I have a self-host WCF service (i.e. a windows service host, not a console host) listening at the following endpoint:
http://localhost:8733/Design_Time_Addresses/MBMServices/MBMExtClientService/
It won't accept any connections, no matter how much I open in the firewall. I have to completely turn the firewall off for it to accept requests. Even when I change the program to "Any" i.e. not the servicehost.exe, it still won't accept requests.
I've written in some inbound rules using WiX. like so:
<Fragment>
<ComponentGroup Id='MBMServicePackage' Directory="INSTALLFOLDER">
<Component Id="MBMService" Guid="e2696e40-6166-49e9-a324-ac417d9b46be">
<fire:FirewallException Id="MBMServicesHost.tcp" Name="MBM Services tcp" Program="MBMServiceHost.exe" Profile="all" Scope="any"/>
<fire:FirewallException Id="MBMServiceHost.config.tcp" Name="MBM Services tcp" Program="MBMServiceHost.exe.config" Profile="all" Scope="any"/>
<fire:FirewallException Id="MBMServicedll.tcp" Name="MBM Services tcp" Program="MBMServices.dll" Profile="all" Scope="any"/>
<File Id="MBMServiceHost.exe" Name="MBMServiceHost.exe" Source="..\MBMServiceHost\bin\Debug\MBMServiceHost.exe" Vital="yes" KeyPath="yes" DiskId="1">
</File>
<File Id="MBMServiceHost.exe.config" Name="MBMServiceHost.exe.config" Source="..\MBMServiceHost\bin\Debug\MBMServiceHost.exe.config" Vital="yes" KeyPath="no" DiskId="1">
</File>
<File Id="MBMServices.dll" Name="MBMServices.dll" Source="..\MBMServices\bin\Debug\MBMServices.dll" Vital="yes" KeyPath="no" DiskId="1">
</File>
<File Id="MBMBusinessLayer.dll" Name="MBMBusinessLayer.dll" Source="..\MBMBusinessLayer\bin\Debug\MBMBusinessLayer.dll" Vital="yes" KeyPath="no" DiskId="1">
<fire:FirewallException Id="MBMBusinessLayerdll.tcp" Name="MBM Services tcp" Port="*" Protocol="tcp" Profile="all" Scope="any"/>
</File>
<File Id="MBMBusinessLayer.dll.config" Name="MBMBusinessLayer.dll.config" Source="..\MBMBusinessLayer\bin\Debug\MBMBusinessLayer.dll.config" Vital="yes" KeyPath="no" DiskId="1">
<fire:FirewallException Id="MBMBusinessLayer.config.tcp" Name="MBM Services tcp" Port="*" Protocol="tcp" Profile="all" Scope="any"/>
</File>
<ServiceInstall
Id="ServiceInstaller"
Type="ownProcess"
Vital="yes"
Name="MBMService"
DisplayName="MBMService"
Description="MBMService"
Start="auto"
Account="LocalSystem"
ErrorControl="ignore"
Interactive="no">
</ServiceInstall>
<ServiceControl Id="StartService" Start="install" Stop="both" Remove="uninstall" Name="MBMService" Wait="yes" />
</Component>
</ComponentGroup>
On this thread the comments hint at adding https.sys: WCF service blocked by Windows Firewall
Then they go on to say that this page talks about adding a URL to an exception or something: https://learn.microsoft.com/en-us/dotnet/framework/wcf/feature-details/configuring-http-and-https
So I've manually added https.sys (which is located at C:\Windows\System32\https.sys) on the pc and tested. Still nothing.
I suspect I need to add the URL thing but I have no idea how to do that and as usual the WiX documentation is abysmally sparse.
Anyone have any ideas?
EDIT, SOLUTION: as mentioned in this thread:
WiX Installer: how to add Firewall exception rule?
The FirewallException element needs to sit in the Component tag, not the file tag. The documentation does elude to this but as usual does not explain properly or give any examples.
Further, in order to achieve a firewall rule of Program=any and Port=8733, the program attribute needs to be omitted. Again, the documentation does elude to using either Port OR Program, detailing that the rule will not apply to the firewall if both are defined. HOWEVER, it does not go into detail in regards to the resulting firewall rules in relation to these attributes.
The following WiX code has been implemented and allows requests through.
<Fragment>
<ComponentGroup Id='MBMServicePackage' Directory="INSTALLFOLDER">
<Component Id="MBMService" Guid="e2696e40-6166-49e9-a324-ac417d9b46be">
<fire:FirewallException Id="MBMServicesHost.tcp" Name="MBM Services tcp" Port="8733" Profile="all" Scope="any"/>
<File Id="MBMServiceHost.exe" Name="MBMServiceHost.exe" Source="..\MBMServiceHost\bin\Debug\MBMServiceHost.exe" Vital="yes" KeyPath="yes" DiskId="1">
</File>