eShopOnContainers/deploy/windows/add-firewall-rules-for-sts-auth-thru-docker.ps1
edmondshtogu 6c3ab903ed
Fixed firewall rules check and improved the script
the check shall be like ~ Get-NetFirewallRule -DisplayName eShopOnContainers-* -ErrorAction Stop
2020-08-07 13:20:34 +02:00

54 lines
1.6 KiB
PowerShell

param(
[string]$Name = "eShopOnContainers",
[string]$InboundDisplayName = "eShopOnContainers-Inbound",
[string]$OutboundDisplayName = "eShopOnContainers-Outbound",
[switch]$Elevated
)
function Check-Admin {
$currentUser = New-Object Security.Principal.WindowsPrincipal $([Security.Principal.WindowsIdentity]::GetCurrent())
$currentUser.IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)
}
function Add-InboundRule {
New-NetFirewallRule -DisplayName $InboundDisplayName -Confirm -Description "$Name Inbound Rule for port range 5100-5150" -LocalAddress Any -LocalPort 5100-5150 -Protocol tcp -RemoteAddress Any -RemotePort Any -Direction Inbound
}
function Add-OutboundRule {
New-NetFirewallRule -DisplayName $OutboundDisplayName -Confirm -Description "$Name Outbound Rule for port range 5100-5150" -LocalAddress Any -LocalPort 5100-5150 -Protocol tcp -RemoteAddress Any -RemotePort Any -Direction Outbound
}
if ((Check-Admin) -eq $false) {
if ($elevated)
{
# could not elevate, quit
}
else {
Start-Process powershell.exe -Verb RunAs -ArgumentList ('-noprofile -noexit -file "{0}" -elevated' -f ($myinvocation.MyCommand.Definition))
}
exit
}
try {
$rules = $(Get-NetFirewallRule -DisplayName $Name-* -ErrorAction Stop | Out-String)
if (!$rules.Contains($InboundDisplayName) -and !$rules.Contains($OutboundDisplayName))
{
Add-InboundRule
Add-OutboundRule
}
elseif (!$rules.Contains($InboundDisplayName))
{
Add-InboundRule
}
elseif (!$rules.Contains($OutboundDisplayName))
{
Add-OutboundRule
}
else{
Write-Host "Rules found!"
}
}
catch [Exception] {
Add-InboundRule
Add-OutboundRule
}