• Welcome to SQLitening Support Forum.
 

News:

Welcome to the SQLitening support forums!

Main Menu

How do you make holes in the windows firewall?

Started by Fim, December 21, 2016, 07:59:49 AM

Previous topic - Next topic

Fim

Running SQLitening server on PC on the network works fine.
J can connect to the server ONLY if I stop Windows firewall on the server-pc.
That is not good to run a PC without a firewall.
Someone who knows how to make "holes" in the Windows Firewall so that a client can communicate with SQLitening Server?

/Fim W.

Fim W

cj

#1
In advanced settings have you created an inbound rule for the port?
I don't think that letting an app or feature through is necessary if an inbound rule is created.

http://sqlitening.com/support/index.php?topic=3402.msg17476#msg17476
I will test with Windows 10 if netsh is working.

cj

These work with my Windows 10 machine to allow port 51234.
Created 2 batch files, but could easily be added to a program (things to do.)

rem syntax: PortOn.bat 51234
netsh advfirewall firewall delete rule name = %1 protocol=TCP localport=%1
netsh advfirewall firewall add rule name = %1 dir=in action = allow protocol=TCP localport=%1

rem syntax: PortOff.bat 51234
netsh advfirewall firewall delete rule name = %1 protocol=TCP localport=%1







Fim

Thank you.
It thus makes a "hole" for that port 51234 via TCP and it seems pretty logical.
Test it tomorrow or next week.
/Fim  W
Fim W

cj

#4
Requires program run as administrator or has a manifest.


#RESOURCE manifest, 1,"manifest.xml"  'admin level

FUNCTION PBMAIN () AS LONG
  PortOff  51234   'delete previous entry in case it exists
  PortOn   51234   'add new entry
END FUNCTION

SUB PortOn(PortNum AS LONG)
  LOCAL s AS STRING
  s = "netsh advfirewall firewall add rule name = %1 dir=in action = allow protocol=TCP localport=%1
  REPLACE "%1" WITH FORMAT$(PortNum) IN s
  SHELL ENVIRON$("COMSPEC") + " /C "  + s,0
END SUB

SUB PortOff(PortNum AS LONG)
  LOCAL s AS STRING
  s = ENVIRON$("COMSPEC") + " /C " + "netsh advfirewall firewall DELETE rule NAME = %1 protocol=TCP localport=%1"
  REPLACE "%1" WITH FORMAT$(PortNum) IN s
  SHELL ENVIRON$("COMSPEC") + " /C "  + s,0
END SUB

'manifest.xml
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
    <asmv3:trustInfo xmlns:asmv3="urn:schemas-microsoft-com:asm.v3">
        <asmv3:security>
            <asmv3:requestedPrivileges>
                <asmv3:requestedExecutionLevel
                    level="requireAdministrator"
                    uiAccess="false"/>
            </asmv3:requestedPrivileges>
        </asmv3:security>
    </asmv3:trustInfo>
</assembly>