 |
|
Answer File = Unattend.txt and Winbom.ini; WinbomType = Factory
Windows Firewall maintains two sets of configurations known as profiles. The Domain profile is used when a computer is a member of a domain, while the Standard profile is used when a computer is not connected to a domain. The [WindowsFirewall.profile_name] section is a user-defined section that is referenced by the [WindowsFirewall] section to make changes to Windows Firewall's default configuration. You must include the [WindowsFirewall] and [WindowsFirewall.profile_name] sections in your answer file to configure the Windows Firewall in unattended Setup. You may specify a domain type of profile, a standard type, or a profile that applies to both domain and standard. You may also include one or more of the following user-defined sections in your answer file.
| Entry | Description |
|---|---|
| Type | Specifies the type of profile to use for changing the default configuration of the Windows Firewall. |
| Mode | Specifies whether to enable or disable Windows Firewall. |
| Exceptions | Specifies whether to enable or disable the Windows Firewall Exceptions list. Windows Firewall blocks all unsolicited, incoming traffic, except traffic that matches entries in the exceptions list. |
| Notifications | Specifies whether to enable or disable notifications. |
| MulticastBroadcastResponse | Specifies whether to enable or disable multicast and broadcast packets. |
| AllowedPrograms | Specifies a list of programs that will not be blocked by the Windows Firewall. |
| Services | Specifies a list of services that will not be blocked by the Windows Firewall, such as file and print services, remote administration services, and remote desktop services. |
| PortOpenings | Specifies a list of open ports that will not be blocked by Windows Firewall. |
| IcmpSettings | Specifies a list of Internet Control Message Protocol (ICMP) message types that will not be blocked by Windows Firewall. |
This sample demonstrates one use of the [WindowsFirewall.profile_name] section of Unattend.txt.
[WindowsFirewall.Standard] Type = 1 Mode = 1 Exceptions = 1 Notifications = 1 MulticastBroadcastResponse = 1 AllowedPrograms = WindowsFirewall.RemoteAssistance Services = WindowsFirewall.RemoteDesktop PortOpenings = WindowsFirewall.WebServer IcmpSettings = WindowsFirewall.EchoRequest
Specifies the type of profile to use for changing the default configuration of the Windows Firewall.
| Syntax | Type = 0 | 1 | 3 |
|---|---|
| Values | 0 Specifies a domain type of profile. 1Specifies a standard type of profile. 3Specifies both domain and standard profiles. |
| Default | 3 |
| Example | Type = 3 |
| Comments | This is an optional entry. If you do not specify a value for the Type entry, the default value is applied. |
Specifies whether to enable or disable Windows Firewall.
| Syntax | Mode = 0 | 1 |
|---|---|
| Values | 1 Enables Windows Firewall. 0Disables Windows Firewall. |
| Default | 1 |
| Example | Mode = 1 |
| Comments | This is a required entry. |
Specifies whether to enable or disable the Windows Firewall Exceptions list. Windows Firewall blocks all unsolicited, incoming traffic, except traffic that matches entries in the exceptions list.
| Syntax | Exceptions = 0 | 1 |
|---|---|
| Values | 1 Enables Windows Firewall Exceptions list. 0Disables Windows Firewall Exceptions list. |
| Default | 1 |
| Example | Exceptions = 1 |
| Comments | You can configure Windows Firewall to be enabled with no exceptions, enabled with exceptions, or disabled. |
Specifies whether to enable or disable notifications.
| Syntax | Notifications = 0 | 1 |
|---|---|
| Values | 1 Enables notifications. 0Disables notifications. |
| Default Value | 1 |
| Example | Notifications = 1 |
| Comments | This is an optional entry. |
Specifies whether to enable or disable multicast and broadcast packets.
| Syntax | MulticastBroadcastResponse = 0 | 1 |
|---|---|
| Values | 1 Enables MulticastBroadcastResponse. 0Disbales MulticastBroadcastResponse. |
| Default Value | 1 |
| Example | MulticastBroadcastResponse = 1 |
| Comments | This is an optional entry. |
Specifies a list of programs that will not be blocked by the Windows Firewall.
| Syntax | AllowedPrograms = WindowsFirewall.program_name |
|---|---|
| Value | WindowsFirewall.program_name |
| Example | AllowedPrograms = WindowsFirewall.RemoteAssistance |
| Comments | You may include multiple user-defined WindowsFirewall.program_name entries. Each WindowsFirewall.program_name entry references a [WindowsFirewall.program_name] section that defines the path and program name. Each WindowsFirewall.program_name entry must have a unique name, for example, WindowsFirewall.RemoteAssistance. |
Specifies a list of services that will not be blocked by the Windows Firewall, such as file and print services, remote administration services, and remote desktop services.
| Syntax | Services = WindowsFirewall.service_name |
|---|---|
| Value | WindowsFirewall.service_name |
| Example | Services = WindowsFirewall.PrintService |
| Comments | You may include multiple user-defined services. Each service entry references a [WindowsFirewall.service_name] section that defines the type of service, mode, and address. Each service entry must have a unique name. |
Specifies a list of open ports that will not be blocked by Windows Firewall.
| Syntax | PortOpenings = WindowsFirewall.portopening_name |
|---|---|
| Value | WindowsFirewall.portopening_name |
| Example | PortOpenings = WindowsFirewall.WebServer |
| Comments | You may include multiple user-defined port openings. Each entry references a [WindowsFirewall.portopening_name] section that defines the port. Each entry must have a unique name. |
Specifies a list of Internet Control Message Protocol (ICMP) message types that will not be blocked by Windows Firewall.
| Syntax | IcmpSettings = WindowsFirewall.icmpsetting_name |
|---|---|
| Value | WindowsFirewall.icmpsetting_name |
| Example | IcmpSettings = WindowsFirewall.EchoRequest |
| Comments | You may include multiple user-defined ICMP settings. Each entry references a [WindowsFirewall.icmpsetting_name] section that specifies the name and type of ICMP setting. Each entry must have a unique name. |
