Firewall rules: how to get list of allow program through firewall?

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Hey all,

From the given list of all windows firewall, how can we extract the list of
firewall rules which give me the exceptions (Program & Port allowed through
firewall). How can we diffrentiate between exception firewall rules and other
firewall rules.

Just for information:
1. the firewall rules can be found out at:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules

2. the exceptions rules are always have name in form of GUID. for ex:
{78A1E056-FBC3-42D6-AE0B-22F8E019315E}

Thanks,
Regards,
Manoj
 
"Exceptions" is the old XP language that we're trying not to use anymore. The XP firewall had only exceptions, meaning rules that allow programs to listen for incoming connections. The Vista firewall has inbound and outbound rules, which you typically configure this way:
a.. inbound rules allow programs and ports and users and computers to accept incoming connections
b.. outbound rules prohibit programs and ports and users and computers from creating outgoing connections
Because you're asking about exceptions, I assume that you're asking about all inbound rules? In the registry, these would be all rules that include "Action=Allow|Active=TRUE|Dir=In" in the rule text. You could also simply open the MMC, navigate to "Inbound Rules," and export the whole list.

I have to say this here, of course... while you can see all the rules in the registry, editing them here is untested and unsupported. You should use only the MMC to make rule changes.

______________________________________________________
Steve Riley
(e-mail address removed)
http://blogs.technet.com/steriley
http://www.protectyourwindowsnetwork.com


Hey all,

From the given list of all windows firewall, how can we extract the list of
firewall rules which give me the exceptions (Program & Port allowed through
firewall). How can we diffrentiate between exception firewall rules and other
firewall rules.

Just for information:
1. the firewall rules can be found out at:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules

2. the exceptions rules are always have name in form of GUID. for ex:
{78A1E056-FBC3-42D6-AE0B-22F8E019315E}

Thanks,
Regards,
Manoj
 
Back
Top