add firewall extension decompiler, make msi modifications work, add all attributes

author: chris_bednarski <Chris.Bednarski@minfos.com.au> 2023-09-21 16:03:28 +1000
committer: Bob Arnson <github@bobs.org> 2023-11-19 12:17:13 -0500
commit: dfb7512b85536b7726080648f2228cf8d0153724 (patch)
tree: d053018ee47afe7e349dda6739a6580c771a1a3d /src/ext/Firewall/wixext/FirewallDecompiler.cs
parent: 80e604761b4f43b9b79a4878fcae360b071a7c35 (diff)
download: wix-dfb7512b85536b7726080648f2228cf8d0153724.tar.gz
wix-dfb7512b85536b7726080648f2228cf8d0153724.tar.bz2
wix-dfb7512b85536b7726080648f2228cf8d0153724.zip
1 files changed, 300 insertions, 17 deletions
diff --git a/src/ext/Firewall/wixext/FirewallDecompiler.cs b/src/ext/Firewall/wixext/FirewallDecompiler.cs
index 9ddd8a9a..7fafab17 100644
--- a/src/ext/Firewall/wixext/FirewallDecompiler.cs
+++ b/src/ext/Firewall/wixext/FirewallDecompiler.cs
@@ -8,6 +8,8 @@ namespace WixToolset.Firewall
    using WixToolset.Data;
    using WixToolset.Data.WindowsInstaller;
    using WixToolset.Extensibility;
+    using WixToolset.Extensibility.Data;
+    using WixToolset.Extensibility.Services;
    /// <summary>
    /// The decompiler for the WiX Toolset Firewall Extension.
@@ -16,6 +18,14 @@ namespace WixToolset.Firewall
    {
        public override IReadOnlyCollection<TableDefinition> TableDefinitions => FirewallTableDefinitions.All;
+        private IParseHelper ParseHelper { get; set; }
+        public override void PreDecompile(IWindowsInstallerDecompileContext context, IWindowsInstallerDecompilerHelper helper)
+        {
+            base.PreDecompile(context, helper);
+            this.ParseHelper = context.ServiceProvider.GetService<IParseHelper>();
+        }
        /// <summary>
        /// Called at the beginning of the decompilation of a database.
        /// </summary>
@@ -32,6 +42,8 @@ namespace WixToolset.Firewall
        {
            switch (table.Name)
            {
+                case "WixFirewallException":
+                case "Wix4FirewallException":
                case "Wix5FirewallException":
                    this.DecompileWixFirewallExceptionTable(table);
                    break;
@@ -57,7 +69,7 @@ namespace WixToolset.Firewall
        /// <param name="table">The table to decompile.</param>
        private void DecompileWixFirewallExceptionTable(Table table)
        {
-            foreach (Row row in table.Rows)
+            foreach (var row in table.Rows)
            {
                var firewallException = new XElement(FirewallConstants.FirewallExceptionName,
                    new XAttribute("Id", row.FieldAsString(0)),
@@ -90,13 +102,20 @@ namespace WixToolset.Firewall
                                firewallException.Add(new XAttribute("Scope", "defaultGateway"));
                                break;
                            default:
-                                FirewallDecompiler.AddRemoteAddress(firewallException, addresses[0]);
+                                if (this.ParseHelper.ContainsProperty(addresses[0]))
+                                {
+                                    firewallException.Add(new XAttribute("Scope", addresses[0]));
+                                }
+                                else
+                                {
+                                    FirewallDecompiler.AddRemoteAddress(firewallException, addresses[0]);
+                                }
                                break;
                        }
                    }
                    else
                    {
-                        foreach (string address in addresses)
+                        foreach (var address in addresses)
                        {
                            FirewallDecompiler.AddRemoteAddress(firewallException, address);
                        }
@@ -110,16 +129,19 @@ namespace WixToolset.Firewall
                if (!row.IsColumnEmpty(4))
                {
-                    switch (Convert.ToInt32(row[4]))
+                    switch (row.FieldAsString(4))
                    {
-                        case FirewallConstants.NET_FW_IP_PROTOCOL_TCP:
+                        case FirewallConstants.IntegerNotSetString:
+                            break;
+                        case "6":
                            firewallException.Add(new XAttribute("Protocol", "tcp"));
                            break;
-                        case FirewallConstants.NET_FW_IP_PROTOCOL_UDP:
+                        case "17":
                            firewallException.Add(new XAttribute("Protocol", "udp"));
                            break;
                        default:
-                            firewallException.Add(new XAttribute("Protocol", row[4]));
+                            firewallException.Add(new XAttribute("Protocol", row.FieldAsString(4)));
                            break;
                    }
                }
@@ -131,26 +153,44 @@ namespace WixToolset.Firewall
                if (!row.IsColumnEmpty(6))
                {
-                    var attr = Convert.ToInt32(row[6]);
+                    var attr = row.FieldAsInteger(6);
-                    AttributeIfNotNull("IgnoreFailure", (attr & 0x1) == 0x1);
