aboutsummaryrefslogtreecommitdiff
path: root/src/xsd/firewall.xsd
diff options
context:
space:
mode:
Diffstat (limited to 'src/xsd/firewall.xsd')
-rw-r--r--src/xsd/firewall.xsd578
1 files changed, 578 insertions, 0 deletions
diff --git a/src/xsd/firewall.xsd b/src/xsd/firewall.xsd
new file mode 100644
index 00000000..fcac0c96
--- /dev/null
+++ b/src/xsd/firewall.xsd
@@ -0,0 +1,578 @@
1<?xml version="1.0" encoding="utf-8"?>
2<!-- Copyright (c) .NET Foundation and contributors. All rights reserved. Licensed under the Microsoft Reciprocal License. See LICENSE.TXT file in the project root for full license information. -->
3
4
5<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"
6 xmlns:xse="http://wixtoolset.org/schemas/XmlSchemaExtension"
7 xmlns:html="http://www.w3.org/1999/xhtml"
8 xmlns:wxs="http://wixtoolset.org/schemas/v4/wxs"
9 targetNamespace="http://wixtoolset.org/schemas/v4/wxs/firewall"
10 xmlns="http://wixtoolset.org/schemas/v4/wxs/firewall">
11 <xs:annotation>
12 <xs:documentation>
13 The source code schema for the WiX Toolset Firewall Extension.
14 </xs:documentation>
15 </xs:annotation>
16
17 <xs:import namespace="http://wixtoolset.org/schemas/v4/wxs" />
18
19 <xs:element name="FirewallException">
20 <xs:annotation>
21 <xs:documentation>
22 Registers an exception for a program or a specific port and protocol in the Windows Firewall.
23 For more information about the Windows Firewall, see [Windows Firewall with Advanced Security](https://learn.microsoft.com/en-us/previous-versions/windows/desktop/ics/windows-firewall-advanced-security-start-page).
24 </xs:documentation>
25 <xs:appinfo>
26 <xse:parent namespace="http://wixtoolset.org/schemas/v4/wxs" ref="Component" />
27 <xse:parent namespace="http://wixtoolset.org/schemas/v4/wxs" ref="File" />
28 </xs:appinfo>
29 </xs:annotation>
30
31 <xs:complexType>
32 <xs:choice minOccurs="0" maxOccurs="unbounded">
33 <xs:annotation>
34 <xs:documentation>
35 Explicitly-listed remote addresses that this exception allows through the
36 firewall.
37 </xs:documentation>
38 </xs:annotation>
39 <xs:element ref="LocalAddress" />
40 <xs:element ref="Interface" />
41 <xs:element ref="InterfaceType" />
42 <xs:element ref="RemoteAddress" />
43 <xs:any namespace="##other" processContents="lax">
44 <xs:annotation>
45 <xs:documentation>
46 Extensibility point in the WiX XML Schema. Schema extensions can register additional
47 elements at this point in the schema.
48 </xs:documentation>
49 </xs:annotation>
50 </xs:any>
51 </xs:choice>
52
53 <xs:attribute name="Id" type="xs:string">
54 <xs:annotation>
55 <xs:documentation>
56 Unique ID of this firewall exception. If the Id is not specified, one will be generated.
57 </xs:documentation>
58 </xs:annotation>
59 </xs:attribute>
60
61 <xs:attribute name="Name" type="xs:string" use="required">
62 <xs:annotation>
63 <xs:documentation>
64 Name of this firewall exception, visible to the user in the firewall
65 control panel.
