Windows Firewall Modifications

MSI Package Builder allows modifying Windows Firewall settings. It is possible to create, modify and delete inbound and outbound firewall rules and to change firewall profile settings during installation and uninstallation of the created package.

Windows Firewall settings described in the project are displayed in the Windows Firewall view when the Windows Firewall node is selected in the Projects view. Changes performed during the monitoring process are automatically added to the view, so you can edit them or add the required changes manually. Changes to the inbound and outbound rules are represented on the Inbound & Outbound Rules tab. Let us take a closer look at the possible types of actions.

Inbound Rule

Inbound Rule

The Inbound Rule button from the New group on the regular Project and contextual Windows Firewall Ribbon pages should be used to add a firewall inbound-rule deployment action to the currently configured project.

Outbound Rule

Outbound Rule

The Outbound Rule button from the New group on the regular Project and contextual Windows Firewall Ribbon pages should be used to add a firewall outbound-rule deployment action to the currently configured project.

When creating an inbound or outbound rule, you need to configure the rule properties in the New Firewall Rule dialog Pic 1. First, you need to configure the operation type on the General tab of the dialog. The Create option allows creating a new firewall rule when a package is deployed. If you need to modify a rule, you should select the Modify option. To delete a rule, you can select the Delete or Delete by Name options.

Configuring firewall rule options

Pic 1. Configuring firewall rule options

Using the options configured in the Firewall Rule Properties dialog, you can configure a rule to allow or block a connection. You can switch to different tabs of the dialog to configure the programs and services for the rule to be applied to and to specify ports, scopes and protocols. These settings are similar to the settings of the Windows Firewall configuration.

If the Delete option is specified in the firewall rule, you need to configure all the rule options. In this case, a rule is deleted during the package deployment only if all the options match the options of the rule on the machine. The rule deletion doesn't work if any option doesn't match. To delete a rule regardless of its options, you can use the Delete by Name option. In this case, you should specify the rule name, so all rules with this name will be deleted.

To configure profiles in Windows Firewall, you can switch to the Profiles Options tab. It is possible to configure options for the Domain, Private and Public profiles. There is a set of options for every profile, and you can configure the changes for those options to be applied upon the package installation and uninstallation Pic 1.

Configuring firewall profile options

Pic 2. Configuring firewall profile options

Using the configuration options, you can turn on or off Windows Defender Firewall for a selected profile, set the default behavior for inbound and outbound connections or configure displayed notifications. You can configure different install and uninstall actions, if you need.