change firewall extension table name to Wix5FirewallException

author: chris_bednarski <Chris.Bednarski@minfos.com.au> 2023-08-26 18:51:38 +1000
committer: Bob Arnson <github@bobs.org> 2023-11-19 12:17:13 -0500
commit: 80e604761b4f43b9b79a4878fcae360b071a7c35 (patch)
tree: 9ca40a1d60a2ef1a5a1a426382356ae8b7cf9868 /src/ext/Firewall
parent: 6e974490eeabc9a3728aa2fb9ad07e8a5adf4fb6 (diff)
download: wix-80e604761b4f43b9b79a4878fcae360b071a7c35.tar.gz
wix-80e604761b4f43b9b79a4878fcae360b071a7c35.tar.bz2
wix-80e604761b4f43b9b79a4878fcae360b071a7c35.zip
7 files changed, 235 insertions, 65 deletions
diff --git a/src/ext/Firewall/ca/firewall.cpp b/src/ext/Firewall/ca/firewall.cpp
index 2a1ef825..eed6f9df 100644
--- a/src/ext/Firewall/ca/firewall.cpp
+++ b/src/ext/Firewall/ca/firewall.cpp
@@ -3,7 +3,7 @@
 #include "precomp.h"
 LPCWSTR vcsFirewallExceptionQuery =
-    L"SELECT `Name`, `RemoteAddresses`, `Port`, `Protocol`, `Program`, `Attributes`, `Profile`, `Component_`, `Description`, `Direction` FROM `Wix4FirewallException`";
+    L"SELECT `Name`, `RemoteAddresses`, `Port`, `Protocol`, `Program`, `Attributes`, `Profile`, `Component_`, `Description`, `Direction` FROM `Wix5FirewallException`";
 enum eFirewallExceptionQuery { feqName = 1, feqRemoteAddresses, feqPort, feqProtocol, feqProgram, feqAttributes, feqProfile, feqComponent, feqDescription, feqDirection };
 enum eFirewallExceptionTarget { fetPort = 1, fetApplication, fetUnknown };
 enum eFirewallExceptionAttributes { feaIgnoreFailures = 1 };
@@ -49,15 +49,15 @@ static UINT SchedFirewallExceptions(
    ExitOnFailure(hr, "Failed to initialize");
    // anything to do?
-    if (S_OK != WcaTableExists(L"Wix4FirewallException"))
+    if (S_OK != WcaTableExists(L"Wix5FirewallException"))
    {
-        WcaLog(LOGMSG_STANDARD, "Wix4FirewallException table doesn't exist, so there are no firewall exceptions to configure.");
+        WcaLog(LOGMSG_STANDARD, "Wix5FirewallException table doesn't exist, so there are no firewall exceptions to configure.");
        ExitFunction();
    }
    // query and loop through all the firewall exceptions
    hr = WcaOpenExecuteView(vcsFirewallExceptionQuery, &hView);
-    ExitOnFailure(hr, "Failed to open view on Wix4FirewallException table");
+    ExitOnFailure(hr, "Failed to open view on Wix5FirewallException table");
    while (S_OK == (hr = WcaFetchRecord(hView, &hRec)))
    {
@@ -150,7 +150,7 @@ static UINT SchedFirewallExceptions(
    {
        hr = S_OK;
    } 
-    ExitOnFailure(hr, "failure occured while processing Wix4FirewallException table");
+    ExitOnFailure(hr, "failure occured while processing Wix5FirewallException table");
    // schedule ExecFirewallExceptions if there's anything to do
    if (pwzCustomActionData && *pwzCustomActionData)
@@ -159,16 +159,16 @@ static UINT SchedFirewallExceptions(
        if (WCA_TODO_INSTALL == todoSched)
        {
-            hr = WcaDoDeferredAction(CUSTOM_ACTION_DECORATION(L"RollbackFirewallExceptionsInstall"), pwzCustomActionData, cFirewallExceptions * COST_FIREWALL_EXCEPTION);
+            hr = WcaDoDeferredAction(CUSTOM_ACTION_DECORATION5(L"RollbackFirewallExceptionsInstall"), pwzCustomActionData, cFirewallExceptions * COST_FIREWALL_EXCEPTION);
            ExitOnFailure(hr, "failed to schedule firewall install exceptions rollback");            
-            hr = WcaDoDeferredAction(CUSTOM_ACTION_DECORATION(L"ExecFirewallExceptionsInstall"), pwzCustomActionData, cFirewallExceptions * COST_FIREWALL_EXCEPTION);
+            hr = WcaDoDeferredAction(CUSTOM_ACTION_DECORATION5(L"ExecFirewallExceptionsInstall"), pwzCustomActionData, cFirewallExceptions * COST_FIREWALL_EXCEPTION);
            ExitOnFailure(hr, "failed to schedule firewall install exceptions execution");
        }
        else
        {
-            hr = WcaDoDeferredAction(CUSTOM_ACTION_DECORATION(L"RollbackFirewallExceptionsUninstall"), pwzCustomActionData, cFirewallExceptions * COST_FIREWALL_EXCEPTION);
+            hr = WcaDoDeferredAction(CUSTOM_ACTION_DECORATION5(L"RollbackFirewallExceptionsUninstall"), pwzCustomActionData, cFirewallExceptions * COST_FIREWALL_EXCEPTION);
            ExitOnFailure(hr, "failed to schedule firewall uninstall exceptions rollback");    
-            hr = WcaDoDeferredAction(CUSTOM_ACTION_DECORATION(L"ExecFirewallExceptionsUninstall"), pwzCustomActionData, cFirewallExceptions * COST_FIREWALL_EXCEPTION);
