(Unattended Installation)

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

[WindowsFirewall.profile_name]

The [WindowsFirewall.profile_name] section contains entries for configuring the Windows Firewall.

Windows Firewall maintains two sets of configurations known as profiles. The Domain profile is used when a computer is a member of a domain, while the Standard profile is used when a computer is not connected to a domain. The [WindowsFirewall.profile_name] section is a user-defined section that is referenced by the [WindowsFirewall] section to make changes to Windows Firewall's default configuration. You must include the [WindowsFirewall] and [WindowsFirewall.profile_name] sections in your answer file to configure the Windows Firewall in unattended Setup. You may specify a domain type of profile, a standard type, or a profile that applies to both domain and standard.

The [WindowsFirewall.profile_name] section contains entries for specifying a domain type of profile, a standard type, or a profile that applies to both domain and standard.

Answer File Entries for the [WindowsFirewall. profile_name ] Section

Entry Description

Type

Specifies the type of profile to use for changing the default configuration of the Windows Firewall.

Mode

Specifies whether to enable or disable Windows Firewall.

Exceptions

Specifies whether to enable or disable the Windows Firewall Exceptions list. Windows Firewall blocks all unsolicited, incoming traffic, except traffic that matches entries in the exceptions list.

Notifications

Specifies whether to enable or disable notifications.

MulticastBroadcastResponse

Specifies whether to enable or disable multicast and broadcast packets.

AllowedPrograms

Specifies a list of programs that will not be blocked by the Windows Firewall.

Services

Specifies a list of services that will not be blocked by the Windows Firewall, such as file and print services, remote administration services, and remote desktop services.

PortOpenings

Specifies a list of open ports that will not be blocked by Windows Firewall.

IcmpSettings

Specifies a list of Internet Control Message Protocol (ICMP) message types that will not be blocked by Windows Firewall.

Example
[WindowsFirewall.Standard]
Type = 1
Mode = 1
Exceptions = 1
Notifications = 1
MulticastBroadcastResponse = 1
AllowedPrograms = WindowsFirewall.RemoteAssistance
Services = WindowsFirewall.RemoteDesktop
PortOpenings = WindowsFirewall.WebServer
IcmpSettings = WindowsFirewall.EchoRequest

Type

Specifies the type of profile to use for changing the default configuration of the Windows Firewall.

Syntax
Type = 0 | 1 | 3
Value Description

0

Specifies a domain type of profile.

1

Specifies a standard type of profile.

3

Specifies both domain and standard profiles

Example
Type = 3
Comments

The default is 3. This is an optional entry. If you do not specify a value for the Type entry, the default value is applied.

Mode

Specifies whether to enable or disable Windows Firewall.

Syntax
Mode = 0 | 1
Value Description

1

Enables Windows Firewall.

0

Disables Windows Firewall.

Example
Mode = 1
Comments

The default is 1. This is a required entry.

Exceptions

Specifies whether to enable or disable the Windows Firewall Exceptions list. Windows Firewall blocks all unsolicited, incoming traffic, except traffic that matches entries in the exceptions list.

Syntax
Exceptions = 0 | 1
Value Description

1

Enables Windows Firewall Exceptions list.

0

Disables Windows Firewall Exceptions list.

Example
Exceptions = 1
Comments

The default is 1. You can configure Windows Firewall to be enabled with no exceptions, enabled with exceptions, or disabled.

Notifications

Specifies whether to enable or disable notifications.

Syntax
Notifications = 0 | 1
Value Description

1

Enables notifications.

0

Disables notifications.

Example
Notifications = 1
Comments

The default is 1. This is an optional entry.

MulticastBroadcastResponse

Specifies whether to enable or disable multicast and broadcast packets.

Syntax
MulticastBroadcastResponse = 0 | 1
Value Description

1

Enables MulticastBroadcastResponse.

0

Disables MulticastBroadcastResponse.

Example
MulticastBroadcastResponse = 1
Comments

The default is 1. This is an optional entry.

AllowedPrograms

Specifies a list of programs that will not be blocked by the Windows Firewall.

Syntax
AllowedPrograms = WindowsFirewall.program_name
Value Description

WindowsFirewall.program_name

Specifies the name of the program that will not be blocked by the Windows Firewall.

Example
AllowedPrograms = WindowsFirewall.RemoteAssistance
Comments

You may include multiple user-defined WindowsFirewall.program_name entries. Each entry references a [WindowsFirewall.program_name] section that defines the path and program name. Each WindowsFirewall.program_name entry must have a unique name, for example, WindowsFirewall.RemoteAssistance.

Services

Specifies a list of services that will not be blocked by the Windows Firewall, such as file and print services, remote administration services, and remote desktop services.

Syntax
Services = WindowsFirewall.service_name
Value Description

WindowsFirewall.service_name

Specifies the name of the service that will not be blocked by the Windows Firewall.

Example
Services = WindowsFirewall.PrintService
Comments

You may include multiple user-defined services. Each service entry references a [WindowsFirewall.service_name] section that defines the type of service, mode, and address. Each service entry must have a unique name.

PortOpenings

Specifies a list of open ports that will not be blocked by Windows Firewall.

Syntax
PortOpenings = WindowsFirewall.portopening_name
Value Description

WindowsFirewall.portopening_name

Specifies the name of the port that will not be blocked by the Windows Firewall.

Example
PortOpenings = WindowsFirewall.WebServer
Comments

You may include multiple user-defined port openings. Each entry references a [WindowsFirewall.portopening_name] section that defines the port. Each entry must have a unique name.

IcmpSettings

Specifies a list of Internet Control Message Protocol (ICMP) message types that will not be blocked by Windows Firewall.

Syntax
IcmpSettings = WindowsFirewall.icmpsetting_name
Value Description

WindowsFirewall.icmpsetting_name

Specifies the ICMP message type that will not be blocked by the Windows Firewall.

Example
IcmpSettings = WindowsFirewall.EchoRequest
Comments

You may include multiple user-defined ICMP settings. Each entry references a [WindowsFirewall.icmpsetting_name] section that specifies the name and type of ICMP setting. Each entry must have a unique name.