+                    if ((attr & 0x1) == 0x1)
+                    {
+                        AttributeIfNotNull("IgnoreFailure", true);
+                    }
+                    if ((attr & 0x2) == 0x2)
+                    {
+                        firewallException.Add(new XAttribute("OnUpdate", "DoNothing"));
+                    }
+                    else if ((attr & 0x4) == 0x4)
+                    {
+                        firewallException.Add(new XAttribute("OnUpdate", "EnableOnly"));
+                    }
                }
                if (!row.IsColumnEmpty(7))
                {
-                    switch (Convert.ToInt32(row[7]))
+                    switch (row.FieldAsString(7))
                    {
-                        case FirewallConstants.NET_FW_PROFILE2_DOMAIN:
+                        case FirewallConstants.IntegerNotSetString:
+                            break;
+                        case "1":
                            firewallException.Add(new XAttribute("Profile", "domain"));
                            break;
-                        case FirewallConstants.NET_FW_PROFILE2_PRIVATE:
+                        case "2":
                            firewallException.Add(new XAttribute("Profile", "private"));
                            break;
-                        case FirewallConstants.NET_FW_PROFILE2_PUBLIC:
+                        case "4":
                            firewallException.Add(new XAttribute("Profile", "public"));
                            break;
-                        case FirewallConstants.NET_FW_PROFILE2_ALL:
+                        case "2147483647":
                            firewallException.Add(new XAttribute("Profile", "all"));
                            break;
+                        default:
+                            firewallException.Add(new XAttribute("Profile", row.FieldAsString(7)));
+                            break;
                    }
                }
@@ -164,8 +204,6 @@ namespace WixToolset.Firewall
                    switch (Convert.ToInt32(row[10]))
                    {
                        case FirewallConstants.NET_FW_RULE_DIR_IN:
-                            firewallException.Add(AttributeIfNotNull("Outbound", false));
                            break;
                        case FirewallConstants.NET_FW_RULE_DIR_OUT:
                            firewallException.Add(AttributeIfNotNull("Outbound", true));
@@ -173,6 +211,224 @@ namespace WixToolset.Firewall
                    }
                }
+                // Introduced in 5.0.0
+                if (row.Fields.Length > 11)
+                {
+                    if (!row.IsColumnEmpty(11))
+                    {
+                        var action = row.FieldAsString(11);
+                        switch (action)
+                        {
+                            case FirewallConstants.IntegerNotSetString:
+                                break;
+                            case "1":
+                                firewallException.Add(new XAttribute("Action", "Allow"));
+                                break;
+                            case "0":
+                                firewallException.Add(new XAttribute("Action", "Block"));
+                                break;
+                            default:
+                                firewallException.Add(new XAttribute("Action", action));
+                                break;
+                        }
+                    }
+                    if (!row.IsColumnEmpty(12))
+                    {
+                        var edgeTraversal = row.FieldAsString(12);
+                        switch (edgeTraversal)
+                        {
+                            case FirewallConstants.IntegerNotSetString:
+                                break;
+                            case "0":
+                                firewallException.Add(new XAttribute("EdgeTraversal", "Deny"));
+                                break;
+                            case "1":
+                                firewallException.Add(new XAttribute("EdgeTraversal", "Allow"));
+                                break;
+                            case "2":
+                                firewallException.Add(new XAttribute("EdgeTraversal", "DeferToApp"));
+                                break;
+                            case "3":
+                                firewallException.Add(new XAttribute("EdgeTraversal", "DeferToUser"));
+                                break;
+                            default:
+                                firewallException.Add(new XAttribute("EdgeTraversal", edgeTraversal));
+                                break;
+                        }
+                    }
+                    if (!row.IsColumnEmpty(13))
+                    {
+                        var enabled = row.FieldAsString(13);
+                        switch (enabled)
+                        {
+                            case FirewallConstants.IntegerNotSetString:
+                                break;
+                            case "1":