66 </xs:documentation>
67 </xs:annotation>
68 </xs:attribute>
69
70 <xs:attribute name="Action" type="FirewallActionTypeUnion">
71 <xs:annotation>
72 <xs:documentation>
73 The action for this firewall exception.
74 </xs:documentation>
75 </xs:annotation>
76 </xs:attribute>
77
78 <xs:attribute name="Enabled" type="FirewallYesNoPropertyType">
79 <xs:annotation>
80 <xs:documentation>
81 Indicates whether the firewall exception should be enabled.
82 </xs:documentation>
83 </xs:annotation>
84 </xs:attribute>
85
86 <xs:attribute name="Grouping" type="xs:string">
87 <xs:annotation>
88 <xs:documentation>
89 Grouping for the firewall exception.
90 </xs:documentation>
91 </xs:annotation>
92 </xs:attribute>
93
94 <xs:attribute name="IcmpTypesAndCodes" type="xs:string">
95 <xs:annotation>
96 <xs:documentation>
97 ICMP types and codes for the firewall exception.
98 </xs:documentation>
99 </xs:annotation>
100 </xs:attribute>
101
102 <xs:attribute name="Interface" type="xs:string">
103 <xs:annotation>
104 <xs:documentation>
105 Interface for the firewall exception.
106 </xs:documentation>
107 </xs:annotation>
108 </xs:attribute>
109
110 <xs:attribute name="InterfaceType" type="FirewallInterfaceTypeUnion">
111 <xs:annotation>
112 <xs:documentation>
113 Interface type for the firewall exception.
114 </xs:documentation>
115 </xs:annotation>
116 </xs:attribute>
117
118 <xs:attribute name="IPSecSecureFlags" type="FirewallIPSecSecureFlagsUnion">
119 <xs:annotation>
120 <xs:documentation>
121 IPSec secure flags for the firewall exception.
122 </xs:documentation>
123 </xs:annotation>
124 </xs:attribute>
125
126 <xs:attribute name="LocalAppPackageId" type="xs:string">
127 <xs:annotation>
128 <xs:documentation>
129 Local AppPackageId for the firewall exception.
130 </xs:documentation>
131 </xs:annotation>
132 </xs:attribute>
133
134 <xs:attribute name="LocalUserAuthorizedList" type="xs:string">
135 <xs:annotation>
136 <xs:documentation>
137 Local user authorized list for the firewall exception.
138 </xs:documentation>
139 </xs:annotation>
140 </xs:attribute>
141
142 <xs:attribute name="LocalUserOwner" type="xs:string">
143 <xs:annotation>
144 <xs:documentation>
145 Local user owner for the firewall exception.
146 </xs:documentation>
147 </xs:annotation>
148 </xs:attribute>
149
150 <xs:attribute name="LocalScope" type="FirewallLocalScopeTypeUnion">
151 <xs:annotation>
152 <xs:documentation>
153 Local scope for the firewall exception.
154 </xs:documentation>
155 </xs:annotation>
156 </xs:attribute>
157
158 <xs:attribute name="Scope" type="FirewallScopeTypeUnion">
159 <xs:annotation>
160 <xs:documentation>
161 The scope of this firewall exception, which indicates whether incoming
162 connections can come from any computer including those on the Internet
163 or only those on the local network subnet. To more precisely specify
164 allowed remote address, specify a custom scope using RemoteAddress
165 child elements.
166 </xs:documentation>
167 </xs:annotation>
168 </xs:attribute>
169
170 <xs:attribute name="Port" type="xs:string">
171 <xs:annotation>
172 <xs:documentation>
173 Port to allow through the firewall for this exception. By default,
174 any program is allowed access through the port unless a File or
175 Program attribute is specified.
176 </xs:documentation>
177 </xs:annotation>
178 </xs:attribute>
179
180 <xs:attribute name="Protocol" type="FirewallProtocolTypeUnion">
181 <xs:annotation>
182 <xs:documentation>
183 IP protocol used for this firewall exception. If Port is defined,
184 "tcp" is assumed if the protocol is not specified.
185 </xs:documentation>
186 </xs:annotation>
187 </xs:attribute>
188
189 <xs:attribute name="File" type="xs:string">
190 <xs:annotation>
191 <xs:documentation>
192 Identifier of a File to be granted access through the firewall. By default,
193 all incoming ports and protocols are allowed unless the Port and.or Protocol
194 attributes are specified.
