From 80e604761b4f43b9b79a4878fcae360b071a7c35 Mon Sep 17 00:00:00 2001
From: chris_bednarski <Chris.Bednarski@minfos.com.au>
Date: Sat, 26 Aug 2023 18:51:38 +1000
Subject: change firewall extension table name to Wix5FirewallException

---
 .../ProtocolRules/ProtocolRules.wixproj            |  13 ++
 .../ProtocolRules/product.wxs                      |  23 +++
 .../ScopeRules/ScopeRules.wixproj                  |  13 ++
 .../FirewallExtensionTests/ScopeRules/product.wxs  |  33 ++++
 .../FirewallExtensionTests.cs                      | 217 +++++++++++++++++++++
 5 files changed, 299 insertions(+)
 create mode 100644 src/test/msi/TestData/FirewallExtensionTests/ProtocolRules/ProtocolRules.wixproj
 create mode 100644 src/test/msi/TestData/FirewallExtensionTests/ProtocolRules/product.wxs
 create mode 100644 src/test/msi/TestData/FirewallExtensionTests/ScopeRules/ScopeRules.wixproj
 create mode 100644 src/test/msi/TestData/FirewallExtensionTests/ScopeRules/product.wxs

(limited to 'src/test')

diff --git a/src/test/msi/TestData/FirewallExtensionTests/ProtocolRules/ProtocolRules.wixproj b/src/test/msi/TestData/FirewallExtensionTests/ProtocolRules/ProtocolRules.wixproj
new file mode 100644
index 00000000..b1770b0f
--- /dev/null
+++ b/src/test/msi/TestData/FirewallExtensionTests/ProtocolRules/ProtocolRules.wixproj
@@ -0,0 +1,13 @@
+<!-- Copyright (c) .NET Foundation and contributors. All rights reserved. Licensed under the Microsoft Reciprocal License. See LICENSE.TXT file in the project root for full license information. -->
+<Project Sdk="WixToolset.Sdk">
+  <PropertyGroup>
+    <UpgradeCode>{4D188568-1CCF-4EEE-BC27-17C3DCC83E58}</UpgradeCode>
+    <ProductComponentsRef>true</ProductComponentsRef>
+  </PropertyGroup>
+  <ItemGroup>
+    <Compile Include="..\..\Templates\Product.wxs" Link="Product.wxs" />
+  </ItemGroup>
+  <ItemGroup>
+    <PackageReference Include="WixToolset.Firewall.wixext" />
+  </ItemGroup>
+</Project>
\ No newline at end of file
diff --git a/src/test/msi/TestData/FirewallExtensionTests/ProtocolRules/product.wxs b/src/test/msi/TestData/FirewallExtensionTests/ProtocolRules/product.wxs
new file mode 100644
index 00000000..6a28ad0a
--- /dev/null
+++ b/src/test/msi/TestData/FirewallExtensionTests/ProtocolRules/product.wxs
@@ -0,0 +1,23 @@
+<!-- Copyright (c) .NET Foundation and contributors. All rights reserved. Licensed under the Microsoft Reciprocal License. See LICENSE.TXT file in the project root for full license information. -->
+
+<Wix xmlns="http://wixtoolset.org/schemas/v4/wxs" xmlns:fw="http://wixtoolset.org/schemas/v4/wxs/firewall">
+    <Fragment>
+        <ComponentGroup Id="ProductComponents">
+            <ComponentRef Id="FirewallComponent1"/>
+        </ComponentGroup>
+    </Fragment>
+
+    <Fragment>
+        <Component Id="FirewallComponent1" Guid="E465C8FE-5B81-4553-9CFC-E0CD96B9A36C" Directory="INSTALLFOLDER">
+            <fw:FirewallException Id="FirewallException09"
+                Description="WiX Toolset firewall exception rule integration test - protocol TCP"
+                Name="WiXToolset401 Test - 0009" Protocol="tcp" Port="900" Scope="any" />
+            <fw:FirewallException Id="FirewallException10"
+                Description="WiX Toolset firewall exception rule integration test - protocol UDP"
+                Name="WiXToolset401 Test - 0010" Protocol="udp" Port="1000" Scope="any" />
+            <fw:FirewallException Id="FirewallException11"
+                Description="WiX Toolset firewall exception rule integration test - ports can only be specified if protocol is TCP or UDP"
+                Name="WiXToolset401 Test - 0011" Protocol="134" Program="test.exe" Scope="any" />
+        </Component>
+    </Fragment>
+</Wix>
diff --git a/src/test/msi/TestData/FirewallExtensionTests/ScopeRules/ScopeRules.wixproj b/src/test/msi/TestData/FirewallExtensionTests/ScopeRules/ScopeRules.wixproj
new file mode 100644
index 00000000..b1770b0f
--- /dev/null
+++ b/src/test/msi/TestData/FirewallExtensionTests/ScopeRules/ScopeRules.wixproj
@@ -0,0 +1,13 @@
+<!-- Copyright (c) .NET Foundation and contributors. All rights reserved. Licensed under the Microsoft Reciprocal License. See LICENSE.TXT file in the project root for full license information. -->
