleObject('HNetCfg.FwPolicy2');
fwPolicy2.Rules.Remove(exCaption);
end;
procedure RemoveFirewallException( AppName, FileName:string );
begin
try
begin
try
RemoveFirewallExceptionNew(AppName);
except
RemoveFirewallExceptionOld(FileName);
end;
end;
except
MsgBox('Removing firewall settings failed.'#13#10'Please remove firewall settings manually.', mbCriticalError, MB_OK);
end;
end;