+                                firewallException.Add(new XAttribute("Enabled", "yes"));
+                                break;
+                            case "0":
+                                firewallException.Add(new XAttribute("Enabled", "no"));
+                                break;
+                            default:
+                                firewallException.Add(new XAttribute("Enabled", enabled));
+                                break;
+                        }
+                    }
+                    if (!row.IsColumnEmpty(14))
+                    {
+                        firewallException.Add(new XAttribute("Grouping", row.FieldAsString(14)));
+                    }
+                    if (!row.IsColumnEmpty(15))
+                    {
+                        firewallException.Add(new XAttribute("IcmpTypesAndCodes", row.FieldAsString(15)));
+                    }
+                    if (!row.IsColumnEmpty(16))
+                    {
+                        string[] interfaces = row.FieldAsString(16).Split(new[] { FirewallConstants.FORBIDDEN_FIREWALL_CHAR }, StringSplitOptions.RemoveEmptyEntries);
+                        if (interfaces.Length == 1)
+                        {
+                            firewallException.Add(new XAttribute("Interface", interfaces[0]));
+                        }
+                        else
+                        {
+                            foreach (var interfaceItem in interfaces)
+                            {
+                                FirewallDecompiler.AddInterface(firewallException, interfaceItem);
+                            }
+                        }
+                    }
+                    if (!row.IsColumnEmpty(17))
+                    {
+                        string[] interfaceTypes = row.FieldAsString(17).Split(',');
+                        if (interfaceTypes.Length == 1)
+                        {
+                            firewallException.Add(new XAttribute("InterfaceType", interfaceTypes[0]));
+                        }
+                        else
+                        {
+                            foreach (var interfaceType in interfaceTypes)
+                            {
+                                FirewallDecompiler.AddInterfaceType(firewallException, interfaceType);
+                            }
+                        }
+                    }
+                    if (!row.IsColumnEmpty(18))
+                    {
+                        string[] addresses = row.FieldAsString(18).Split(',');
+                        if (addresses.Length == 1)
+                        {
+                            switch (addresses[0])
+                            {
+                                case "*":
+                                    firewallException.Add(new XAttribute("LocalScope", "any"));
+                                    break;
+                                case "LocalSubnet":
+                                    firewallException.Add(new XAttribute("LocalScope", "localSubnet"));
+                                    break;
+                                case "dns":
+                                    firewallException.Add(new XAttribute("LocalScope", "DNS"));
+                                    break;
+                                case "dhcp":
+                                    firewallException.Add(new XAttribute("LocalScope", "DHCP"));
+                                    break;
+                                case "wins":
+                                    firewallException.Add(new XAttribute("LocalScope", "WINS"));
+                                    break;
+                                case "DefaultGateway":
+                                    firewallException.Add(new XAttribute("LocalScope", "defaultGateway"));
+                                    break;
+                                default:
+                                    if (this.ParseHelper.ContainsProperty(addresses[0]))
+                                    {
+                                        firewallException.Add(new XAttribute("LocalScope", addresses[0]));
+                                    }
+                                    else
+                                    {
+                                        FirewallDecompiler.AddLocalAddress(firewallException, addresses[0]);
+                                    }
+                                    break;
+                            }
+                        }
+                        else
+                        {
+                            foreach (var address in addresses)
+                            {
+                                FirewallDecompiler.AddLocalAddress(firewallException, address);
+                            }
+                        }
+                    }
+                    if (!row.IsColumnEmpty(19))
+                    {
+                        firewallException.Add(new XAttribute("RemotePort", row.FieldAsString(19)));
+                    }
+                    if (!row.IsColumnEmpty(20))
+                    {
+                        firewallException.Add(new XAttribute("Service", row.FieldAsString(20)));