+            hr = WcaDoDeferredAction(CUSTOM_ACTION_DECORATION5(L"ExecFirewallExceptionsUninstall"), pwzCustomActionData, cFirewallExceptions * COST_FIREWALL_EXCEPTION);
            ExitOnFailure(hr, "failed to schedule firewall uninstall exceptions execution");
        }
    }
diff --git a/src/ext/Firewall/test/WixToolsetTest.Firewall/FirewallExtensionFixture.cs b/src/ext/Firewall/test/WixToolsetTest.Firewall/FirewallExtensionFixture.cs
index 06a877f6..7119e92d 100644
--- a/src/ext/Firewall/test/WixToolsetTest.Firewall/FirewallExtensionFixture.cs
+++ b/src/ext/Firewall/test/WixToolsetTest.Firewall/FirewallExtensionFixture.cs
@@ -18,17 +18,21 @@ namespace WixToolsetTest.Firewall
            var folder = TestData.Get(@"TestData\UsingFirewall");
            var build = new Builder(folder, typeof(FirewallExtensionFactory), new[] { folder });
-            var results = build.BuildAndQuery(Build, "Wix4FirewallException", "CustomAction");
+            var results = build.BuildAndQuery(Build, "Wix5FirewallException", "CustomAction");
            WixAssert.CompareLineByLine(new[]
            {
-                "CustomAction:Wix4ExecFirewallExceptionsInstall_X86\t3073\tWix4FWCA_X86\tExecFirewallExceptions\t",
+                "CustomAction:Wix5ExecFirewallExceptionsInstall_X86\t3073\tWix5FWCA_X86\tExecFirewallExceptions\t",
-                "CustomAction:Wix4ExecFirewallExceptionsUninstall_X86\t3073\tWix4FWCA_X86\tExecFirewallExceptions\t",
+                "CustomAction:Wix5ExecFirewallExceptionsUninstall_X86\t3073\tWix5FWCA_X86\tExecFirewallExceptions\t",
-                "CustomAction:Wix4RollbackFirewallExceptionsInstall_X86\t3329\tWix4FWCA_X86\tExecFirewallExceptions\t",
+                "CustomAction:Wix5RollbackFirewallExceptionsInstall_X86\t3329\tWix5FWCA_X86\tExecFirewallExceptions\t",
-                "CustomAction:Wix4RollbackFirewallExceptionsUninstall_X86\t3329\tWix4FWCA_X86\tExecFirewallExceptions\t",
+                "CustomAction:Wix5RollbackFirewallExceptionsUninstall_X86\t3329\tWix5FWCA_X86\tExecFirewallExceptions\t",
-                "CustomAction:Wix4SchedFirewallExceptionsInstall_X86\t1\tWix4FWCA_X86\tSchedFirewallExceptionsInstall\t",
+                "CustomAction:Wix5SchedFirewallExceptionsInstall_X86\t1\tWix5FWCA_X86\tSchedFirewallExceptionsInstall\t",
-                "CustomAction:Wix4SchedFirewallExceptionsUninstall_X86\t1\tWix4FWCA_X86\tSchedFirewallExceptionsUninstall\t",
+                "CustomAction:Wix5SchedFirewallExceptionsUninstall_X86\t1\tWix5FWCA_X86\tSchedFirewallExceptionsUninstall\t",
-                "Wix4FirewallException:ExampleFirewall\tExampleApp\t*\t42\t6\t[#filNdJBJmq3UCUIwmXS8x21aAsvqzk]\t0\t2147483647\tfilNdJBJmq3UCUIwmXS8x21aAsvqzk\tAn app-based firewall exception\t1",
+                "Wix5FirewallException:ExampleFirewall\tExampleApp\t*\t42\t6\t[#filNdJBJmq3UCUIwmXS8x21aAsvqzk]\t0\t2147483647\tfilNdJBJmq3UCUIwmXS8x21aAsvqzk\tAn app-based firewall exception\t1",
-                "Wix4FirewallException:fex70IVsYNnbwiHQrEepmdTPKH8XYs\tExamplePort\tLocalSubnet\t42\t6\t\t0\t2147483647\tfilNdJBJmq3UCUIwmXS8x21aAsvqzk\tA port-based firewall exception\t2",
+                "Wix5FirewallException:fex_ZpDsnKyHlYiA24JHzvFxm3uLZ8\tExampleDefaultGatewayScope\tDefaultGateway\t4432\t6\t\t0\t2\tfilNdJBJmq3UCUIwmXS8x21aAsvqzk\tdefaultGateway scope firewall exception\t1",
+                "Wix5FirewallException:fex6bkfWwpiRGI.wVFx0T7W4LXIHxU\tExampleDHCPScope\tdhcp\t\t211\ttest.exe\t0\t4\tfilNdJBJmq3UCUIwmXS8x21aAsvqzk\tDHCP scope firewall exception\t1",
+                "Wix5FirewallException:fex70IVsYNnbwiHQrEepmdTPKH8XYs\tExamplePort\tLocalSubnet\t42\t6\t\t0\t2147483647\tfilNdJBJmq3UCUIwmXS8x21aAsvqzk\tA port-based firewall exception\t2",
+                "Wix5FirewallException:fexXxaXCXXFh.UxO_BjmZxi1B1du_Q\tExampleWINSScope\twins\t6573\t6\t\t0\t1\tfilNdJBJmq3UCUIwmXS8x21aAsvqzk\tWINS scope firewall exception\t1",
+                "Wix5FirewallException:fexxY71H2ZBkPalv7uid1Yy4qaA_lA\tExampleDNSScope\tdns\t356\t17\t\t0\t2147483647\tfilNdJBJmq3UCUIwmXS8x21aAsvqzk\tDNS scope firewall exception\t1",
            }, results);
        }
@@ -38,17 +42,21 @@ namespace WixToolsetTest.Firewall
            var folder = TestData.Get(@"TestData\UsingFirewall");
            var build = new Builder(folder, typeof(FirewallExtensionFactory), new[] { folder });
-            var results = build.BuildAndQuery(BuildARM64, "Wix4FirewallException", "CustomAction");
