Hi.

I want to do two things during install of our application...

1. I want to test that certain ports are open and working, and if not I want to show a popup advising people of this and suggesting they refer to their router maker to figure out how to do this...

2. I want to ask the user to add our application to their firewall exception list....

Also, part of point 2, is can I trigger their software firewall so that they deal with problems before they get to run the application...


Thanks for all the help...

You could get the inmstall application to execute a batch file in the background. The batch file would run a telnet command to the desired destination server, and output to a txt file. You can then interogate the txt file and make decisions based on that.

The batch file would look something like this....

REM ## TEMP BATCH FILE TO TEST TCP PORT ##
TELNET serverIP portnumber >%tmp%\porttest.txt

After the batch file has quite, you will end up with porttest.txt within the users temp area. Interogate the txt file, and if the port is not open, you can search for the string... "Could not open a connection to host on port" which would imply a connection failure, and the port is closed.

As regards triggering thier firewall software, you will never know which software is being used if any. And obvisouly the firewall might actually be a hardware firewall, so I would suggest simply warning the user that they need to open the port.

Hope this helps..... :)

Thanks for your comments...

Actually, the ports I need to test are UDP..... does that make a difference ?

Thanks

Ahh !!.........lol

Yes that does make a difference. You cannot telnet to a UDP port, and I am unaware of any means of testing a UDP port, other than using portscanner software.

Do a google search for testing / probing / interogating UDP ports.

I think we'll have to do the port test via our application....

But does anyone know how to add the application to the firewall exemption list ?

Here is a way to do it by adding the entry to the registry. Replace 'C:\\Path\\To\\my.exe' with the path to the executable you want added to the firewall exceptions list. Replace 'Name_Of_Product' with the name of the application you want to add (for display purposes when you view the Windows Firewall Exceptions list.)


Registry.SetValue(HKEY_LOCAL_MACHINE, "SYSTEM\\ControlSet001\\Services\\SharedAccess\\Par ameters\\FirewallPolicy\\StandardProfile\\Authoriz edApplications\\List", "C:\\Path\\To\\my.exe", "C:\\Path\\To\\my.exe:*:Enabled:Name_Of_Product", REG_SZ);

As I know, only Windows firewall available in Win XP and later provides a way to automatically add a program to the 'allowed' list, and only if this is allowed in the firewall configuration.
I guess Tek's reply is about Windows firewall, but you should know that very few people use it. Most people use others like Symantec, ZoneAlarm, Sygate etc. etc., or hardware firewalls - for all these, you can't automatically add a program to exceptions list.

I think the only way is to set something on your server that listens on these ports and sends a reply. From the setup send some data to the server and if you do not receive the expected reply within a given period, show a message that app has to be allowed in the firewall.

One might want to have links available for each major product's firewall settings, along with the initial, "Make sure to allow this program access" sort of alert.

:yes

Thanks for all the help...

It seems the only sensible solution is to test the ports once the application is running, and then notify the user if those ports are not open... doing this, we can also tell the user they will need to allow the application to work through their firewall...