+                    }
+                    if (!row.IsColumnEmpty(21))
+                    {
+                        firewallException.Add(new XAttribute("LocalAppPackageId", row.FieldAsString(21)));
+                    }
+                    if (!row.IsColumnEmpty(22))
+                    {
+                        firewallException.Add(new XAttribute("LocalUserAuthorizedList", row.FieldAsString(22)));
+                    }
+                    if (!row.IsColumnEmpty(23))
+                    {
+                        firewallException.Add(new XAttribute("LocalUserOwner", row.FieldAsString(23)));
+                    }
+                    if (!row.IsColumnEmpty(24))
+                    {
+                        firewallException.Add(new XAttribute("RemoteMachineAuthorizedList", row.FieldAsString(24)));
+                    }
+                    if (!row.IsColumnEmpty(25))
+                    {
+                        firewallException.Add(new XAttribute("RemoteUserAuthorizedList", row.FieldAsString(25)));
+                    }
+                    if (!row.IsColumnEmpty(26))
+                    {
+                        var secureFlags = row.FieldAsString(26);
+                        switch (secureFlags)
+                        {
+                            case FirewallConstants.IntegerNotSetString:
+                                break;
+                            case "0":
+                                firewallException.Add(new XAttribute("IPSecSecureFlags", "None"));
+                                break;
+                            case "1":
+                                firewallException.Add(new XAttribute("IPSecSecureFlags", "NoEncapsulation"));
+                                break;
+                            case "2":
+                                firewallException.Add(new XAttribute("IPSecSecureFlags", "WithIntegrity"));
+                                break;
+                            case "3":
+                                firewallException.Add(new XAttribute("IPSecSecureFlags", "NegotiateEncryption"));
+                                break;
+                            case "4":
+                                firewallException.Add(new XAttribute("IPSecSecureFlags", "Encrypt"));
+                                break;
+                            default:
+                                firewallException.Add(new XAttribute("IPSecSecureFlags", secureFlags));
+                                break;
+                        }
+                    }
+                }
                this.DecompilerHelper.IndexElement(row, firewallException);
            }
        }
@@ -183,7 +439,34 @@ namespace WixToolset.Firewall
                new XAttribute("Value", address)
            );
-            firewallException.AddAfterSelf(remoteAddress);
+            firewallException.Add(remoteAddress);
+        }
+        private static void AddInterfaceType(XElement firewallException, string type)
+        {
+            var interfaceType = new XElement(FirewallConstants.InterfaceTypeName,
+                new XAttribute("Value", type)
+            );
+            firewallException.Add(interfaceType);
+        }
+        private static void AddLocalAddress(XElement firewallException, string address)
+        {
+            var localAddress = new XElement(FirewallConstants.LocalAddressName,
+                new XAttribute("Value", address)
+            );
+            firewallException.Add(localAddress);
+        }
+        private static void AddInterface(XElement firewallException, string value)
+        {
+            var interfaceName = new XElement(FirewallConstants.InterfaceName,
+                new XAttribute("Name", value)
+            );
+            firewallException.Add(interfaceName);
        }
        private static XAttribute AttributeIfNotNull(string name, bool value)
author	chris_bednarski <Chris.Bednarski@minfos.com.au>	2023-09-21 16:03:28 +1000
committer	Bob Arnson <github@bobs.org>	2023-11-19 12:17:13 -0500
commit	dfb7512b85536b7726080648f2228cf8d0153724 (patch)
tree	d053018ee47afe7e349dda6739a6580c771a1a3d /src/ext/Firewall/wixext/FirewallDecompiler.cs
parent	80e604761b4f43b9b79a4878fcae360b071a7c35 (diff)
download	wix-dfb7512b85536b7726080648f2228cf8d0153724.tar.gz wix-dfb7512b85536b7726080648f2228cf8d0153724.tar.bz2 wix-dfb7512b85536b7726080648f2228cf8d0153724.zip

diff --git a/src/ext/Firewall/wixext/FirewallDecompiler.cs b/src/ext/Firewall/wixext/FirewallDecompiler.cs index 9ddd8a9a..7fafab17 100644 --- a/src/ext/Firewall/wixext/FirewallDecompiler.cs +++ b/src/ext/Firewall/wixext/FirewallDecompiler.cs
@@ -8,6 +8,8 @@ namespace WixToolset.Firewall
8	using WixToolset.Data;	8	using WixToolset.Data;
9	using WixToolset.Data.WindowsInstaller;	9	using WixToolset.Data.WindowsInstaller;
10	using WixToolset.Extensibility;	10	using WixToolset.Extensibility;
		11	using WixToolset.Extensibility.Data;
		12	using WixToolset.Extensibility.Services;
11		13
12	/// <summary>	14	/// <summary>
13	/// The decompiler for the WiX Toolset Firewall Extension.	15	/// The decompiler for the WiX Toolset Firewall Extension.
