There have been various security changes made to Windows XP operating system in Service Pack 2 including a new Windows firewall. This article answers questions on configuring MassTransit to run under Windows XP Service Pack 2.
This article is written for customers who are using various flavors of MassTransit with a Windows XP operating system. It sheds light on the security enhancements made by Microsoft Corporation in Windows XP Service Pack 2 (SP2).
Since MassTransit uses TCP/IP to communicate over the Internet, SP2 directly affects MassTransit behavior. As part of the Security enhancement in SP2, Microsoft has included a new firewall which monitors all internet traffic. This replaces the Internet Connection Firewall (ICF) included as part of Windows XP operating system and/or Service Pack 1. Many of the details presented in this article are gathered from various articles on Microsoft's website. Please refer to the Microsoft's firewall article for technical information regarding that security feature of SP2.
Prior to SP2, ICF was disabled by default on all connections. As a result, MassTransit (or any other program) was able to freely communicate on various ports. However, in SP2 the firewall is enabled by default and all network connections are monitored. Only programs on an exception list can communicate without firewall interference. Only client-based programs such as e-mail, web access, etc. are not blocked from internet access when the firewall is enabled.
How does the firewall work?
The firewall monitors all packets sent and checks them against the exception list. If the packets are not on the list then they are silently discarded. More information can be found in the firewall article on Microsoft's website.
Running MassTransit on Windows XP SP2
Once MassTransit is installed, user can add MassTransit to the exception list either by launching MassTransit or by manually adding MassTransit to the exception list.
When MassTransit is launched and tries to listen on TCP ports, a dialog box ("Windows Security Alert") will pop-up, asking the user if they wish to add MassTransit to the exception list. If you choose to add MassTransit to the exception list, the firewall will not prompt the windows security alert dialog again unless MassTransit is removed and re-installed.
When running MassTransit as a service, user should add MassTransit to the exception list manually.
- To manually add MassTransit to the exception list:
- Click Start -> Control Panel -> Security Center -> Windows Firewall.
- Click the Exceptions tab.
- Click "Add Program" and choose MassTransit from the list or search for it manually using the Browse button.
- Click OK to save changes.
Note: Once MassTransit is added to the exception list, any ports used by it will be opened and closed automatically by the Windows firewall as needed.