+<Project Sdk="WixToolset.Sdk">
+  <PropertyGroup>
+    <UpgradeCode>{4D188568-1CCF-4EEE-BC27-17C3DCC83E58}</UpgradeCode>
+    <ProductComponentsRef>true</ProductComponentsRef>
+  </PropertyGroup>
+  <ItemGroup>
+    <Compile Include="..\..\Templates\Product.wxs" Link="Product.wxs" />
+  </ItemGroup>
+  <ItemGroup>
+    <PackageReference Include="WixToolset.Firewall.wixext" />
+  </ItemGroup>
+</Project>
\ No newline at end of file
diff --git a/src/test/msi/TestData/FirewallExtensionTests/ScopeRules/product.wxs b/src/test/msi/TestData/FirewallExtensionTests/ScopeRules/product.wxs
new file mode 100644
index 00000000..776c8675
--- /dev/null
+++ b/src/test/msi/TestData/FirewallExtensionTests/ScopeRules/product.wxs
@@ -0,0 +1,33 @@
+<!-- Copyright (c) .NET Foundation and contributors. All rights reserved. Licensed under the Microsoft Reciprocal License. See LICENSE.TXT file in the project root for full license information. -->
+
+
+<Wix xmlns="http://wixtoolset.org/schemas/v4/wxs" xmlns:fw="http://wixtoolset.org/schemas/v4/wxs/firewall">
+    <Fragment>
+        <ComponentGroup Id="ProductComponents">
+            <ComponentRef Id="FirewallComponent1"/>
+        </ComponentGroup>
+    </Fragment>
+
+    <Fragment>
+        <Component Id="FirewallComponent1" Guid="515AEDF0-A656-4006-8CE5-848ECCC680BD" Directory="INSTALLFOLDER">
+            <fw:FirewallException Id="FirewallException12"
+                Description="WiX Toolset firewall exception rule integration test - scope any"
+                Name="WiXToolset401 Test - 0012" Scope="any" Port="1200" />
+            <fw:FirewallException Id="FirewallException13"
+                Description="WiX Toolset firewall exception rule integration test - scope local subnet"
+                Name="WiXToolset401 Test - 0013" Scope="localSubnet" Port="1300" />
+            <fw:FirewallException Id="FirewallException14"
+                Description="WiX Toolset firewall exception rule integration test - scope DNS"
+                Name="WiXToolset401 Test - 0014" Scope="DNS" Port="1400" />
+            <fw:FirewallException Id="FirewallException15"
+                Description="WiX Toolset firewall exception rule integration test - scope DHCP"
+                Name="WiXToolset401 Test - 0015" Scope="DHCP" Port="1500" />
+            <fw:FirewallException Id="FirewallException16"
+                Description="WiX Toolset firewall exception rule integration test - scope WINS"
+                Name="WiXToolset401 Test - 0016" Scope="WINS" Port="1600"  />
+            <fw:FirewallException Id="FirewallException17"
+                Description="WiX Toolset firewall exception rule integration test - scope default gateway"
+                Name="WiXToolset401 Test - 0017" Scope="defaultGateway" Port="1700"  />
+        </Component>
+    </Fragment>
+</Wix>
diff --git a/src/test/msi/WixToolsetTest.MsiE2E/FirewallExtensionTests.cs b/src/test/msi/WixToolsetTest.MsiE2E/FirewallExtensionTests.cs
index 4106cd72..ce55aa14 100644
--- a/src/test/msi/WixToolsetTest.MsiE2E/FirewallExtensionTests.cs
+++ b/src/test/msi/WixToolsetTest.MsiE2E/FirewallExtensionTests.cs
@@ -315,5 +315,222 @@ namespace WixToolsetTest.MsiE2E
             var log2 = product.UninstallProduct(MSIExec.MSIExecReturnCode.SUCCESS, "NORULENAME=1");
             Assert.True(LogVerifier.MessageInLogFile(log2, "failed to remove firewall rule"));
         }
+
+        [RuntimeFact]
+        public void VarietyOfProtocolValuesCanBeUsed()
+        {
+            var product = this.CreatePackageInstaller("ProtocolRules");
+            product.InstallProduct(MSIExec.MSIExecReturnCode.SUCCESS);
+
+            var expected1 = new RuleDetails("WiXToolset401 Test - 0009")
+            {
+                Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW,
+                Description = "WiX Toolset firewall exception rule integration test - protocol TCP",
+                Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN,
+                EdgeTraversal = false,
+                EdgeTraversalOptions = 0,
+                Enabled = true,
+                InterfaceTypes = "All",
+                LocalAddresses = "*",
+                Profiles = Int32.MaxValue,
+                Protocol = 6,