@@ -16,6 +18,14 @@ namespace WixToolset.Firewall
16	{	18	{
17	public override IReadOnlyCollection<TableDefinition> TableDefinitions => FirewallTableDefinitions.All;	19	public override IReadOnlyCollection<TableDefinition> TableDefinitions => FirewallTableDefinitions.All;
18		20
		21	private IParseHelper ParseHelper { get; set; }
		22
		23	public override void PreDecompile(IWindowsInstallerDecompileContext context, IWindowsInstallerDecompilerHelper helper)
		24	{
		25	base.PreDecompile(context, helper);
		26	this.ParseHelper = context.ServiceProvider.GetService<IParseHelper>();
		27	}
		28
19	/// <summary>	29	/// <summary>
20	/// Called at the beginning of the decompilation of a database.	30	/// Called at the beginning of the decompilation of a database.
21	/// </summary>	31	/// </summary>
@@ -32,6 +42,8 @@ namespace WixToolset.Firewall
32	{	42	{
33	switch (table.Name)	43	switch (table.Name)
34	{	44	{
		45	case "WixFirewallException":
		46	case "Wix4FirewallException":
35	case "Wix5FirewallException":	47	case "Wix5FirewallException":
36	this.DecompileWixFirewallExceptionTable(table);	48	this.DecompileWixFirewallExceptionTable(table);
37	break;	49	break;
@@ -57,7 +69,7 @@ namespace WixToolset.Firewall
57	/// <param name="table">The table to decompile.</param>	69	/// <param name="table">The table to decompile.</param>
58	private void DecompileWixFirewallExceptionTable(Table table)	70	private void DecompileWixFirewallExceptionTable(Table table)
59	{	71	{
60	foreach (Row row in table.Rows)	72	foreach (var row in table.Rows)
61	{	73	{
62	var firewallException = new XElement(FirewallConstants.FirewallExceptionName,	74	var firewallException = new XElement(FirewallConstants.FirewallExceptionName,
63	new XAttribute("Id", row.FieldAsString(0)),	75	new XAttribute("Id", row.FieldAsString(0)),
@@ -90,13 +102,20 @@ namespace WixToolset.Firewall
90	firewallException.Add(new XAttribute("Scope", "defaultGateway"));	102	firewallException.Add(new XAttribute("Scope", "defaultGateway"));
91	break;	103	break;
92	default:	104	default:
93	FirewallDecompiler.AddRemoteAddress(firewallException, addresses[0]);	105	if (this.ParseHelper.ContainsProperty(addresses[0]))
		106	{
		107	firewallException.Add(new XAttribute("Scope", addresses[0]));
		108	}
		109	else
		110	{
		111	FirewallDecompiler.AddRemoteAddress(firewallException, addresses[0]);
		112	}
94	break;	113	break;
95	}	114	}
96	}	115	}
97	else	116	else
98	{	117	{
99	foreach (string address in addresses)	118	foreach (var address in addresses)
100	{	119	{
101	FirewallDecompiler.AddRemoteAddress(firewallException, address);	120	FirewallDecompiler.AddRemoteAddress(firewallException, address);
102	}	121	}
@@ -110,16 +129,19 @@ namespace WixToolset.Firewall
110		129
111	if (!row.IsColumnEmpty(4))	130	if (!row.IsColumnEmpty(4))
112	{	131	{
113	switch (Convert.ToInt32(row[4]))	132	switch (row.FieldAsString(4))
114	{	133	{
115	case FirewallConstants.NET_FW_IP_PROTOCOL_TCP:	134	case FirewallConstants.IntegerNotSetString:
		135	break;
		136	case "6":
116	firewallException.Add(new XAttribute("Protocol", "tcp"));	137	firewallException.Add(new XAttribute("Protocol", "tcp"));
117	break;	138	break;
118	case FirewallConstants.NET_FW_IP_PROTOCOL_UDP:	139	case "17":
119	firewallException.Add(new XAttribute("Protocol", "udp"));	140	firewallException.Add(new XAttribute("Protocol", "udp"));
120	break;	141	break;
		142