195
196 If you use File, you cannot also use Program.
197 </xs:documentation>
198 </xs:annotation>
199 </xs:attribute>
200
201 <xs:attribute name="Program" type="xs:string">
202 <xs:annotation>
203 <xs:documentation>
204 Path to a target program to be granted access through the firewall. By default,
205 all incoming ports and protocols are allowed unless the Port and.or Protocol
206 attributes are specified.
207
208 Note that this is a formatted field, so you can use [#fileId]
209 syntax to refer to a file being installed. If you use Program, you cannot
210 also use File.
211 </xs:documentation>
212 </xs:annotation>
213 </xs:attribute>
214
215 <xs:attribute name="IgnoreFailure" type="wxs:YesNoTypeUnion">
216 <xs:annotation>
217 <xs:documentation>
218 If "yes", failures to register this firewall exception will be silently
219 ignored. If "no" (the default), failures will cause rollback.
220 </xs:documentation>
221 </xs:annotation>
222 </xs:attribute>
223
224 <xs:attribute name="Profile" type="FirewallProfileTypeUnion">
225 <xs:annotation>
226 <xs:documentation>
227 Profile type for this firewall exception. Default is "all".
228 </xs:documentation>
229 </xs:annotation>
230 </xs:attribute>
231
232 <xs:attribute name="Description" type="xs:string">
233 <xs:annotation>
234 <xs:documentation>
235 Description for this firewall rule displayed in Windows Firewall manager.
236 </xs:documentation>
237 </xs:annotation>
238 </xs:attribute>
239
240 <xs:attribute name="EdgeTraversal" type="FirewallEdgeTraversalTypeUnion">
241 <xs:annotation>
242 <xs:documentation>
243 Sets the edge traversal of the firewall exception.
244 </xs:documentation>
245 </xs:annotation>
246 </xs:attribute>
247
248 <xs:attribute name="OnUpdate" type="FirewallOnUpdateTypeUnion">
249 <xs:annotation>
250 <xs:documentation>
251 Installation instruction when updating the firewall exception.
252 </xs:documentation>
253 </xs:annotation>
254 </xs:attribute>
255
256 <xs:attribute name="Outbound" type="wxs:YesNoTypeUnion">
257 <xs:annotation>
258 <xs:documentation>
259 If "yes", registers an outbound firewall rule. The default is "no".
260 </xs:documentation>
261 </xs:annotation>
262 </xs:attribute>
263
264 <xs:attribute name="RemoteMachineAuthorizedList" type="xs:string">
265 <xs:annotation>
266 <xs:documentation>
267 Remote machine authorized list for the firewall exception.
268 </xs:documentation>
269 </xs:annotation>
270 </xs:attribute>
271
272 <xs:attribute name="RemoteUserAuthorizedList" type="xs:string">
273 <xs:annotation>
274 <xs:documentation>
275 Remote user authorized list for the firewall exception.
276 </xs:documentation>
277 </xs:annotation>
278 </xs:attribute>
279
280 <xs:attribute name="RemotePort" type="xs:string">
281 <xs:annotation>
282 <xs:documentation>
283 Remote port for the firewall exception.
284 </xs:documentation>
285 </xs:annotation>
286 </xs:attribute>
287
288 <xs:attribute name="Service" type="xs:string">
289 <xs:annotation>
290 <xs:documentation>
291 Service for the firewall exception. Cannot be specified when the firewall exception is a child of a service element.
292 </xs:documentation>
293 </xs:annotation>
294 </xs:attribute>
295
296 <xs:anyAttribute namespace="##other" processContents="lax">
297 <xs:annotation>
298 <xs:documentation>
299 Extensibility point in the WiX XML Schema. Schema extensions can register additional
300 attributes at this point in the schema.
301 </xs:documentation>
302 </xs:annotation>
303 </xs:anyAttribute>
304 </xs:complexType>
305 </xs:element>
306
307 <xs:element name="LocalAddress">
308 <xs:annotation>
309 <xs:documentation>
310 [WiX v5] Registers a local address to the firewall rule.