+            var results = build.BuildAndQuery(BuildARM64, "Wix5FirewallException", "CustomAction");
            WixAssert.CompareLineByLine(new[]
            {
-                "CustomAction:Wix4ExecFirewallExceptionsInstall_A64\t3073\tWix4FWCA_A64\tExecFirewallExceptions\t",
+                "CustomAction:Wix5ExecFirewallExceptionsInstall_A64\t3073\tWix5FWCA_A64\tExecFirewallExceptions\t",
-                "CustomAction:Wix4ExecFirewallExceptionsUninstall_A64\t3073\tWix4FWCA_A64\tExecFirewallExceptions\t",
+                "CustomAction:Wix5ExecFirewallExceptionsUninstall_A64\t3073\tWix5FWCA_A64\tExecFirewallExceptions\t",
-                "CustomAction:Wix4RollbackFirewallExceptionsInstall_A64\t3329\tWix4FWCA_A64\tExecFirewallExceptions\t",
+                "CustomAction:Wix5RollbackFirewallExceptionsInstall_A64\t3329\tWix5FWCA_A64\tExecFirewallExceptions\t",
-                "CustomAction:Wix4RollbackFirewallExceptionsUninstall_A64\t3329\tWix4FWCA_A64\tExecFirewallExceptions\t",
+                "CustomAction:Wix5RollbackFirewallExceptionsUninstall_A64\t3329\tWix5FWCA_A64\tExecFirewallExceptions\t",
-                "CustomAction:Wix4SchedFirewallExceptionsInstall_A64\t1\tWix4FWCA_A64\tSchedFirewallExceptionsInstall\t",
+                "CustomAction:Wix5SchedFirewallExceptionsInstall_A64\t1\tWix5FWCA_A64\tSchedFirewallExceptionsInstall\t",
-                "CustomAction:Wix4SchedFirewallExceptionsUninstall_A64\t1\tWix4FWCA_A64\tSchedFirewallExceptionsUninstall\t",
+                "CustomAction:Wix5SchedFirewallExceptionsUninstall_A64\t1\tWix5FWCA_A64\tSchedFirewallExceptionsUninstall\t",
-                "Wix4FirewallException:ExampleFirewall\tExampleApp\t*\t42\t6\t[#filNdJBJmq3UCUIwmXS8x21aAsvqzk]\t0\t2147483647\tfilNdJBJmq3UCUIwmXS8x21aAsvqzk\tAn app-based firewall exception\t1",
+                "Wix5FirewallException:ExampleFirewall\tExampleApp\t*\t42\t6\t[#filNdJBJmq3UCUIwmXS8x21aAsvqzk]\t0\t2147483647\tfilNdJBJmq3UCUIwmXS8x21aAsvqzk\tAn app-based firewall exception\t1",
-                "Wix4FirewallException:fex70IVsYNnbwiHQrEepmdTPKH8XYs\tExamplePort\tLocalSubnet\t42\t6\t\t0\t2147483647\tfilNdJBJmq3UCUIwmXS8x21aAsvqzk\tA port-based firewall exception\t2",
+                "Wix5FirewallException:fex_ZpDsnKyHlYiA24JHzvFxm3uLZ8\tExampleDefaultGatewayScope\tDefaultGateway\t4432\t6\t\t0\t2\tfilNdJBJmq3UCUIwmXS8x21aAsvqzk\tdefaultGateway scope firewall exception\t1",
+                "Wix5FirewallException:fex6bkfWwpiRGI.wVFx0T7W4LXIHxU\tExampleDHCPScope\tdhcp\t\t211\ttest.exe\t0\t4\tfilNdJBJmq3UCUIwmXS8x21aAsvqzk\tDHCP scope firewall exception\t1",
+                "Wix5FirewallException:fex70IVsYNnbwiHQrEepmdTPKH8XYs\tExamplePort\tLocalSubnet\t42\t6\t\t0\t2147483647\tfilNdJBJmq3UCUIwmXS8x21aAsvqzk\tA port-based firewall exception\t2",
+                "Wix5FirewallException:fexXxaXCXXFh.UxO_BjmZxi1B1du_Q\tExampleWINSScope\twins\t6573\t6\t\t0\t1\tfilNdJBJmq3UCUIwmXS8x21aAsvqzk\tWINS scope firewall exception\t1",
+                "Wix5FirewallException:fexxY71H2ZBkPalv7uid1Yy4qaA_lA\tExampleDNSScope\tdns\t356\t17\t\t0\t2147483647\tfilNdJBJmq3UCUIwmXS8x21aAsvqzk\tDNS scope firewall exception\t1",
            }, results);
        }
@@ -71,8 +79,17 @@ namespace WixToolsetTest.Firewall
            {
                "FirewallException",
                "FirewallException",
+                "FirewallException",
+                "FirewallException",
+                "FirewallException",
+                "FirewallException",
            }, actual.Select(a => a.Name).ToArray());
+        }
+        [Fact]
+        public void RoundtripAttributesAreCorrectForApp()
+        {
+            var actual = BuildAndDecompileAndBuild("http://wixtoolset.org/schemas/v4/wxs/firewall", "ExampleApp");
            WixAssert.CompareLineByLine(new[]
            {
                "Id=ExampleFirewall",
@@ -85,8 +102,13 @@ namespace WixToolsetTest.Firewall
                "Description=An app-based firewall exception",
                "Outbound=no",
                "xmlns=http://wixtoolset.org/schemas/v4/wxs/firewall",
-            }, actual[0].Attributes);
+            }, actual.Attributes);
+        }
+        [Fact]
+        public void RoundtripAttributesAreCorrectForPort()
+        {
+            var actual = BuildAndDecompileAndBuild("http://wixtoolset.org/schemas/v4/wxs/firewall", "ExamplePort");
            WixAssert.CompareLineByLine(new[]