121	default:	143	default:
122	firewallException.Add(new XAttribute("Protocol", row[4]));	144	firewallException.Add(new XAttribute("Protocol", row.FieldAsString(4)));
123	break;	145	break;
124	}	146	}
125	}	147	}
@@ -131,26 +153,44 @@ namespace WixToolset.Firewall
131		153
132	if (!row.IsColumnEmpty(6))	154	if (!row.IsColumnEmpty(6))
133	{	155	{
134	var attr = Convert.ToInt32(row[6]);	156	var attr = row.FieldAsInteger(6);
135	AttributeIfNotNull("IgnoreFailure", (attr & 0x1) == 0x1);	157	if ((attr & 0x1) == 0x1)
		158	{
		159	AttributeIfNotNull("IgnoreFailure", true);
		160	}
		161
		162	if ((attr & 0x2) == 0x2)
		163	{
		164	firewallException.Add(new XAttribute("OnUpdate", "DoNothing"));
		165	}
		166	else if ((attr & 0x4) == 0x4)
		167	{
		168	firewallException.Add(new XAttribute("OnUpdate", "EnableOnly"));
		169	}
136	}	170	}
137		171
138	if (!row.IsColumnEmpty(7))	172	if (!row.IsColumnEmpty(7))
139	{	173	{
140	switch (Convert.ToInt32(row[7]))	174	switch (row.FieldAsString(7))
141	{	175	{
142	case FirewallConstants.NET_FW_PROFILE2_DOMAIN:	176	case FirewallConstants.IntegerNotSetString:
		177	break;
		178	case "1":
143	firewallException.Add(new XAttribute("Profile", "domain"));	179	firewallException.Add(new XAttribute("Profile", "domain"));
144	break;	180	break;
145	case FirewallConstants.NET_FW_PROFILE2_PRIVATE:	181	case "2":
146	firewallException.Add(new XAttribute("Profile", "private"));	182	firewallException.Add(new XAttribute("Profile", "private"));
147	break;	183	break;
148	case FirewallConstants.NET_FW_PROFILE2_PUBLIC:	184	case "4":
149	firewallException.Add(new XAttribute("Profile", "public"));	185	firewallException.Add(new XAttribute("Profile", "public"));
150	break;	186	break;
151	case FirewallConstants.NET_FW_PROFILE2_ALL:	187	case "2147483647":
152	firewallException.Add(new XAttribute("Profile", "all"));	188	firewallException.Add(new XAttribute("Profile", "all"));
153	break;	189	break;
		190
		191	default:
		192	firewallException.Add(new XAttribute("Profile", row.FieldAsString(7)));
		193	break;
154	}	194	}
155	}	195	}
156		196
@@ -164,8 +204,6 @@ namespace WixToolset.Firewall
164	switch (Convert.ToInt32(row[10]))	204	switch (Convert.ToInt32(row[10]))
165	{	205	{
166	case FirewallConstants.NET_FW_RULE_DIR_IN:	206	case FirewallConstants.NET_FW_RULE_DIR_IN:
167
168	firewallException.Add(AttributeIfNotNull("Outbound", false));
169	break;	207	break;
170	case FirewallConstants.NET_FW_RULE_DIR_OUT:	208	case FirewallConstants.NET_FW_RULE_DIR_OUT:
171	firewallException.Add(AttributeIfNotNull("Outbound", true));	209	firewallException.Add(AttributeIfNotNull("Outbound", true));
@@ -173,6 +211,224 @@ namespace WixToolset.Firewall
173	}	211	}
174	}	212	}
175		213
		214	// Introduced in 5.0.0
		215	if (row.Fields.Length > 11)
		216	{
		217	if (!row.IsColumnEmpty(11))
		218	{
		219	var action = row.FieldAsString(11);
		220	switch (action)
		221	{
		222	case FirewallConstants.IntegerNotSetString:
		223	break;
		224	case "1":
		225	firewallException.Add(new XAttribute("Action", "Allow"));
		226	break;
		227	case "0":
		228	firewallException.Add(new XAttribute("Action", "Block"));
		229	break;
		230	default:
		231	firewallException.Add(new XAttribute("Action", action));
		232	break;
		233	}
		234	}
		235
		236	if (!row.IsColumnEmpty(12))
		237	{
		238	var edgeTraversal = row.FieldAsString(12);
		239	switch (edgeTraversal)
		240	{
