![]() |
Answer File = Unattend.txt and Winbom.ini; WinbomType = Factory
When in normal operation, Windows Firewall opens static ports used by services in its current profile's exception list. Only services that actually require unsolicited, incoming traffic should be added to the Windows Firewall Exceptions list. There is no benefit to adding services that use only outgoing connections to the Windows Firewall Exceptions list. You must add the [WindowsFirewall.service_name] section in the [WindowsFirewall.profile_name] section.
The [WindowsFirewall.service_name] section can be used with the following sections in your answer file to change the default settings in Windows Firewall.
Entry | Description |
---|---|
Type | Specifies the type of service to use for changing the default configuration of the Windows Firewall. |
Mode | Specifies whether to enable or disable an entry in the Windows Firewall Exceptions lists. |
Scope | Defines the set of limits on which computers (IP addresses) are allowed to send traffic through the specified exception. The value of the Mode entry must equal 1 (On). |
Addresses | Specifies the addresses for an entry in the Windows Firewall Exceptions lists. |
This sample demonstrates one use of the [WindowsFirewall.service_name] section of Unattend.txt.
[WindowsFirewall.RemoteDesktop] Type = 2 Mode = 1 Scope = 2 Addresses = 192.168.0.5,LocalSubnet
Specifies the type of service to use for changing the default configuration of the Windows Firewall.
Syntax | Type = 0 | 1 | 2 | 4 | 5 |
---|---|
Values | 0 Specifies file and print sharing. 1Specifies UPnP framework. 2Specifies remote desktop service. 4Specifies remote administration service. 5Specifies all services. |
Default | 5 |
Example | Type = 5 |
Comments | This is a required entry. |
Specifies whether an entry added to the Windows Firewall Exceptions list is either enabled or disabled.
Syntax | Mode = 0 | 1 |
---|---|
Value | 1 Enables an entry in the Windows Firewall Exceptions list. 0Disables an entry in the Windows Firewall Exceptions list. |
Default | 1 |
Example | Mode = 1 |
Comments | This is a required entry. |
Defines the set of limits on which computers (IP addresses) are allowed to send traffic through the specified exception. The value of the Mode entry must equal 1 (On).
Syntax | Scope = 0 | 1 | 2 |
---|---|
Values | 0 Enables unsolicited, incoming traffic with no limitations. Any computer can send traffic through this exception. 1Enables unsolicited, incoming traffic that matches the exception from any computer on the same subnet as the network connection on which the traffic was received through Windows Firewall, while dropping unsolicited, incoming traffic from all other computers. 2Defines a custom scope, which is a collection of IP addresses and subnets, as specified in the Addresses entry. Unsolicited, incoming traffic that matches the exception and originates from a computer in the defined collection is enabled through Windows Firewall. |
Default Value | 0 |
Example | Scope = 192.168.0.5,LocalSubnet |
Comments | When enabling a service, the set of IP addresses from which the unsolicited, incoming traffic is enabled can be defined by using this entry. |
Specifies the IP addresses in the Scope entry.
Syntax | Addresses = IP_address1, IP_address2 |
---|---|
Values | IP_address |
Example | Addresses = 192.168.0.5,LocalSubnet |
Comments | This entry is ignored unless Scope is set to 2. |