            {
                "Id=fex70IVsYNnbwiHQrEepmdTPKH8XYs",
@@ -98,7 +120,79 @@ namespace WixToolsetTest.Firewall
                "Description=A port-based firewall exception",
                "Outbound=yes",
                "xmlns=http://wixtoolset.org/schemas/v4/wxs/firewall",
-            }, actual[1].Attributes);
+            }, actual.Attributes);
+        }
+        [Fact]
+        public void RoundtripAttributesAreCorrectForDNSScope()
+        {
+            var actual = BuildAndDecompileAndBuild("http://wixtoolset.org/schemas/v4/wxs/firewall", "ExampleDNSScope");
+            WixAssert.CompareLineByLine(new[]
+            {
+                "Id=fexxY71H2ZBkPalv7uid1Yy4qaA_lA",
+                "Name=ExampleDNSScope",
+                "Scope=DNS",
+                "Port=356",
+                "Protocol=udp",
+                "Profile=all",
+                "Description=DNS scope firewall exception",
+                "Outbound=no",
+                "xmlns=http://wixtoolset.org/schemas/v4/wxs/firewall",
+            }, actual.Attributes);
+        }
+        [Fact]
+        public void RoundtripAttributesAreCorrectForDHCPScope()
+        {
+            var actual = BuildAndDecompileAndBuild("http://wixtoolset.org/schemas/v4/wxs/firewall", "ExampleDHCPScope");
+            WixAssert.CompareLineByLine(new[]
+            {
+                "Id=fex6bkfWwpiRGI.wVFx0T7W4LXIHxU",
+                "Name=ExampleDHCPScope",
+                "Scope=DHCP",
+                "Protocol=211",
+                "Program=test.exe",
+                "Profile=public",
+                "Description=DHCP scope firewall exception",
+                "Outbound=no",
+                "xmlns=http://wixtoolset.org/schemas/v4/wxs/firewall"
+            }, actual.Attributes);
+        }
+        [Fact]
+        public void RoundtripAttributesAreCorrectForWINSScope()
+        {
+            var actual = BuildAndDecompileAndBuild("http://wixtoolset.org/schemas/v4/wxs/firewall", "ExampleWINSScope");
+            WixAssert.CompareLineByLine(new[]
+            {
+                "Id=fexXxaXCXXFh.UxO_BjmZxi1B1du_Q",
+                "Name=ExampleWINSScope",
+                "Scope=WINS",
+                "Port=6573",
+                "Protocol=tcp",
+                "Profile=domain",
+                "Description=WINS scope firewall exception",
+                "Outbound=no",
+                "xmlns=http://wixtoolset.org/schemas/v4/wxs/firewall",
+            }, actual.Attributes);
+        }
+        [Fact]
+        public void RoundtripAttributesAreCorrectForDefaultGatewayScope()
+        {
+            var actual = BuildAndDecompileAndBuild("http://wixtoolset.org/schemas/v4/wxs/firewall", "ExampleDefaultGatewayScope");
+            WixAssert.CompareLineByLine(new[]
+            {
+                "Id=fex_ZpDsnKyHlYiA24JHzvFxm3uLZ8",
+                "Name=ExampleDefaultGatewayScope",
+                "Scope=defaultGateway",
+                "Port=4432",
+                "Protocol=tcp",
+                "Profile=private",
+                "Description=defaultGateway scope firewall exception",
+                "Outbound=no",
+                "xmlns=http://wixtoolset.org/schemas/v4/wxs/firewall",
+            }, actual.Attributes);
        }
        private static void Build(string[] args)
@@ -122,5 +216,31 @@ namespace WixToolsetTest.Firewall
            var result = WixRunner.Execute(args);
            result.AssertSuccess();
        }
+        class AttributeVerifier
+        {
+            public string Name { get; set; }
+            public string[] Attributes { get; set; }
+        }
+        private static AttributeVerifier BuildAndDecompileAndBuild(string nameSpace, string ruleName)
+        {
+            var folder = TestData.Get(@"TestData", "UsingFirewall");
+            var build = new Builder(folder, typeof(FirewallExtensionFactory), new[] { folder });
+            var output = Path.Combine(folder, $"Firewall{ruleName}.xml");
+            build.BuildAndDecompileAndBuild(Build, Decompile, output);
+            var doc = XDocument.Load(output);
+            var actual = doc.Descendants()
+                .Where(e => e.Name.Namespace == nameSpace)
+                .Select(fe => new AttributeVerifier
+                {
+                    Name = fe.Attributes().Single(a => a.Name.LocalName == "Name").Value,
