Hi, I've got a windows service, which uses http.sys for providing some services. But these are blocked by the windows firewall. What do I'need to do to allow access to the service through the firewall? The service uses some random ports, so opening the ports is not an option. I already added the service's process to the exceptions list of the firewall, but this didn't do it. Probably the ports are opened by another process, which hosts http.sys and not the service process itself. EDIT: I just used netstat to get the process listening on the relevant ports. It's the System process. Is it even possible to add a firewall exception for this process? And if it's possible, what are the security issues? Does anyone have advice?

According to MSDN Firewall Rules Needed for Common Transports, compents utilizing http.sys requries the following rule dir="in" protocol="6" lport="<SPECIFY PORT USED HERE: CAN BE 80, 443, or CUSTOM>" binary="System", which equals to creating an inbound rule setting allow progam to System. The steps: 1. Open firewall advanced security. 2. Create an inbound rule 3. In the program page, type "system" in the "this program path" textbox. In the service page, choose "all program and service", or "apply to service only". Note, you cannot use "apply to this service". 4. Complete the normal steps.