		241	case FirewallConstants.IntegerNotSetString:
		242	break;
		243	case "0":
		244	firewallException.Add(new XAttribute("EdgeTraversal", "Deny"));
		245	break;
		246	case "1":
		247	firewallException.Add(new XAttribute("EdgeTraversal", "Allow"));
		248	break;
		249	case "2":
		250	firewallException.Add(new XAttribute("EdgeTraversal", "DeferToApp"));
		251	break;
		252	case "3":
		253	firewallException.Add(new XAttribute("EdgeTraversal", "DeferToUser"));
		254	break;
		255	default:
		256	firewallException.Add(new XAttribute("EdgeTraversal", edgeTraversal));
		257	break;
		258	}
		259	}
		260
		261	if (!row.IsColumnEmpty(13))
		262	{
		263	var enabled = row.FieldAsString(13);
		264	switch (enabled)
		265	{
		266	case FirewallConstants.IntegerNotSetString:
		267	break;
		268	case "1":
		269	firewallException.Add(new XAttribute("Enabled", "yes"));
		270	break;
		271	case "0":
		272	firewallException.Add(new XAttribute("Enabled", "no"));
		273	break;
		274	default:
		275	firewallException.Add(new XAttribute("Enabled", enabled));
		276	break;
		277	}
		278	}
		279
		280	if (!row.IsColumnEmpty(14))
		281	{
		282	firewallException.Add(new XAttribute("Grouping", row.FieldAsString(14)));
		283	}
		284
		285	if (!row.IsColumnEmpty(15))
		286	{
		287	firewallException.Add(new XAttribute("IcmpTypesAndCodes", row.FieldAsString(15)));
		288	}
		289
		290	if (!row.IsColumnEmpty(16))
		291	{
		292	string[] interfaces = row.FieldAsString(16).Split(new[] { FirewallConstants.FORBIDDEN_FIREWALL_CHAR }, StringSplitOptions.RemoveEmptyEntries);
		293	if (interfaces.Length == 1)
		294	{
		295	firewallException.Add(new XAttribute("Interface", interfaces[0]));
		296	}
		297	else
		298	{
		299	foreach (var interfaceItem in interfaces)
		300	{
		301	FirewallDecompiler.AddInterface(firewallException, interfaceItem);
		302	}
		303	}
		304	}
		305
		306	if (!row.IsColumnEmpty(17))
		307	{
		308	string[] interfaceTypes = row.FieldAsString(17).Split(',');
		309	if (interfaceTypes.Length == 1)
		310	{
		311	firewallException.Add(new XAttribute("InterfaceType", interfaceTypes[0]));
		312	}
		313	else
		314	{
		315	foreach (var interfaceType in interfaceTypes)
		316	{
		317	FirewallDecompiler.AddInterfaceType(firewallException, interfaceType);
		318	}
		319	}
		320	}
		321
		322	if (!row.IsColumnEmpty(18))
		323	{
		324	string[] addresses = row.FieldAsString(18).Split(',');
		325	if (addresses.Length == 1)
		326	{
		327	switch (addresses[0])
		328	{
		329	case "*":
		330	firewallException.Add(new XAttribute("LocalScope", "any"));
		331	break;
		332	case "LocalSubnet":
		333	firewallException.Add(new XAttribute("LocalScope", "localSubnet"));
		334	break;
		335	case "dns":
		336	firewallException.Add(new XAttribute("LocalScope", "DNS"));
		337	break;
		338	case "dhcp":
		339	firewallException.Add(new XAttribute("LocalScope", "DHCP"));
		340	break;
		341	case "wins":
		342	firewallException.Add(new XAttribute("LocalScope", "WINS"));
		343	break;
		344	case "DefaultGateway":
		345	firewallException.Add(new XAttribute("LocalScope", "defaultGateway"));
		346	break;
		347	default:
		348	if (this.ParseHelper.ContainsProperty(addresses[0]))
		349	{
		350	firewallException.Add(new XAttribute("LocalScope", addresses[0]));
		351	}
		352	else
		353	{
		354	FirewallDecompiler.AddLocalAddress(firewallException, addresses[0]);
		355	}
		356	break;
		357	}
		358	}
		359	else
		360	{
		361	foreach (var address in addresses)