+                    Attributes = fe.Attributes().Select(a => $"{a.Name.LocalName}={a.Value}").ToArray()
+                })
+                .Single(av => av.Name == ruleName);
+            return actual;
+        }
    }
 }
diff --git a/src/ext/Firewall/test/WixToolsetTest.Firewall/TestData/UsingFirewall/PackageComponents.wxs b/src/ext/Firewall/test/WixToolsetTest.Firewall/TestData/UsingFirewall/PackageComponents.wxs
index c712d895..957aa642 100644
--- a/src/ext/Firewall/test/WixToolsetTest.Firewall/TestData/UsingFirewall/PackageComponents.wxs
+++ b/src/ext/Firewall/test/WixToolsetTest.Firewall/TestData/UsingFirewall/PackageComponents.wxs
@@ -12,6 +12,10 @@
                </File>
                <fw:FirewallException Description="A port-based firewall exception" Name="ExamplePort" Port="42" Outbound="yes" Scope="localSubnet" />
+                <fw:FirewallException Description="DNS scope firewall exception" Name="ExampleDNSScope" Port="356" Protocol="udp" Scope="DNS" />
+                <fw:FirewallException Description="DHCP scope firewall exception" Name="ExampleDHCPScope" Program="test.exe" Protocol="211" Scope="DHCP" Profile="public" />
+                <fw:FirewallException Description="WINS scope firewall exception" Name="ExampleWINSScope" Port="6573" Scope="WINS" Profile="domain"/>
+                <fw:FirewallException Description="defaultGateway scope firewall exception" Name="ExampleDefaultGatewayScope" Port="4432" Scope="defaultGateway" Profile="private" />
            </Component>
        </ComponentGroup>
    </Fragment>
diff --git a/src/ext/Firewall/wixext/FirewallCompiler.cs b/src/ext/Firewall/wixext/FirewallCompiler.cs
index 19ee0b6d..ed49ba9c 100644
--- a/src/ext/Firewall/wixext/FirewallCompiler.cs
+++ b/src/ext/Firewall/wixext/FirewallCompiler.cs
@@ -135,7 +135,12 @@ namespace WixToolset.Firewall
                                    protocol = FirewallConstants.NET_FW_IP_PROTOCOL_UDP;
                                    break;
                                default:
-                                    this.Messaging.Write(ErrorMessages.IllegalAttributeValue(sourceLineNumbers, element.Name.LocalName, "Protocol", protocolValue, "tcp", "udp"));
+                                    int parsedProtocol;
+                                    if (!Int32.TryParse(protocolValue, out parsedProtocol) || parsedProtocol > 255 || parsedProtocol < 0)
+                                    {
+                                        this.Messaging.Write(ErrorMessages.IllegalAttributeValue(sourceLineNumbers, element.Name.LocalName, "Protocol", protocolValue, "tcp", "udp", "0-255"));
+                                    }
+                                    protocol = parsedProtocol;
                                    break;
                            }
                            break;
@@ -149,8 +154,20 @@ namespace WixToolset.Firewall
                                case "localSubnet":
                                    remoteAddresses = "LocalSubnet";
                                    break;
+                                case "DNS":
+                                    remoteAddresses = "dns";
+                                    break;
+                                case "DHCP":
+                                    remoteAddresses = "dhcp";
+                                    break;
+                                case "WINS":
+                                    remoteAddresses = "wins";
+                                    break;
+                                case "defaultGateway":
+                                    remoteAddresses = "DefaultGateway";
+                                    break;
                                default:
-                                    this.Messaging.Write(ErrorMessages.IllegalAttributeValue(sourceLineNumbers, element.Name.LocalName, "Scope", scope, "any", "localSubnet"));
+                                    this.Messaging.Write(ErrorMessages.IllegalAttributeValue(sourceLineNumbers, element.Name.LocalName, "Scope", scope, "any", "localSubnet", "DNS", "DHCP", "WINS", "defaultGateway"));
                                    break;
                            }
                            break;
@@ -251,6 +268,21 @@ namespace WixToolset.Firewall
                this.Messaging.Write(FirewallErrors.NoExceptionSpecified(sourceLineNumbers));
            }
+            // Ports can only be specified if the protocol is TCP or UDP.
