diff --git a/deploy/windows/add-firewall-rules-for-sts-auth-thru-docker.ps1 b/deploy/windows/add-firewall-rules-for-sts-auth-thru-docker.ps1 index 271b6a77d..9aad3e45c 100644 --- a/deploy/windows/add-firewall-rules-for-sts-auth-thru-docker.ps1 +++ b/deploy/windows/add-firewall-rules-for-sts-auth-thru-docker.ps1 @@ -1,26 +1,53 @@ -param([switch]$Elevated) +param( + [string]$Name = "eShopOnContainers", + [string]$InboundDisplayName = "eShopOnContainers-Inbound", + [string]$OutboundDisplayName = "eShopOnContainers-Outbound", + [switch]$Elevated + ) + function Check-Admin { -$currentUser = New-Object Security.Principal.WindowsPrincipal $([Security.Principal.WindowsIdentity]::GetCurrent()) -$currentUser.IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator) + $currentUser = New-Object Security.Principal.WindowsPrincipal $([Security.Principal.WindowsIdentity]::GetCurrent()) + $currentUser.IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator) } -if ((Check-Admin) -eq $false) { -if ($elevated) -{ -# could not elevate, quit +function Add-InboundRule { + New-NetFirewallRule -DisplayName $InboundDisplayName -Confirm -Description "$Name Inbound Rule for port range 5100-5150" -LocalAddress Any -LocalPort 5100-5150 -Protocol tcp -RemoteAddress Any -RemotePort Any -Direction Inbound } - -else { - -Start-Process powershell.exe -Verb RunAs -ArgumentList ('-noprofile -noexit -file "{0}" -elevated' -f ($myinvocation.MyCommand.Definition)) +function Add-OutboundRule { + New-NetFirewallRule -DisplayName $OutboundDisplayName -Confirm -Description "$Name Outbound Rule for port range 5100-5150" -LocalAddress Any -LocalPort 5100-5150 -Protocol tcp -RemoteAddress Any -RemotePort Any -Direction Outbound } -exit + +if ((Check-Admin) -eq $false) { + if ($elevated) + { + # could not elevate, quit + } + else { + Start-Process powershell.exe -Verb RunAs -ArgumentList ('-noprofile -noexit -file "{0}" -elevated' -f ($myinvocation.MyCommand.Definition)) + } + exit } + try { - Get-NetFirewallRule -DisplayName EshopDocker -ErrorAction Stop - Write-Host "Rule found" + $rules = $(Get-NetFirewallRule -DisplayName $Name-* -ErrorAction Stop | Out-String) + if (!$rules.Contains($InboundDisplayName) -and !$rules.Contains($OutboundDisplayName)) + { + Add-InboundRule + Add-OutboundRule + } + elseif (!$rules.Contains($InboundDisplayName)) + { + Add-InboundRule + } + elseif (!$rules.Contains($OutboundDisplayName)) + { + Add-OutboundRule + } + else{ + Write-Host "Rules found!" + } +} +catch [Exception] { + Add-InboundRule + Add-OutboundRule } - catch [Exception] { - New-NetFirewallRule -DisplayName eShopOnContainers-Inbound -Confirm -Description "eShopOnContainers Inbound Rule for port range 5100-5150" -LocalAddress Any -LocalPort 5100-5150 -Protocol tcp -RemoteAddress Any -RemotePort Any -Direction Inbound - New-NetFirewallRule -DisplayName eShopOnContainers-Outbound -Confirm -Description "eShopOnContainers Outbound Rule for port range 5100-5150" -LocalAddress Any -LocalPort 5100-5150 -Protocol tcp -RemoteAddress Any -RemotePort Any -Direction Outbound -} \ No newline at end of file