#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Nov 2013
    Posts
    2
    Rep Power
    0

    Enable/disable firewall from registry


    Hi,
    I have to set some new configuration while installing software that requires to turn on Windows firewall and set a new rule in order to restrict some range port.
    U know that there's a registry: "[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicPr ofile[wharever profile is]]" and get in there -> "EnableFirewall"=dword:00000001/0 (in case we want to enable or disable WF). But I notices that even changing that flag, I don't see any change on WF API... I mean.. If I turned on from registry and go to start->Control Panel->WF bla blabla... I still see it OFF... Is there something that I am missing maybe?
  2. #2
  3. No Profile Picture
    Grumpier old Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Jun 2003
    Posts
    14,440
    Rep Power
    4539
    Why do you want to directly edit the registry? You can use netsh from the command line to correctly enable/disable the windows firewall.
    ======
    Doug G
    ======
    Bartender to Rene Descartes "have another beer?" Descartes: "I think not" and he vanished.
    --Alfred Bester
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Nov 2013
    Posts
    2
    Rep Power
    0
    Originally Posted by Doug G
    Why do you want to directly edit the registry? You can use netsh from the command line to correctly enable/disable the windows firewall.
    The idea would be to get some configure done in the middle of the install process to get some port restrictitions.

    It's only a search and testing that I am doing now...

    On the other hand, I had a rule configured (I did it by cmd using advfirewall commands)... to restrict ports from 1 to 1000 but don't get how to test it.. I mean.. how can I test that those ports are blocked...? I telnet to he ports... but get for example that port 139 is open..
  6. #4
  7. No Profile Picture
    Grumpier old Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Jun 2003
    Posts
    14,440
    Rep Power
    4539
    From the command line netstat can show you what ports are listening on your machine. I don't know if it will identify a port that's open in the firewall with no associated listening process though. From other machines there are various port scanners like nmap that can check your computer from the network.

    The firewall interface program will show you the configuration of what ports are open for what protocols, etc.
    ======
    Doug G
    ======
    Bartender to Rene Descartes "have another beer?" Descartes: "I think not" and he vanished.
    --Alfred Bester

IMN logo majestic logo threadwatch logo seochat tools logo