		362	{
		363	FirewallDecompiler.AddLocalAddress(firewallException, address);
		364	}
		365	}
		366	}
		367
		368	if (!row.IsColumnEmpty(19))
		369	{
		370	firewallException.Add(new XAttribute("RemotePort", row.FieldAsString(19)));
		371	}
		372
		373	if (!row.IsColumnEmpty(20))
		374	{
		375	firewallException.Add(new XAttribute("Service", row.FieldAsString(20)));
		376	}
		377
		378	if (!row.IsColumnEmpty(21))
		379	{
		380	firewallException.Add(new XAttribute("LocalAppPackageId", row.FieldAsString(21)));
		381	}
		382
		383	if (!row.IsColumnEmpty(22))
		384	{
		385	firewallException.Add(new XAttribute("LocalUserAuthorizedList", row.FieldAsString(22)));
		386	}
		387
		388	if (!row.IsColumnEmpty(23))
		389	{
		390	firewallException.Add(new XAttribute("LocalUserOwner", row.FieldAsString(23)));
		391	}
		392
		393	if (!row.IsColumnEmpty(24))
		394	{
		395	firewallException.Add(new XAttribute("RemoteMachineAuthorizedList", row.FieldAsString(24)));
		396	}
		397
		398	if (!row.IsColumnEmpty(25))
		399	{
		400	firewallException.Add(new XAttribute("RemoteUserAuthorizedList", row.FieldAsString(25)));
		401	}
		402
		403	if (!row.IsColumnEmpty(26))
		404	{
		405	var secureFlags = row.FieldAsString(26);
		406	switch (secureFlags)
		407	{
		408	case FirewallConstants.IntegerNotSetString:
		409	break;
		410	case "0":
		411	firewallException.Add(new XAttribute("IPSecSecureFlags", "None"));
		412	break;
		413	case "1":
		414	firewallException.Add(new XAttribute("IPSecSecureFlags", "NoEncapsulation"));
		415	break;
		416	case "2":
		417	firewallException.Add(new XAttribute("IPSecSecureFlags", "WithIntegrity"));
		418	break;
		419	case "3":
		420	firewallException.Add(new XAttribute("IPSecSecureFlags", "NegotiateEncryption"));
		421	break;
		422	case "4":
		423	firewallException.Add(new XAttribute("IPSecSecureFlags", "Encrypt"));
		424	break;
		425	default:
		426	firewallException.Add(new XAttribute("IPSecSecureFlags", secureFlags));
		427	break;
		428	}
		429	}
		430	}
		431
176	this.DecompilerHelper.IndexElement(row, firewallException);	432	this.DecompilerHelper.IndexElement(row, firewallException);
177	}	433	}
178	}	434	}
@@ -183,7 +439,34 @@ namespace WixToolset.Firewall
183	new XAttribute("Value", address)	439	new XAttribute("Value", address)
184	);	440	);
185		441
186	firewallException.AddAfterSelf(remoteAddress);	442	firewallException.Add(remoteAddress);
		443	}
		444
		445	private static void AddInterfaceType(XElement firewallException, string type)
		446	{
		447	var interfaceType = new XElement(FirewallConstants.InterfaceTypeName,
		448	new XAttribute("Value", type)
		449	);
		450
		451	firewallException.Add(interfaceType);
		452	}
		453
		454	private static void AddLocalAddress(XElement firewallException, string address)
		455	{
		456	var localAddress = new XElement(FirewallConstants.LocalAddressName,
		457	new XAttribute("Value", address)
		458	);
		459
		460	firewallException.Add(localAddress);
		461	}
		462
		463	private static void AddInterface(XElement firewallException, string value)
		464	{
		465	var interfaceName = new XElement(FirewallConstants.InterfaceName,
		466	new XAttribute("Name", value)
		467	);
		468
		469	firewallException.Add(interfaceName);
187	}	470	}
188		471
189	private static XAttribute AttributeIfNotNull(string name, bool value)	472	private static XAttribute AttributeIfNotNull(string name, bool value)