Skip to content

Commit

Permalink
add firewall extension decompiler, make msi modifications work, add a…
Browse files Browse the repository at this point in the history
…ll attributes
  • Loading branch information
chrisbednarski committed Nov 19, 2023
1 parent 54a4096 commit ecb5618
Show file tree
Hide file tree
Showing 35 changed files with 3,356 additions and 347 deletions.
980 changes: 783 additions & 197 deletions src/ext/Firewall/ca/firewall.cpp

Large diffs are not rendered by default.

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
Expand Up @@ -6,16 +6,51 @@
<Component>
<File Name="fw.exe" Source="example.txt">
<Shortcut Id="FwShortcut" Directory="INSTALLFOLDER" Name="Firewall" />
<fw:FirewallException Id="ExampleFirewall" Description="An app-based firewall exception" Name="ExampleApp" Port="42">
<fw:FirewallException Id="ExampleFirewall" Description="An app-based firewall exception" Name="ExampleApp" Port="42" OnUpdate="DoNothing" >
<fw:RemoteAddress Value="*" />
</fw:FirewallException>
</File>

<fw:FirewallException Description="A port-based firewall exception" Name="ExamplePort" Port="42" Outbound="yes" Scope="localSubnet" />
<fw:FirewallException Description="A port-based firewall exception" Name="ExamplePort" Port="42" Outbound="yes" Scope="localSubnet" OnUpdate="EnableOnly" />
<fw:FirewallException Description="DNS scope firewall exception" Name="ExampleDNSScope" Port="356" Protocol="udp" Scope="DNS" />
<fw:FirewallException Description="DHCP scope firewall exception" Name="ExampleDHCPScope" Program="test.exe" Protocol="211" Scope="DHCP" Profile="public" />
<fw:FirewallException Description="WINS scope firewall exception" Name="ExampleWINSScope" Port="6573" Scope="WINS" Profile="domain"/>
<fw:FirewallException Description="defaultGateway scope firewall exception" Name="ExampleDefaultGatewayScope" Port="4432" Scope="defaultGateway" Profile="private" />

<fw:FirewallException Description="Defer to user edge traversal" Name="defertouser" Program="fw.exe" EdgeTraversal="DeferToUser" />
<fw:FirewallException Description="A port-based service exception" Name="ExampleService" Port="12000" Service="ftpsrv" Program="%windir%\system32\svchost.exe" >
<fw:LocalAddress Value="DHCP"/>
<fw:LocalAddress Value="WINS"/>
</fw:FirewallException>

<fw:FirewallException Description="Interfaces with nested elements" Name="interface nested" Port="54671" >
<fw:RemoteAddress Value="127.0.0.1"/>
<fw:Interface Name="Wi-Fi" />
<fw:Interface Name="Local Area Connection" />
</fw:FirewallException>
<fw:FirewallException Description="Interfaces with property" Name="interface property" Port="54671" Interface="[INTERFACE_PROPERTY]" />

<ServiceInstall Name="svc1" Type="ownProcess" Start="disabled" ErrorControl="ignore" >
<fw:FirewallException Id="ServiceInstall.nested" IgnoreFailure="true" Description="A port-based firewall exception for a windows service" Name="ExampleNestedService" Port="3546-7890" Scope="localSubnet" >
<fw:InterfaceType Value="Lan" />
<fw:InterfaceType Value="Wireless" />
</fw:FirewallException>
</ServiceInstall>

<fw:FirewallException Description="Simple INetFwRule3 values" Name="INetFwRule3 values" Scope="any" LocalAppPackageId="S-1-15-2-1239072475-3687740317-1842961305-3395936705-4023953123-1525404051-2779347315" LocalUserAuthorizedList="O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)" LocalUserOwner="S-1-5-21-1898747406-2352535518-1247798438-1914" RemoteMachineAuthorizedList="127.0.0.1" RemoteUserAuthorizedList="O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)" IPSecSecureFlags="NegotiateEncryption" />
<fw:FirewallException Description="INetFwRule3 passed via properties" Name="INetFwRule3 properties" Scope="any" LocalAppPackageId="[PROP1]" LocalUserAuthorizedList="[PROP2]" LocalUserOwner="[PROP3]" RemoteMachineAuthorizedList="[PROP4]" RemoteUserAuthorizedList="[PROP5]" IPSecSecureFlags="[PROP6]" />

<fw:FirewallException Description="Simple rule with grouping" Name="GroupingExample1" Program="fw.exe" Grouping="@yourresources.dll,-1005" />
<fw:FirewallException Description="Rule with grouping property" Name="GroupingExample2" Port="8732" Grouping="[GROUPING_PROP]" />

<fw:FirewallException Description="Simple ICMP rule" Name="ICMPExample1" Protocol="2" IcmpTypesAndCodes="4:*,9:*,12:*" />
<fw:FirewallException Description="Rule with ICMP property" Name="ICMPExample2" Protocol="2" IcmpTypesAndCodes="[ICMP_PROP]" />