+            if (!String.IsNullOrEmpty(port) && protocol.HasValue)
+            {
+                switch(protocol.Value)
+                {
+                    case FirewallConstants.NET_FW_IP_PROTOCOL_TCP:
+                    case FirewallConstants.NET_FW_IP_PROTOCOL_UDP:
+                        break;
+                    default:
+                        this.Messaging.Write(ErrorMessages.IllegalAttributeWithOtherAttribute(sourceLineNumbers, element.Name.LocalName, "Port", "Protocol", protocol.Value.ToString()));
+                        break;
+                }
+            }
            if (!this.Messaging.EncounteredError)
            {
                // at this point, File attribute and File parent element are treated the same
@@ -300,8 +332,8 @@ namespace WixToolset.Firewall
                    symbol.Attributes = attributes;
                }
-                this.ParseHelper.CreateCustomActionReference(sourceLineNumbers, section, "Wix4SchedFirewallExceptionsInstall", this.Context.Platform, CustomActionPlatforms.ARM64 | CustomActionPlatforms.X64 | CustomActionPlatforms.X86);
+                this.ParseHelper.CreateCustomActionReference(sourceLineNumbers, section, "Wix5SchedFirewallExceptionsInstall", this.Context.Platform, CustomActionPlatforms.ARM64 | CustomActionPlatforms.X64 | CustomActionPlatforms.X86);
-                this.ParseHelper.CreateCustomActionReference(sourceLineNumbers, section, "Wix4SchedFirewallExceptionsUninstall", this.Context.Platform, CustomActionPlatforms.ARM64 | CustomActionPlatforms.X64 | CustomActionPlatforms.X86);
+                this.ParseHelper.CreateCustomActionReference(sourceLineNumbers, section, "Wix5SchedFirewallExceptionsUninstall", this.Context.Platform, CustomActionPlatforms.ARM64 | CustomActionPlatforms.X64 | CustomActionPlatforms.X86);
            }
        }
diff --git a/src/ext/Firewall/wixext/FirewallDecompiler.cs b/src/ext/Firewall/wixext/FirewallDecompiler.cs
index 69f2c3f4..9ddd8a9a 100644
--- a/src/ext/Firewall/wixext/FirewallDecompiler.cs
+++ b/src/ext/Firewall/wixext/FirewallDecompiler.cs
@@ -32,7 +32,7 @@ namespace WixToolset.Firewall
        {
            switch (table.Name)
            {
-                case "Wix4FirewallException":
+                case "Wix5FirewallException":
                    this.DecompileWixFirewallExceptionTable(table);
                    break;
                default:
@@ -69,18 +69,29 @@ namespace WixToolset.Firewall
                    string[] addresses = ((string)row[2]).Split(',');
                    if (addresses.Length == 1)
                    {
-                        // special-case the Scope attribute values
+                        switch(addresses[0])
-                        if (addresses[0] == "*")
                        {
-                            firewallException.Add(new XAttribute("Scope", "any"));
+                            case "*":
-                        }
+                                firewallException.Add(new XAttribute("Scope", "any"));
-                        else if (addresses[0] == "LocalSubnet")
+                                break;
-                        {
+                            case "LocalSubnet":
-                            firewallException.Add(new XAttribute("Scope", "localSubnet"));
+                                firewallException.Add(new XAttribute("Scope", "localSubnet"));
-                        }
+                                break;
-                        else
+                            case "dns":
-                        {
+                                firewallException.Add(new XAttribute("Scope", "DNS"));
-                            FirewallDecompiler.AddRemoteAddress(firewallException, addresses[0]);
+                                break;
+                            case "dhcp":
+                                firewallException.Add(new XAttribute("Scope", "DHCP"));
+                                break;
+                            case "wins":
+                                firewallException.Add(new XAttribute("Scope", "WINS"));
+                                break;
+                            case "DefaultGateway":
+                                firewallException.Add(new XAttribute("Scope", "defaultGateway"));
+                                break;
+                            default:
+                                FirewallDecompiler.AddRemoteAddress(firewallException, addresses[0]);
+                                break;
                        }
                    }
                    else
@@ -107,6 +118,9 @@ namespace WixToolset.Firewall
                        case FirewallConstants.NET_FW_IP_PROTOCOL_UDP:
                            firewallException.Add(new XAttribute("Protocol", "udp"));
                            break;
+                        default:
+                            firewallException.Add(new XAttribute("Protocol", row[4]));
+                            break;
                    }
                }
@@ -183,7 +197,7 @@ namespace WixToolset.Firewall
        /// <param name="tables">Collection of all tables.</param>
        private void FinalizeFirewallExceptionTable(TableIndexedCollection tables)
