FirewallException element (Firewall extension)
Registers an exception for a program or a specific port and protocol in the Windows Firewall. For more information about the Windows Firewall, see Windows Firewall with Advanced Security.
Attributes
Action
FirewallActionTypeUnionThe action for this firewall exception.
Description
stringDescription for this firewall rule displayed in Windows Firewall manager.
EdgeTraversal
FirewallEdgeTraversalTypeUnionSets the edge traversal of the firewall exception.
Enabled
FirewallYesNoPropertyTypeIndicates whether the firewall exception should be enabled.
File
stringIdentifier of a File to be granted access through the firewall. By default, all incoming ports and protocols are allowed unless the Port and.or Protocol attributes are specified.
If you use File, you cannot also use Program.
Grouping
stringGrouping for the firewall exception.
IcmpTypesAndCodes
stringICMP types and codes for the firewall exception.
Id
stringUnique ID of this firewall exception. If the Id is not specified, one will be generated.
IgnoreFailure
wxs:YesNoTypeUnionIf “yes”, failures to register this firewall exception will be silently ignored. If “no” (the default), failures will cause rollback.
Interface
stringInterface for the firewall exception.
InterfaceType
FirewallInterfaceTypeUnionInterface type for the firewall exception.
IPSecSecureFlags
FirewallIPSecSecureFlagsUnionIPSec secure flags for the firewall exception.
LocalAppPackageId
stringLocal AppPackageId for the firewall exception.
LocalScope
FirewallLocalScopeTypeUnionLocal scope for the firewall exception.
LocalUserAuthorizedList
stringLocal user authorized list for the firewall exception.
LocalUserOwner
stringLocal user owner for the firewall exception.
Name
string requiredName of this firewall exception, visible to the user in the firewall control panel.
OnUpdate
FirewallOnUpdateTypeUnionInstallation instruction when updating the firewall exception.
Outbound
wxs:YesNoTypeUnionIf “yes”, registers an outbound firewall rule. The default is “no”.
Port
stringPort to allow through the firewall for this exception. By default, any program is allowed access through the port unless a File or Program attribute is specified.
Profile
FirewallProfileTypeUnionProfile type for this firewall exception. Default is “all”.
Program
stringPath to a target program to be granted access through the firewall. By default, all incoming ports and protocols are allowed unless the Port and.or Protocol attributes are specified.
Note that this is a formatted field, so you can use [#fileId] syntax to refer to a file being installed. If you use Program, you cannot also use File.
Protocol
FirewallProtocolTypeUnionIP protocol used for this firewall exception. If Port is defined, “tcp” is assumed if the protocol is not specified.
RemoteMachineAuthorizedList
stringRemote machine authorized list for the firewall exception.
RemotePort
stringRemote port for the firewall exception.
RemoteUserAuthorizedList
stringRemote user authorized list for the firewall exception.
Scope
FirewallScopeTypeUnionThe scope of this firewall exception, which indicates whether incoming connections can come from any computer including those on the Internet or only those on the local network subnet. To more precisely specify allowed remote address, specify a custom scope using RemoteAddress child elements.
Service
stringService for the firewall exception. Cannot be specified when the firewall exception is a child of a service element.