+                RemoteAddresses = "*",
+                SecureFlags = 0,
+                LocalPorts = "900",
+                RemotePorts = "*",
+            };
+
+            Verifier.VerifyFirewallRule("WiXToolset401 Test - 0009", expected1);
+
+
+            var expected2 = new RuleDetails("WiXToolset401 Test - 0010")
+            {
+                Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW,
+                Description = "WiX Toolset firewall exception rule integration test - protocol UDP",
+                Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN,
+                EdgeTraversal = false,
+                EdgeTraversalOptions = 0,
+                Enabled = true,
+                InterfaceTypes = "All",
+                LocalAddresses = "*",
+                Profiles = Int32.MaxValue,
+                Protocol = 17,
+                RemoteAddresses = "*",
+                SecureFlags = 0,
+                LocalPorts = "1000",
+                RemotePorts = "*",
+            };
+
+            Verifier.VerifyFirewallRule("WiXToolset401 Test - 0010", expected2);
+
+
+            var expected3 = new RuleDetails("WiXToolset401 Test - 0011")
+            {
+                Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW,
+                ApplicationName = "test.exe",
+                Description = "WiX Toolset firewall exception rule integration test - ports can only be specified if protocol is TCP or UDP",
+                Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN,
+                EdgeTraversal = true,
+                EdgeTraversalOptions = 1,
+                Enabled = true,
+                InterfaceTypes = "All",
+                LocalAddresses = "*",
+                Profiles = Int32.MaxValue,
+                Protocol = 134,
+                RemoteAddresses = "*",
+                SecureFlags = 0,
+            };
+
+            Verifier.VerifyFirewallRule("WiXToolset401 Test - 0011", expected3);
+
+            product.UninstallProduct(MSIExec.MSIExecReturnCode.SUCCESS);
+
+            // verify the firewall exceptions have been removed.
+            Assert.False(Verifier.FirewallRuleExists("WiXToolset401 Test - 0009"));
+            Assert.False(Verifier.FirewallRuleExists("WiXToolset401 Test - 0010"));
+            Assert.False(Verifier.FirewallRuleExists("WiXToolset401 Test - 0011"));
+        }
+
+        [RuntimeFact]
+        public void FullSetOfScopeValuesCanBeUsed()
+        {
+            var product = this.CreatePackageInstaller("ScopeRules");
+            product.InstallProduct(MSIExec.MSIExecReturnCode.SUCCESS);
+
+            var expected1 = new RuleDetails("WiXToolset401 Test - 0012")
+            {
+                Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW,
+                Description = "WiX Toolset firewall exception rule integration test - scope any",
+                Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN,
+                EdgeTraversal = false,
+                EdgeTraversalOptions = 0,
+                Enabled = true,
+                InterfaceTypes = "All",
+                LocalAddresses = "*",
+                Profiles = Int32.MaxValue,
+                Protocol = 6,
+                RemoteAddresses = "*",
+                SecureFlags = 0,
+                LocalPorts = "1200",
+                RemotePorts = "*",
+            };
+
+            Verifier.VerifyFirewallRule("WiXToolset401 Test - 0012", expected1);
+
+
+            var expected2 = new RuleDetails("WiXToolset401 Test - 0013")
+            {
+                Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW,
+                Description = "WiX Toolset firewall exception rule integration test - scope local subnet",
+                Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN,
+                EdgeTraversal = false,
+                EdgeTraversalOptions = 0,
+                Enabled = true,
+                InterfaceTypes = "All",
+                LocalAddresses = "*",
+                Profiles = Int32.MaxValue,
+                Protocol = 6,
+                RemoteAddresses = "LocalSubnet",
+                SecureFlags = 0,
+                LocalPorts = "1300",
+                RemotePorts = "*",