        {
-            if (tables.TryGetTable("Wix4FirewallException", out var firewallExceptionTable))
+            if (tables.TryGetTable("Wix5FirewallException", out var firewallExceptionTable))
            {
                foreach (var row in firewallExceptionTable.Rows)
                {
diff --git a/src/ext/Firewall/wixext/FirewallTableDefinitions.cs b/src/ext/Firewall/wixext/FirewallTableDefinitions.cs
index 04918f5f..26dedbf1 100644
--- a/src/ext/Firewall/wixext/FirewallTableDefinitions.cs
+++ b/src/ext/Firewall/wixext/FirewallTableDefinitions.cs
@@ -7,15 +7,15 @@ namespace WixToolset.Firewall
    public static class FirewallTableDefinitions
    {
        public static readonly TableDefinition WixFirewallException = new TableDefinition(
-            "Wix4FirewallException",
+            "Wix5FirewallException",
            FirewallSymbolDefinitions.WixFirewallException,
            new[]
            {
-                new ColumnDefinition("Wix4FirewallException", ColumnType.String, 72, primaryKey: true, nullable: false, ColumnCategory.Identifier, description: "The primary key, a non-localized token.", modularizeType: ColumnModularizeType.Column),
+                new ColumnDefinition("Wix5FirewallException", ColumnType.String, 72, primaryKey: true, nullable: false, ColumnCategory.Identifier, description: "The primary key, a non-localized token.", modularizeType: ColumnModularizeType.Column),
                new ColumnDefinition("Name", ColumnType.Localized, 255, primaryKey: false, nullable: true, ColumnCategory.Formatted, description: "Localizable display name.", modularizeType: ColumnModularizeType.Property),
                new ColumnDefinition("RemoteAddresses", ColumnType.String, 0, primaryKey: false, nullable: false, ColumnCategory.Formatted, description: "Remote address to accept incoming connections from.", modularizeType: ColumnModularizeType.Property),
                new ColumnDefinition("Port", ColumnType.String, 0, primaryKey: false, nullable: true, ColumnCategory.Formatted, minValue: 1, description: "Port number.", modularizeType: ColumnModularizeType.Property),
-                new ColumnDefinition("Protocol", ColumnType.Number, 1, primaryKey: false, nullable: true, ColumnCategory.Integer, minValue: 6, maxValue: 17, description: "Protocol (6=TCP; 17=UDP)."),
+                new ColumnDefinition("Protocol", ColumnType.Number, 1, primaryKey: false, nullable: true, ColumnCategory.Integer, minValue: 0, maxValue: 255, description: "Protocol (6=TCP; 17=UDP). https://www.iana.org/assignments/protocol-numbers"),
                new ColumnDefinition("Program", ColumnType.String, 255, primaryKey: false, nullable: true, ColumnCategory.Formatted, description: "Exception for a program (formatted path name).", modularizeType: ColumnModularizeType.Property),
                new ColumnDefinition("Attributes", ColumnType.Number, 4, primaryKey: false, nullable: true, ColumnCategory.Unknown, description: "Vital=1"),
                new ColumnDefinition("Profile", ColumnType.Number, 4, primaryKey: false, nullable: false, ColumnCategory.Integer, minValue: 1, maxValue: 2147483647, description: "Profile (1=domain; 2=private; 4=public; 2147483647=all)."),
diff --git a/src/ext/Firewall/wixlib/FirewallExtension_Platform.wxi b/src/ext/Firewall/wixlib/FirewallExtension_Platform.wxi
index ae02bcd0..736a54b0 100644
--- a/src/ext/Firewall/wixlib/FirewallExtension_Platform.wxi
+++ b/src/ext/Firewall/wixlib/FirewallExtension_Platform.wxi
@@ -6,32 +6,32 @@
    <Fragment>
        <UIRef Id="WixFirewallErrors" />
        <UI>
-            <ProgressText Action="$(var.Prefix)SchedFirewallExceptionsInstall$(var.Suffix)" Message="!(loc.WixSchedFirewallExceptionsInstall)" />
+            <ProgressText Action="$(var.Prefix5)SchedFirewallExceptionsInstall$(var.Suffix)" Message="!(loc.WixSchedFirewallExceptionsInstall)" />
-            <ProgressText Action="$(var.Prefix)SchedFirewallExceptionsUninstall$(var.Suffix)" Message="!(loc.WixSchedFirewallExceptionsUninstall)" />
+            <ProgressText Action="$(var.Prefix5)SchedFirewallExceptionsUninstall$(var.Suffix)" Message="!(loc.WixSchedFirewallExceptionsUninstall)" />
-            <ProgressText Action="$(var.Prefix)RollbackFirewallExceptionsInstall$(var.Suffix)" Message="!(loc.WixRollbackFirewallExceptionsInstall)" />
+            <ProgressText Action="$(var.Prefix5)RollbackFirewallExceptionsInstall$(var.Suffix)" Message="!(loc.WixRollbackFirewallExceptionsInstall)" />
-            <ProgressText Action="$(var.Prefix)ExecFirewallExceptionsInstall$(var.Suffix)" Message="!(loc.WixExecFirewallExceptionsInstall)" />
+            <ProgressText Action="$(var.Prefix5)ExecFirewallExceptionsInstall$(var.Suffix)" Message="!(loc.WixExecFirewallExceptionsInstall)" />
-            <ProgressText Action="$(var.Prefix)RollbackFirewallExceptionsUninstall$(var.Suffix)" Message="!(loc.WixRollbackFirewallExceptionsUninstall)" />
+            <ProgressText Action="$(var.Prefix5)RollbackFirewallExceptionsUninstall$(var.Suffix)" Message="!(loc.WixRollbackFirewallExceptionsUninstall)" />