<fw:FirewallException Description="Simple rule with local scope" Name="LocalScopeExample1" Scope="any" LocalScope="localSubnet" />
<fw:FirewallException Description="Rule with local scope property" Name="LocalScopeExample2" Scope="any" LocalScope="[LOCALSCOPE_PROP]" />

<fw:FirewallException Description="Simple rule with remote port" Name="RemotePortExample1" Scope="any" RemotePort="34560" />
<fw:FirewallException Description="Rule with remote port property" Name="RemotePortExample2" Program="fw.exe" RemotePort="[REMOTEPORT_PROP]" />
</Component>
</ComponentGroup>
</Fragment>
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
<!--
This file contains the declaration of all the localizable strings.
-->
<WixLocalization xmlns="http://wixtoolset.org/schemas/v4/wxl" Culture="en-US">

<String Id="DowngradeError" Value="A newer version of [ProductName] is already installed." />
<String Id="FeatureTitle" Value="MsiPackage" />

</WixLocalization>
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
<Wix xmlns="http://wixtoolset.org/schemas/v4/wxs">
<Package Name="MsiPackage" Language="1033" Version="1.0.0.0" Manufacturer="Example Corporation" UpgradeCode="BB4E61B3-EBE5-4DE7-B3E0-8699B5901D2E">
<MajorUpgrade DowngradeErrorMessage="!(loc.DowngradeError)" />

<Feature Id="ProductFeature" Title="!(loc.FeatureTitle)">
<ComponentGroupRef Id="ProductComponents" />
</Feature>
</Package>

<Fragment>
<StandardDirectory Id="ProgramFilesFolder">
<Directory Id="INSTALLFOLDER" Name="MsiPackage" />
</StandardDirectory>
</Fragment>
</Wix>
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
<?xml version="1.0" encoding="utf-8"?>
<Wix xmlns="http://wixtoolset.org/schemas/v4/wxs"
xmlns:fw="http://wixtoolset.org/schemas/v4/wxs/firewall">
<Fragment>
<ComponentGroup Id="ProductComponents" Directory="INSTALLFOLDER">
<Component Id="FirewallComponent" Guid="28DF3387-F30E-4DBE-90E2-D2C760CB4DD9">
<fw:FirewallException
Name="[NAME]"
Port="[LOCALPORT]"
Protocol="[PROTOCOL]"
Program="[PROGRAM]"
Profile="[PROFILE]"
Description="[DESCRIPTION]"
Scope="[REMOTESCOPE]"
Action="[ACTION]"
EdgeTraversal="[EDGETRAVERSAL]"
Enabled="[ENABLED]"
Grouping="[GROUPING]"
IcmpTypesAndCodes="[ICMPTYPES]"
Interface="[INTERFACE]"
InterfaceType="[INTERFACETYPE]"
LocalScope="[LOCALSCOPE]"
RemotePort="[REMOTEPORT]"
Service="[SERVICE]"
LocalAppPackageId="[PACKAGEID]"
LocalUserAuthorizedList="[LOCALUSERS]"
LocalUserOwner="[LOCALOWNER]"
RemoteMachineAuthorizedList="[REMOTEMACHINES]"
RemoteUserAuthorizedList="[REMOTEUSERS]"
IPSecSecureFlags="[SECUREFLAGS]"
/>

<fw:FirewallException Name="Single Nested properties" >
<fw:RemoteAddress Value="[REMOTEADDRESS]" />
<fw:LocalAddress Value="[LOCALADDRESS]" />
<fw:InterfaceType Value="[INTERFACETYPE]" />
<fw:Interface Name="[INTERFACE]" />
</fw:FirewallException>

<fw:FirewallException Name="Multiple Nested properties" >
<fw:RemoteAddress Value="[REMOTEADDRESS1]" />
<fw:RemoteAddress Value="[REMOTEADDRESS2]" />
<fw:LocalAddress Value="[LOCALADDRESS1]" />
<fw:LocalAddress Value="[LOCALADDRESS2]" />
<fw:InterfaceType Value="[INTERFACETYPE1]" />
<fw:InterfaceType Value="[INTERFACETYPE2]" />
<fw:Interface Name="[INTERFACE1]" />
<fw:Interface Name="[INTERFACE2]" />
</fw:FirewallException>
</Component>
</ComponentGroup>
</Fragment>
</Wix>
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
This is example.txt.
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,8 @@
<PropertyGroup>
<TargetFramework>net6.0</TargetFramework>
<IsWixTestProject>true</IsWixTestProject>
<GenerateAssemblyInfo>false</GenerateAssemblyInfo>
<GenerateTargetFrameworkAttribute>false</GenerateTargetFrameworkAttribute>
</PropertyGroup>

<ItemGroup>
Expand Down
Loading

0 comments on commit ecb5618

Please sign in to comment.