Add Firewall Exception(Port) [UDP] "1434" -- Friendly Name: "Eddie Port
test"


Add Firewall Exception - Add Port to the windows exception list is not
working in win 8. The port number is put in the program field.

It works fine in win 7.


Eddie Sizemore

Eddie,

> Add Firewall Exception(Port) [UDP] "1434" -- Friendly Name: "Eddie Port
> test"
>
> Add Firewall Exception - Add Port to the windows exception list is not
> working in win 8. The port number is put in the program field.
>
> It works fine in win 7.

Hmmm, that's strange. I'll check this, thank you.

Friedrich

Eddie,

Fixed, thank you.

---
FIX : [SB#3-12101] The "Add Port to the Windows Exception List"
Firewall Exception option did not work as expected on Windows
8.x.
---

--
Friedrich Linder
Lindersoft
www.lindersoft.com
+1.954.252.3910

--Helping You Build Better Installations
--SetupBuilder "point. click. ship"
--Create Windows 8 ready installations in minutes
--Official COMODO Code Signing and SSL Certificate Partner

Friedrich,

Win 8 looks ok in the new release. However, Win 7 is not working. When
I add a port no error is returned but it does not get added.


Eddie Sizemore

Eddie,

> Win 8 looks ok in the new release. However, Win 7 is not working.
> When I add a port no error is returned but it does not get added.

Hmmm, I think we did not touch the component for Win7, only for Win8. I'll
check this...

Friedrich

Eddie

> Win 8 looks ok in the new release. However, Win 7 is not working.
> When I add a port no error is returned but it does not get added.

We compared the source code trees and we did not change anything in the Win7
Firewall component.

I compiled your "FireWallTest.sb8" project with SetupBuilder 8.1 and tested
it on three different Windows 7 (x64) operating systems. It always worked
fine here (see attached screenshot).

Friedrich

I have tested it on three Windows 7 and two Windows 8.1 machines now. Your
compiled demo project works fine here. See attached Win7 and Win81
screenshots.

Friedrich

Friedrich,

We have tried it on 5 win 7 computers and it fails on all. The function
does not return any errors and the port never shows in the list.

Looks like it will add a TCP port but not a UDP in Win 7. Change the
test to UDP and try it.



Thanks

Eddie Sizemore

Eddie,

> We have tried it on 5 win 7 computers and it fails on all. The function
> does not return any errors and the port never shows in the list.
>
> Looks like it will add a TCP port but not a UDP in Win 7. Change the
> test to UDP and try it.

Works fine here :-( See attached screenshot.

I have uploaded my original test executable:

http://www.lindersoft.com/projects/FireWallTest.zip

Does this test exe also fails on your Win7 machine?

Friedrich

Tested on three Win7 x64 machines...

Friedrich

Thanks for checking I will see if I can get it working here.

Eddie

Eddie,

>
> Thanks for checking I will see if I can get it working here.
>

Does my demo executable work on your machine? If it does not work on your
Win7 machine(s), would it be possible for you to compile your
"FireWallTest.sb8" and send the resulting .exe to support [at] lindersoft
[dot] com? We are ready to release the maintenance build and I would like
to get this issue resolved.

Thanks,
Friedrich

Friedrich

In win 8.1 each time I run your install or mine I get a new entry in the
firewall list.

In win 7 SB will only allow one entry per port. If that port is already
in the list no error is returned and the new entry is not added. Your
install or mine will work if the port is not in the list.

Also in the current version of SB8 the Advanced Security checks are not
working in win 7. If I have all 3 checked only the private is set in
the win 7 firewall. They work fine in win 8.1.



Thanks,

Eddie Sizemore

Eddie,

Thank you for your time.

I think we know what causes this. On Vista and Windows 7, the installer
still called the "old" XP firewall APIs instead of the firewall APIs with
advanced security features. Only an installer running on Windows 8.0 and
Windows 8.1 called the advanced firewall APIs.

Many thanks for your detailed bug report!

Friedrich

Fixed! Thanks again!

---
FIX : [SB#3-10292] Installer: On Vista and Windows 7, the "Add/Delete
Firewall Exception..." script function called the Windows XP
firewall APIs instead of the new firewall APIs with advanced
security features.
---

Friedrich

Friedrich,

It appears that firewall rules added for a specific program do not set the port attributes correctly. I tested this in both Windows 7 and Server 2012, and it's happening at client sites as well (Server 2012).

SetupBuilder Developer Version 8.1.4227 (script from SB7) has the following configuration:



Which configures the rule to allow only TCP port 0 (which is invalid):



I believe it should instead select “All Ports”. I could see where it would also be helpful to have the ability to specify ports when adding a program, so maybe the answer is to add additional firewall settings options in SetupBuilder?

Regards,
Flint G

Flint,

I agree. It should be set to "All Ports" here. The strange thing is that
the Firewall component programmatically set it to this value. Hmmm... We
have to debug the process to find out what the problem might be.

Friedrich

Friedrich,

And actually, it should really be "Any" protocol, which would default
the port to "All Ports". I just happened to run into this at another client
this morning.

Regards,
Flint G.

Flint,

> And actually, it should really be "Any" protocol, which would default the
> port to "All Ports". I just happened to run into this at another
> client this morning.

We can reproduce this consistently, but we don't have a clue what causes
this issue. Item in review.

Friedrich

Friedrich,

Hope you had a good Christmas! Any updates on this issue? We've got a huge
surge of users that will be upgrading with these installs, and it's going to
cause problems for most of them.

Regards,
Flint G.

Flint,

> Hope you had a good Christmas! Any updates on this issue? We've got a
> huge surge of users that will be upgrading with these installs, and it's
> going to cause problems for most of them.

We still have a ticket open with Microsoft. No solution or workaround
available yet (most M$ development guys are on holiday leave). The
component code is correct but the compiled MS library does not work as
expected.

Friedrich

Ticket still open...

Friedrich

Is there a link to the issue so I can watch it? Or do you need a special
login to view these tickets?

Regards,
Flint G.

Flint,

> Is there a link to the issue so I can watch it? Or do you need a special
> login to view these tickets?

It's via our Microsoft Support Program (no public link available). Ticket
is still open and no workaround provided yet. Last contact was on Monday.

Friedrich

Flint,

We are working on a possible solution / work-around for this issue...

Friedrich

Flint,

Could you please forward your email address to our support [at] lindersoft
[dot] com. We'll then send you a new recompiled Firewall test component for
SetupBuilder 8.1.

Friedrich

Friedrich,

The fix you sent me appears to do the trick. Thank you!

Regards,
Flint

>
> The fix you sent me appears to do the trick. Thank you!
>

Thank you for the update.

SetupBuilder Support
www.setupbuilder.com

Friedrich,

Any idea when we could get this fix? We just ran in to this yesterday.


Thanks

Eddie Sizemore

Eddie,

the updated component is already available in the following pre-release (in
case you need a quick fix):

http://www.lindersoft.com/sb8/sb81_4314_Dev.exe

Andrea

Andrea,

Thanks for the link. The update is setting the port to all ports.
However, the protocol type is getting set to tcp or udp and they are
disabled on the SB8 dialog so you are unable to select the one you want.

I can work around the issue by changing the operation in the SB8 dialog
to add port which enables the communication protocol, selecting which
protocol I need, and then change the operation back to add application.


Eddie Sizemore

Eddie,

Fixed, thank you!

---

FIX : [SB#4-02171] IDE: The "Communications Protocol" group in the
"Add Application to the Windows Exception List" Firewall
Exceptions operation was disabled.

---

Friedrich