(Unattended Installation)
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
[WindowsFirewall.service_name]
The [WindowsFirewall.service_name] section contains entries for configuring Windows Firewall.
When in normal operation, Windows Firewall opens static ports used by services in its current profile's exception list. Only services that actually require unsolicited, incoming traffic should be added to the Windows Firewall Exceptions list. There is no benefit to adding services that use only outgoing connections to the Windows Firewall Exceptions list. You must add the [WindowsFirewall.service_name] section in the [WindowsFirewall.profile_name] section.
The [WindowsFirewall.service_name] section contains entries for adding services to the Windows Firewall Exceptions list.
Answer File Entries for the [WindowsFirewall. program_name ] Section
| Entry | Description |
|---|---|
Type |
Specifies the type of service to use for changing the default configuration of the Windows Firewall. |
Mode |
Specifies whether to enable or disable an entry in the Windows Firewall Exceptions lists. |
Scope |
Defines the set of limits on which computers (IP addresses) are allowed to send traffic through the specified exception. The value of the Mode entry must equal 1 (On). |
Addresses |
Specifies the addresses for an entry in the Windows Firewall Exceptions lists. |
Example
[WindowsFirewall.RemoteDesktop]
Type = 2
Mode = 1
Scope = 2
Addresses = 192.168.0.5,LocalSubnet
Type
Specifies the type of service to use for changing the default configuration of the Windows Firewall.
Syntax
Type = 0 | 1 | 2 | 4 | 5
| Value | Description |
|---|---|
0 |
Specifies file and print sharing. |
1 |
Specifies UPnP framework. |
2 |
Specifies remote desktop service. |
4 |
Specifies remote administration service. |
5 |
Specifies all services. |
Example
Type = 5
Comments
The default value is 5. This is a required entry.
Mode
Specifies whether an entry added to the Windows Firewall Exceptions list is either enabled or disabled.
Syntax
Mode = 0 | 1
| Value | Description |
|---|---|
1 |
Enables an entry in the Windows Firewall Exceptions list. |
0 |
Disables an entry in the Windows Firewall Exceptions list. |
Example
Mode = 1
Comments
The default value is 1. This is a required entry.
Scope
Defines the set of limits on which computers (IP addresses) are allowed to send traffic through the specified exception. The value of the Mode entry must equal 1 (On).
Syntax
Scope = 0 | 1 | 2
| Value | Description |
|---|---|
0 |
Enables unsolicited, incoming traffic with no limitations. Any computer can send traffic through this exception. |
1 |
Enables unsolicited, incoming traffic that matches the exception from any computer on the same subnet as the network connection on which the traffic was received through Windows Firewall, while dropping unsolicited, incoming traffic from all other computers. |
2 |
Defines a custom scope, which is a collection of IP addresses and subnets, as specified in the Addresses entry. Unsolicited, incoming traffic that matches the exception and originates from a computer in the defined collection is enabled through Windows Firewall. |
Example
Scope = 192.168.0.5,LocalSubnet
Comments
The default value is 0. When enabling a service, the set of IP addresses from which the unsolicited, incoming traffic is enabled can be defined by using this entry.
Addresses
Specifies the IP addresses in the Scope entry.
Syntax
Addresses = IP_address1, IP_address2
| Value | Description |
|---|---|
IP_addresses |
Specifies the IP addresses in the Scope entry. |
Example
Addresses = 192.168.0.5,LocalSubnet
Comments
This entry is ignored unless the Scope entry is set to 2.