311 </xs:documentation>
312 </xs:annotation>
313
314 <xs:complexType>
315 <xs:choice minOccurs="0" maxOccurs="unbounded">
316 <xs:any namespace="##other" processContents="lax">
317 <xs:annotation>
318 <xs:documentation>
319 Extensibility point in the WiX XML Schema. Schema extensions can register additional
320 elements at this point in the schema.
321 </xs:documentation>
322 </xs:annotation>
323 </xs:any>
324 </xs:choice>
325 <xs:attribute name="Value" type="xs:string" use="required">
326 <xs:annotation>
327 <xs:documentation>
328 A local address to which the port or program can listen. See [LocalAddresses](https://learn.microsoft.com/en-us/windows/win32/api/netfw/nf-netfw-inetfwrule-get_localaddresses)
329 for examples.
330 </xs:documentation>
331 </xs:annotation>
332 </xs:attribute>
333 <xs:anyAttribute namespace="##other" processContents="lax">
334 <xs:annotation>
335 <xs:documentation>
336 Extensibility point in the WiX XML Schema. Schema extensions can register additional
337 attributes at this point in the schema.
338 </xs:documentation>
339 </xs:annotation>
340 </xs:anyAttribute>
341 </xs:complexType>
342 </xs:element>
343
344 <xs:element name="Interface">
345 <xs:annotation>
346 <xs:documentation>
347 [WiX v5] Registers an interface with the firewall rule.
348 </xs:documentation>
349 </xs:annotation>
350
351 <xs:complexType>
352 <xs:choice minOccurs="0" maxOccurs="unbounded">
353 <xs:any namespace="##other" processContents="lax">
354 <xs:annotation>
355 <xs:documentation>
356 Extensibility point in the WiX XML Schema. Schema extensions can register additional
357 elements at this point in the schema.
358 </xs:documentation>
359 </xs:annotation>
360 </xs:any>
361 </xs:choice>
362 <xs:attribute name="Name" type="xs:string" use="required">
363 <xs:annotation>
364 <xs:documentation>
365 A interface to which the firewall rule applices. See [Interfaces](https://learn.microsoft.com/en-us/windows/win32/api/netfw/nf-netfw-inetfwrule-get_interfaces)
366 for examples.
367 </xs:documentation>
368 </xs:annotation>
369 </xs:attribute>
370 <xs:anyAttribute namespace="##other" processContents="lax">
371 <xs:annotation>
372 <xs:documentation>
373 Extensibility point in the WiX XML Schema. Schema extensions can register additional
374 attributes at this point in the schema.
375 </xs:documentation>
376 </xs:annotation>
377 </xs:anyAttribute>
378 </xs:complexType>
379 </xs:element>
380
381 <xs:element name="InterfaceType">
382 <xs:annotation>
383 <xs:documentation>
384 [WiX v5] Registers an inteface type to the firewall rule.
385 </xs:documentation>
386 </xs:annotation>
387 <xs:complexType>
388 <xs:choice minOccurs="0" maxOccurs="unbounded">
389 <xs:any namespace="##other" processContents="lax">
390 <xs:annotation>
391 <xs:documentation>
392 Extensibility point in the WiX XML Schema. Schema extensions can register additional
393 elements at this point in the schema.
394 </xs:documentation>
395 </xs:annotation>
396 </xs:any>
397 </xs:choice>
398 <xs:attribute name="Value" type="FirewallInterfaceTypeUnion">
399 <xs:annotation>
400 <xs:documentation>
401 A interface type to which the firewall rule applices. See [Interfaces](https://learn.microsoft.com/en-us/windows/win32/api/netfw/nf-netfw-inetfwrule-get_interfaces)
402 for examples.