+            };
+
+            Verifier.VerifyFirewallRule("WiXToolset401 Test - 0013", expected2);
+
+
+            var expected3 = new RuleDetails("WiXToolset401 Test - 0014")
+            {
+                Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW,
+                Description = "WiX Toolset firewall exception rule integration test - scope DNS",
+                Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN,
+                EdgeTraversal = false,
+                EdgeTraversalOptions = 0,
+                Enabled = true,
+                InterfaceTypes = "All",
+                LocalAddresses = "*",
+                Profiles = Int32.MaxValue,
+                Protocol = 6,
+                RemoteAddresses = "DNS",
+                SecureFlags = 0,
+                LocalPorts = "1400",
+                RemotePorts = "*",
+            };
+
+            Verifier.VerifyFirewallRule("WiXToolset401 Test - 0014", expected3);
+
+
+            var expected4 = new RuleDetails("WiXToolset401 Test - 0015")
+            {
+                Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW,
+                Description = "WiX Toolset firewall exception rule integration test - scope DHCP",
+                Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN,
+                EdgeTraversal = false,
+                EdgeTraversalOptions = 0,
+                Enabled = true,
+                InterfaceTypes = "All",
+                LocalAddresses = "*",
+                Profiles = Int32.MaxValue,
+                Protocol = 6,
+                RemoteAddresses = "DHCP",
+                SecureFlags = 0,
+                LocalPorts = "1500",
+                RemotePorts = "*",
+            };
+
+            Verifier.VerifyFirewallRule("WiXToolset401 Test - 0015", expected4);
+
+
+            var expected5 = new RuleDetails("WiXToolset401 Test - 0016")
+            {
+                Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW,
+                Description = "WiX Toolset firewall exception rule integration test - scope WINS",
+                Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN,
+                EdgeTraversal = false,
+                EdgeTraversalOptions = 0,
+                Enabled = true,
+                InterfaceTypes = "All",
+                LocalAddresses = "*",
+                Profiles = Int32.MaxValue,
+                Protocol = 6,
+                RemoteAddresses = "WINS",
+                SecureFlags = 0,
+                LocalPorts = "1600",
+                RemotePorts = "*",
+            };
+
+            Verifier.VerifyFirewallRule("WiXToolset401 Test - 0016", expected5);
+
+
+            var expected6 = new RuleDetails("WiXToolset401 Test - 0017")
+            {
+                Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW,
+                Description = "WiX Toolset firewall exception rule integration test - scope default gateway",
+                Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN,
+                EdgeTraversal = false,
+                EdgeTraversalOptions = 0,
+                Enabled = true,
+                InterfaceTypes = "All",
+                LocalAddresses = "*",
+                Profiles = Int32.MaxValue,
+                Protocol = 6,
+                RemoteAddresses = "DefaultGateway",
+                SecureFlags = 0,
+                LocalPorts = "1700",
+                RemotePorts = "*",
+            };
+
+            Verifier.VerifyFirewallRule("WiXToolset401 Test - 0017", expected6);
+
+            product.UninstallProduct(MSIExec.MSIExecReturnCode.SUCCESS);
+
+            // verify the firewall exceptions have been removed.
+            Assert.False(Verifier.FirewallRuleExists("WiXToolset401 Test - 0012"));
+            Assert.False(Verifier.FirewallRuleExists("WiXToolset401 Test - 0013"));
+            Assert.False(Verifier.FirewallRuleExists("WiXToolset401 Test - 0014"));
+            Assert.False(Verifier.FirewallRuleExists("WiXToolset401 Test - 0015"));
+            Assert.False(Verifier.FirewallRuleExists("WiXToolset401 Test - 0016"));
+            Assert.False(Verifier.FirewallRuleExists("WiXToolset401 Test - 0017"));
+        }
     }
 }
-- 
cgit v1.2.3-55-g6feb