Browse Source
Fixed firewall rules check and improved the script
the check shall be like ~ Get-NetFirewallRule -DisplayName eShopOnContainers-* -ErrorAction Stoppull/1390/head
edmondshtogu
4 years ago
committed by
GitHub
GitHub
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 45 additions and 18 deletions
Unified View
Diff Options
+ 45
- 18
deploy/windows/add-firewall-rules-for-sts-auth-thru-docker.ps1
View File
| @ -1,26 +1,53 @@ | |||||
| param([switch]$Elevated) | |||||
| param( | |||||
| [string]$Name = "eShopOnContainers", | |||||
| [string]$InboundDisplayName = "eShopOnContainers-Inbound", | |||||
| [string]$OutboundDisplayName = "eShopOnContainers-Outbound", | |||||
| [switch]$Elevated | |||||
| ) | |||||
| function Check-Admin { | function Check-Admin { | ||||
| $currentUser = New-Object Security.Principal.WindowsPrincipal $([Security.Principal.WindowsIdentity]::GetCurrent()) | |||||
| $currentUser.IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator) | |||||
| $currentUser = New-Object Security.Principal.WindowsPrincipal $([Security.Principal.WindowsIdentity]::GetCurrent()) | |||||
| $currentUser.IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator) | |||||
| } | } | ||||
| if ((Check-Admin) -eq $false) { | |||||
| if ($elevated) | |||||
| { | |||||
| # could not elevate, quit | |||||
| function Add-InboundRule { | |||||
| New-NetFirewallRule -DisplayName $InboundDisplayName -Confirm -Description "$Name Inbound Rule for port range 5100-5150" -LocalAddress Any -LocalPort 5100-5150 -Protocol tcp -RemoteAddress Any -RemotePort Any -Direction Inbound | |||||
| } | } | ||||
| else { | |||||
| Start-Process powershell.exe -Verb RunAs -ArgumentList ('-noprofile -noexit -file "{0}" -elevated' -f ($myinvocation.MyCommand.Definition)) | |||||
| function Add-OutboundRule { | |||||
| New-NetFirewallRule -DisplayName $OutboundDisplayName -Confirm -Description "$Name Outbound Rule for port range 5100-5150" -LocalAddress Any -LocalPort 5100-5150 -Protocol tcp -RemoteAddress Any -RemotePort Any -Direction Outbound | |||||
| } | } | ||||
| exit | |||||
| if ((Check-Admin) -eq $false) { | |||||
| if ($elevated) | |||||
| { | |||||
| # could not elevate, quit | |||||
| } | |||||
| else { | |||||
| Start-Process powershell.exe -Verb RunAs -ArgumentList ('-noprofile -noexit -file "{0}" -elevated' -f ($myinvocation.MyCommand.Definition)) | |||||
| } | |||||
| exit | |||||
| } | } | ||||
| try { | try { | ||||
| Get-NetFirewallRule -DisplayName EshopDocker -ErrorAction Stop | |||||
| Write-Host "Rule found" | |||||
| $rules = $(Get-NetFirewallRule -DisplayName $Name-* -ErrorAction Stop | Out-String) | |||||
| if (!$rules.Contains($InboundDisplayName) -and !$rules.Contains($OutboundDisplayName)) | |||||
| { | |||||
| Add-InboundRule | |||||
| Add-OutboundRule | |||||
| } | |||||
| elseif (!$rules.Contains($InboundDisplayName)) | |||||
| { | |||||
| Add-InboundRule | |||||
| } | |||||
| elseif (!$rules.Contains($OutboundDisplayName)) | |||||
| { | |||||
| Add-OutboundRule | |||||
| } | |||||
| else{ | |||||
| Write-Host "Rules found!" | |||||
| } | |||||
| } | |||||
| catch [Exception] { | |||||
| Add-InboundRule | |||||
| Add-OutboundRule | |||||
| } | } | ||||
| catch [Exception] { | |||||
| New-NetFirewallRule -DisplayName eShopOnContainers-Inbound -Confirm -Description "eShopOnContainers Inbound Rule for port range 5100-5150" -LocalAddress Any -LocalPort 5100-5150 -Protocol tcp -RemoteAddress Any -RemotePort Any -Direction Inbound | |||||
| New-NetFirewallRule -DisplayName eShopOnContainers-Outbound -Confirm -Description "eShopOnContainers Outbound Rule for port range 5100-5150" -LocalAddress Any -LocalPort 5100-5150 -Protocol tcp -RemoteAddress Any -RemotePort Any -Direction Outbound | |||||
| } | |||||