Appendix B: Additional Firewall Configuration on Windows Web Servers

Perform the following actions for the required Windows-based web server:

  1. Log on to the Windows-based web server as Administrator.

  2. Create the win_firewall.bat file:

    @echo off
set MN=%1
netsh advfirewall set allprofiles state on
netsh advfirewall firewall add rule name="W3WP deny CORBA" action=block remoteport=8352 dir=out protocol=TCP program="C:\windows\system32\inetsrv\w3wp.exe"
netsh advfirewall firewall add rule name="W3WP deny CORBA" action=block dir=out protocol=TCP remoteip=%MN% program="C:\windows\system32\inetsrv\w3wp.exe"
netsh advfirewall firewall add rule name="PHP deny CORBA" action=block dir=out protocol=TCP remoteport=8352 program="C:\PHP\php.exe"
netsh advfirewall firewall add rule name="PHP deny CORBA" action=block dir=out protocol=TCP remoteip=%MN% program="C:\PHP\php.exe"
netsh advfirewall firewall add rule name="PHP deny CORBA" action=block dir=out protocol=TCP remoteport=8352 program="C:\PHP\php-cgi.exe"
netsh advfirewall firewall add rule name="PHP deny CORBA" action=block dir=out protocol=TCP remoteip=%MN% program="C:\PHP\php-cgi.exe"
netsh advfirewall firewall add rule name="PHP deny CORBA" action=block dir=out protocol=TCP remoteport=8352 program="C:\PHP5\php.exe"
netsh advfirewall firewall add rule name="PHP deny CORBA" action=block dir=out protocol=TCP remoteip=%MN% program="C:\PHP5\php.exe"
netsh advfirewall firewall add rule name="PHP deny CORBA" action=block dir=out protocol=TCP remoteport=8352 program="C:\PHP5\php-cgi.exe"
netsh advfirewall firewall add rule name="PHP deny CORBA" action=block dir=out protocol=TCP remoteip=%MN% program="C:\PHP5\php-cgi.exe"
netsh advfirewall firewall add rule name="Perl deny CORBA" action=block dir=out protocol=TCP remoteport=8352 program="C:\Perl64\perl.exe"
netsh advfirewall firewall add rule name="Perl deny CORBA" action=block dir=out protocol=TCP remoteip=%MN% program="C:\Perl64\perl.exe"
netsh advfirewall firewall add rule name="Perl deny CORBA" action=block dir=out protocol=TCP remoteport=8352 program="C:\Perl64\wperl.exe"
netsh advfirewall firewall add rule name="Perl deny CORBA" action=block dir=out protocol=TCP remoteport=8352 program="C:\Perl64\wperl.exe"
netsh advfirewall firewall add rule name="Perl deny CORBA" action=block dir=out protocol=TCP remoteport=8352 program="C:\Perl64\perl5.10.1.exe"
netsh advfirewall firewall add rule name="Perl deny CORBA" action=block dir=out protocol=TCP remoteip=%MN% program="C:\Perl64\perl5.10.1.exe"
netsh advfirewall firewall add rule name="Perl deny CORBA" action=block dir=out protocol=TCP remoteport=8352 program="C:\Perl64\bin\perl.exe"
netsh advfirewall firewall add rule name="Perl deny CORBA" action=block dir=out protocol=TCP remoteip=%MN% program="C:\Perl64\bin\perl.exe"
netsh advfirewall firewall add rule name="Perl deny CORBA" action=block dir=out protocol=TCP remoteport=8352 program="C:\Perl64\bin\wperl.exe"
netsh advfirewall firewall add rule name="Perl deny CORBA" action=block dir=out protocol=TCP remoteport=8352 program="C:\Perl64\bin\wperl.exe"
netsh advfirewall firewall add rule name="Perl deny CORBA" action=block dir=out protocol=TCP remoteport=8352 program="C:\Perl64\bin\perl5.10.1.exe"
netsh advfirewall firewall add rule name="Perl deny CORBA" action=block dir=out protocol=TCP remoteip=%MN% program="C:\Perl64\bin\perl5.10.1.exe"
netsh advfirewall firewall add rule name="CBC Public API deny" action=block dir=out protocol=TCP remoteport=8440 remoteip=%MN%
  3. Run this file in the following way: win_firewall.bat OA_MANAGEMENT_NODE_BACKNET_IP_ADDRESS.

© 2021 Ingram Micro, Inc. All Rights Reserved. Privacy Policy, Terms of Use and Legal