403 </xs:documentation>
404 </xs:annotation>
405 </xs:attribute>
406 <xs:anyAttribute namespace="##other" processContents="lax">
407 <xs:annotation>
408 <xs:documentation>
409 Extensibility point in the WiX XML Schema. Schema extensions can register additional
410 attributes at this point in the schema.
411 </xs:documentation>
412 </xs:annotation>
413 </xs:anyAttribute>
414 </xs:complexType>
415 </xs:element>
416
417 <xs:element name="RemoteAddress">
418 <xs:complexType>
419 <xs:choice minOccurs="0" maxOccurs="unbounded">
420 <xs:any namespace="##other" processContents="lax">
421 <xs:annotation>
422 <xs:documentation>
423 Extensibility point in the WiX XML Schema. Schema extensions can register additional
424 elements at this point in the schema.
425 </xs:documentation>
426 </xs:annotation>
427 </xs:any>
428 </xs:choice>
429 <xs:attribute name="Value" type="xs:string" use="required">
430 <xs:annotation>
431 <xs:documentation>
432 A remote address to which the port or program can listen. See [RemoteAddresses](https://learn.microsoft.com/en-us/windows/win32/api/netfw/nf-netfw-inetfwrule-get_remoteaddresses)
433 for examples.
434 </xs:documentation>
435 </xs:annotation>
436 </xs:attribute>
437 <xs:anyAttribute namespace="##other" processContents="lax">
438 <xs:annotation>
439 <xs:documentation>
440 Extensibility point in the WiX XML Schema. Schema extensions can register additional
441 attributes at this point in the schema.
442 </xs:documentation>
443 </xs:annotation>
444 </xs:anyAttribute>
445 </xs:complexType>
446 </xs:element>
447
448 <xs:simpleType name="PropertyReference">
449 <xs:annotation>
450 <xs:documentation>A type that represents a Property reference.</xs:documentation>
451 </xs:annotation>
452 <xs:restriction base="xs:string">
453 <xs:pattern value="\[.+\]" />
454 </xs:restriction>
455 </xs:simpleType>
456
457 <xs:simpleType name="FirewallActionTypeUnion">
458 <xs:union memberTypes="FirewallActionType PropertyReference wxs:PreprocessorVariables"/>
459 </xs:simpleType>
460 <xs:simpleType name="FirewallActionType">
461 <xs:restriction base="xs:NMTOKEN">
462 <xs:enumeration value="allow" />
463 <xs:enumeration value="block" />
464 </xs:restriction>
465 </xs:simpleType>
466
467 <xs:simpleType name="FirewallEdgeTraversalTypeUnion">
468 <xs:union memberTypes="FirewallEdgeTraversalType PropertyReference wxs:PreprocessorVariables"/>
469 </xs:simpleType>
470 <xs:simpleType name="FirewallEdgeTraversalType">
471 <xs:restriction base="xs:NMTOKEN">
472 <xs:enumeration value="allow" />
473 <xs:enumeration value="deferToApp" />
474 <xs:enumeration value="deferToUser" />
475 <xs:enumeration value="deny" />
476 </xs:restriction>
477 </xs:simpleType>
478
479 <xs:simpleType name="FirewallInterfaceTypeUnion">
480 <xs:union memberTypes="FirewallInterfaceType PropertyReference wxs:PreprocessorVariables"/>
481 </xs:simpleType>
482 <xs:simpleType name="FirewallInterfaceType">
483 <xs:restriction base="xs:NMTOKEN">
484 <xs:enumeration value="all" />
485 <xs:enumeration value="lan" />
486 <xs:enumeration value="remoteAccess" />
487 <xs:enumeration value="wireless" />
488 </xs:restriction>
489 </xs:simpleType>
490
491 <xs:simpleType name="FirewallIPSecSecureFlagsUnion">
492 <xs:union memberTypes="FirewallIPSecSecureFlags PropertyReference wxs:PreprocessorVariables"/>
