This is a very much needed flag. To turn on/off existing firewall rules. And like the recent fix of the 'Profile' key, the netsh cmd prints 'Enabled' in the textual output. (at least on win10 it does). So again a similar small code added for the necessary exception handling when the difference check happens.
Please merge / push upstream like the other fixes. Many thanks. This is the last fix I have put together for this patch set. So I will raise my PR now.
But if you want to fix more bugs, it seems there may be others. In terms of the control code. Sometimes it will delete a rule under 'force' condition (when found difference) - but instead it is supposed to just modify the existing rule. Some weird behaviour regarding that. The other problem is that ansible does not return the error text printed by 'netsh' cmd verbatim... but it should as that makes debugging these errors a *lot* easier.
Hi again. This commit removes a small portion of your script's own internal error checking. In specific: for the value of the profile: key. This is essential to avoid errors on other verisons of the windows operating system which are not win2008r2 (your version).
For example: on win10 (and most likely win8x too), the names of the profiles don't include the values 'current' and 'all'. But instead the values are 'Public' 'Private' 'Domain' and 'Any. But in addition, there are also certain combinatorial values, such as profile=Public,Private etc. Which is too many to error check yourself.
Yet removing the error checking here should not cause any ill effects however: since the netsh advfirewall ... cmds themselves to add / remove / modify actually to their own error checking of the profile=value. So when the cmd is run, it will error out itself with an appropriate / informative error msg. No harm done.
Therefore please remove the highlighed portions from your own script. It is essential for interoperability with win10 and win8x. Many thanks.
In win10 (and pribably win8x also):
The output of 'show rule' key includes the line "Profiles:<TAB>Public,Private".
Yet your script expects the key name printed out to be "Profile:<TAB>value".
This commit added the necessary exception handling to avoid flagging 'different=true' under the false circumstance. The key name to SET a firewall rule is still "profile=" and not "profiles=".
There is coming up another commit to fix the value handling for win10/win8. Which is another (different) error with the profile: key.
Without this fix, the 'netsh' command gets name=Firewall Rule Name instead of name="Firewall Rule Name". Thus causing all sorts of havoc. Basic shell quoting rules seems to apply to Windows Powershell too. This is very much needed as many of windows 10's default firewall rules contain spaces and brackets () characters.
* Refactor code to be more robust. Run main logic inside a try {} catch {}
block. If there is any error, bail out and log all the command output
automatically.
* Rely on error code generated by chocolatey instead of scraping text
output to determine success/failure.
* Add support for unattended installs: (`-y` flag is a requirement by
chocolatey)
* Before (un)installing, check existence of files.
* Use functions to abstract logic
* The great rewrite of 0.9.9, the `choco` interface has changed, check
if chocolatey is installed and an older version. If so upgrade to
latest.
* Allow upgrading packages that are already installed
* Use verbose logging for chocolate actions
* Adding functionality to specify a source for a chocolatey repository.
(@smadam813)
* Removing pre-determined sources and adding specified source url in
it's place. (@smadam813)
Contains contributions from:
* Adam Keech <akeech@chathamfinancial.com> (@smadam813)
Chocolatey 0.9.9+ deprecated support for the `webpi` custom source, so I needed to write this.
[Windows Web Platform Installer](http://www.microsoft.com/web/downloads/platform.aspx) is a way of installing products and applications for Microsoft IIS on Windows. It has a [command line](http://www.iis.net/learn/install/web-platform-installer/web-platform-installer-v4-command-line-webpicmdexe-rtw-release); this ansible module allows IIS modules to be installed via this means.
To find out names of modules, use `webpicmd /list /listoption:available`.
Notes:
* `webpicmd` must be installed and on `PATH` first (see `win_chocolatey` module; package is `webpicmd`)
* `webpicmd` does not allow modules to be uninstalled
* IIS must be installed first (see `win_feature` module; package is `Web-Server`)
* Installations will
* accept EULA (which otherwise requires user input)
* suppress reboots (so you have to manage those; see `win_reboot` module)
When .NET is installed or updated, ngen is triggered to optimise the installation. This triggers high CPU while it's happening, and usually happens at an inconvenient time.
This allows you to trigger it when you like. Full details and background in doc.
I don't know a way to figure out whether this is required without actually running it.