-            <ProgressText Action="$(var.Prefix)ExecFirewallExceptionsUninstall$(var.Suffix)" Message="!(loc.WixExecFirewallExceptionsUninstall)" />
+            <ProgressText Action="$(var.Prefix5)ExecFirewallExceptionsUninstall$(var.Suffix)" Message="!(loc.WixExecFirewallExceptionsUninstall)" />
        </UI>
-        <CustomAction Id="$(var.Prefix)SchedFirewallExceptionsInstall$(var.Suffix)" DllEntry="SchedFirewallExceptionsInstall" Execute="immediate" Return="check" SuppressModularization="yes" BinaryRef="$(var.Prefix)FWCA$(var.Suffix)" />
+        <CustomAction Id="$(var.Prefix5)SchedFirewallExceptionsInstall$(var.Suffix)" DllEntry="SchedFirewallExceptionsInstall" Execute="immediate" Return="check" SuppressModularization="yes" BinaryRef="$(var.Prefix5)FWCA$(var.Suffix)" />
-        <CustomAction Id="$(var.Prefix)SchedFirewallExceptionsUninstall$(var.Suffix)" DllEntry="SchedFirewallExceptionsUninstall" Execute="immediate" Return="check" SuppressModularization="yes" BinaryRef="$(var.Prefix)FWCA$(var.Suffix)" />
+        <CustomAction Id="$(var.Prefix5)SchedFirewallExceptionsUninstall$(var.Suffix)" DllEntry="SchedFirewallExceptionsUninstall" Execute="immediate" Return="check" SuppressModularization="yes" BinaryRef="$(var.Prefix5)FWCA$(var.Suffix)" />
-        <CustomAction Id="$(var.Prefix)RollbackFirewallExceptionsInstall$(var.Suffix)" DllEntry="ExecFirewallExceptions" Execute="rollback" Impersonate="no" Return="check" SuppressModularization="yes" BinaryRef="$(var.Prefix)FWCA$(var.Suffix)" />
+        <CustomAction Id="$(var.Prefix5)RollbackFirewallExceptionsInstall$(var.Suffix)" DllEntry="ExecFirewallExceptions" Execute="rollback" Impersonate="no" Return="check" SuppressModularization="yes" BinaryRef="$(var.Prefix5)FWCA$(var.Suffix)" />
-        <CustomAction Id="$(var.Prefix)ExecFirewallExceptionsInstall$(var.Suffix)" DllEntry="ExecFirewallExceptions" Execute="deferred" Impersonate="no" Return="check" SuppressModularization="yes" BinaryRef="$(var.Prefix)FWCA$(var.Suffix)" />
+        <CustomAction Id="$(var.Prefix5)ExecFirewallExceptionsInstall$(var.Suffix)" DllEntry="ExecFirewallExceptions" Execute="deferred" Impersonate="no" Return="check" SuppressModularization="yes" BinaryRef="$(var.Prefix5)FWCA$(var.Suffix)" />
-        <CustomAction Id="$(var.Prefix)RollbackFirewallExceptionsUninstall$(var.Suffix)" DllEntry="ExecFirewallExceptions" Execute="rollback" Impersonate="no" Return="check" SuppressModularization="yes" BinaryRef="$(var.Prefix)FWCA$(var.Suffix)" />
+        <CustomAction Id="$(var.Prefix5)RollbackFirewallExceptionsUninstall$(var.Suffix)" DllEntry="ExecFirewallExceptions" Execute="rollback" Impersonate="no" Return="check" SuppressModularization="yes" BinaryRef="$(var.Prefix5)FWCA$(var.Suffix)" />
-        <CustomAction Id="$(var.Prefix)ExecFirewallExceptionsUninstall$(var.Suffix)" DllEntry="ExecFirewallExceptions" Execute="deferred" Impersonate="no" Return="check" SuppressModularization="yes" BinaryRef="$(var.Prefix)FWCA$(var.Suffix)" />
+        <CustomAction Id="$(var.Prefix5)ExecFirewallExceptionsUninstall$(var.Suffix)" DllEntry="ExecFirewallExceptions" Execute="deferred" Impersonate="no" Return="check" SuppressModularization="yes" BinaryRef="$(var.Prefix5)FWCA$(var.Suffix)" />
        <!--
-            We need the firewall on Windows XP SP2 or later.
+            We need the firewall on Windows Vista or later.
        -->
        <InstallExecuteSequence>
-            <Custom Action="$(var.Prefix)SchedFirewallExceptionsUninstall$(var.Suffix)" Before="RemoveFiles" Overridable="yes" Condition="VersionNT &gt;= 600 OR (VersionNT &gt;= 501 AND ((MsiNTProductType = 1 AND ServicePackLevel &gt;= 2) OR (MsiNTProductType &gt; 1 AND ServicePackLevel &gt;= 1)))" />
+            <Custom Action="$(var.Prefix5)SchedFirewallExceptionsUninstall$(var.Suffix)" Before="RemoveFiles" Overridable="yes" Condition="VersionNT &gt;= 600" />
-            <Custom Action="$(var.Prefix)SchedFirewallExceptionsInstall$(var.Suffix)" After="InstallFiles" Overridable="yes" Condition="VersionNT &gt;= 600 OR (VersionNT &gt;= 501 AND ((MsiNTProductType = 1 AND ServicePackLevel &gt;= 2) OR (MsiNTProductType &gt; 1 AND ServicePackLevel &gt;= 1)))" />
+            <Custom Action="$(var.Prefix5)SchedFirewallExceptionsInstall$(var.Suffix)" After="InstallFiles" Overridable="yes" Condition="VersionNT &gt;= 600" />
        </InstallExecuteSequence>
    </Fragment>
    <!-- Firewall Custom Action DLL Definitions -->
    <Fragment>
-        <Binary Id="$(var.Prefix)FWCA$(var.Suffix)" SourceFile="!(bindpath.$(var.platform))fwca.dll" />
+        <Binary Id="$(var.Prefix5)FWCA$(var.Suffix)" SourceFile="!(bindpath.$(var.platform))fwca.dll" />
    </Fragment>
 </Include>
author	chris_bednarski <Chris.Bednarski@minfos.com.au>	2023-08-26 18:51:38 +1000
committer	Bob Arnson <github@bobs.org>	2023-11-19 12:17:13 -0500
commit	80e604761b4f43b9b79a4878fcae360b071a7c35 (patch)
tree	9ca40a1d60a2ef1a5a1a426382356ae8b7cf9868 /src/ext/Firewall
parent	6e974490eeabc9a3728aa2fb9ad07e8a5adf4fb6 (diff)
download	wix-80e604761b4f43b9b79a4878fcae360b071a7c35.tar.gz wix-80e604761b4f43b9b79a4878fcae360b071a7c35.tar.bz2 wix-80e604761b4f43b9b79a4878fcae360b071a7c35.zip