493 </xs:simpleType>
494 <xs:simpleType name="FirewallIPSecSecureFlags">
495 <xs:restriction base="xs:NMTOKEN">
496 <xs:enumeration value="none" />
497 <xs:enumeration value="encrypt" />
498 <xs:enumeration value="negotiateEncryption" />
499 <xs:enumeration value="noEncapsulation" />
500 <xs:enumeration value="withIntegrity" />
501 </xs:restriction>
502 </xs:simpleType>
503
504 <xs:simpleType name="FirewallLocalScopeTypeUnion">
505 <xs:union memberTypes="FirewallLocalScopeType PropertyReference wxs:PreprocessorVariables"/>
506 </xs:simpleType>
507 <xs:simpleType name="FirewallLocalScopeType">
508 <xs:restriction base="xs:NMTOKEN">
509 <xs:enumeration value="any" />
510 <xs:enumeration value="dns" />
511 <xs:enumeration value="dhcp" />
512 <xs:enumeration value="wins" />
513 <xs:enumeration value="localSubnet" />
514 <xs:enumeration value="defaultGateway" />
515 </xs:restriction>
516 </xs:simpleType>
517
518 <xs:simpleType name="FirewallOnUpdateTypeUnion">
519 <xs:union memberTypes="FirewallOnUpdateType PropertyReference wxs:PreprocessorVariables"/>
520 </xs:simpleType>
521 <xs:simpleType name="FirewallOnUpdateType">
522 <xs:restriction base="xs:NMTOKEN">
523 <xs:enumeration value="doNothing" />
524 <xs:enumeration value="enableOnly" />
525 </xs:restriction>
526 </xs:simpleType>
527
528 <xs:simpleType name="FirewallProfileTypeUnion">
529 <xs:union memberTypes="FirewallProfileType PropertyReference wxs:PreprocessorVariables"/>
530 </xs:simpleType>
531 <xs:simpleType name="FirewallProfileType">
532 <xs:restriction base="xs:NMTOKEN">
533 <xs:enumeration value="domain" />
534 <xs:enumeration value="private" />
535 <xs:enumeration value="public" />
536 <xs:enumeration value="all" />
537 </xs:restriction>
538 </xs:simpleType>
539
540 <xs:simpleType name="FirewallProtocolTypeUnion">
541 <xs:union memberTypes="PropertyReference FirewallProtocolType FirewallProtocolNumber wxs:PreprocessorVariables"/>
542 </xs:simpleType>
543 <xs:simpleType name="FirewallProtocolType">
544 <xs:restriction base="xs:NMTOKEN">
545 <xs:enumeration value="tcp" />
546 <xs:enumeration value="udp" />
547 </xs:restriction>
548 </xs:simpleType>
549 <xs:simpleType name="FirewallProtocolNumber">
550 <xs:restriction base="xs:integer">
551 <xs:minInclusive value="0"/>
552 <xs:maxInclusive value="255"/>
553 </xs:restriction>
554 </xs:simpleType>
555
556 <xs:simpleType name="FirewallScopeTypeUnion">
557 <xs:union memberTypes="FirewallScopeType PropertyReference wxs:PreprocessorVariables"/>
558 </xs:simpleType>
559 <xs:simpleType name="FirewallScopeType">
560 <xs:restriction base="xs:NMTOKEN">
561 <xs:enumeration value="any" />
562 <xs:enumeration value="localSubnet" />
563 <xs:enumeration value="dns" />
564 <xs:enumeration value="dhcp" />
565 <xs:enumeration value="wins" />
566 <xs:enumeration value="defaultGateway" />
567 </xs:restriction>
568 </xs:simpleType>
569
570 <xs:simpleType name="FirewallYesNoPropertyType">
571 <xs:annotation>
572 <xs:documentation>
573 Allows "yes" or "true" or "no" or "false" or a Property reference.
574 </xs:documentation>
575 </xs:annotation>
576 <xs:union memberTypes="PropertyReference wxs:YesNoTypeUnion"/>
577 </xs:simpleType>
578</xs:schema>
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 01:12:00 +0000