home *** CD-ROM | disk | FTP | other *** search
/ PC World Komputer 2010 April / PCWorld0410.iso / WindowsServerTrial / server.iso / sources / install.wim / 1 / Windows / security / FirewallPolicy.xsd next >
Extensible Markup Language  |  2008-01-19  |  16KB  |  395 lines

  1. <?xml version="1.0"?>
  2. <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" 
  3.            xmlns:xs="http://www.w3.org/2001/XMLSchema">
  4.  
  5.     <!-- -->
  6.     <!-- Firewall Policy Type -->
  7.     <!-- -->
  8.     <xs:element name="Rule" type="FirewallPolicyType"/>
  9.  
  10.     <xs:complexType name="FirewallPolicyType">
  11.         <xs:sequence>
  12.             <xs:element name="Firewall" type="FirewallType" 
  13.                         minOccurs="1" maxOccurs="1"/>
  14.         </xs:sequence>
  15.         <xs:attribute name="Name" type="ExtensionRuleType"/>
  16.     </xs:complexType>
  17.  
  18.     <xs:simpleType name="ExtensionRuleType">
  19.         <xs:restriction base="xs:string">
  20.             <xs:enumeration value="Microsoft.OS.Networking.Firewall"/>
  21.         </xs:restriction>
  22.     </xs:simpleType>
  23.  
  24.     <!-- -->
  25.     <!-- Firewall Type -->
  26.     <!-- -->
  27.     <xs:complexType name="FirewallType">
  28.         <xs:sequence>
  29.             <xs:element name="FirewallRules"
  30.                         type="FirewallRulesType" 
  31.                         minOccurs="0"
  32.                         maxOccurs="1">
  33.                 <xs:unique name="UniqueFirewallRuleIdConstraint">
  34.                     <xs:selector xpath="FirewallRule"/>
  35.                     <xs:field xpath="@Id"/>
  36.                 </xs:unique>
  37.             </xs:element>
  38.         </xs:sequence>
  39.         <xs:attribute name="Mode" type="FirewallModeType" use="optional"/>
  40.         <xs:attribute name="GPOPath" type="xs:string" use="optional"/>
  41.     </xs:complexType>
  42.  
  43.     <xs:simpleType name="FirewallModeType">
  44.         <xs:restriction base="xs:string">
  45.             <xs:enumeration value="Off"/>
  46.             <xs:enumeration value="On"/>
  47.             <xs:enumeration value="Shielded"/>
  48.         </xs:restriction>
  49.     </xs:simpleType>
  50.  
  51.     <!-- -->
  52.     <!-- Firewall Rules Type -->
  53.     <!-- -->
  54.     <xs:complexType name="FirewallRulesType">
  55.         <xs:sequence>
  56.             <xs:element name="FirewallRule"
  57.                         type="FirewallRuleType" 
  58.                         minOccurs="0"
  59.                         maxOccurs="unbounded">
  60.             </xs:element>
  61.         </xs:sequence>
  62.     </xs:complexType>
  63.  
  64.     <!-- -->
  65.     <!-- Firewall Rule Type -->
  66.     <!-- -->
  67.     <xs:complexType name="FirewallRuleType">
  68.         <xs:all>
  69.             <xs:element name="LocalPorts" type="PortSetType" 
  70.                         minOccurs="0" maxOccurs="1" />
  71.             <xs:element name="RemotePorts" type="PortSetType" 
  72.                         minOccurs="0" maxOccurs="1"/>
  73.             <xs:element name="LocalAddresses" type="AddressSetType" 
  74.                         minOccurs="0" maxOccurs="1"/>
  75.             <xs:element name="RemoteAddresses" type="AddressSetType" 
  76.                         minOccurs="0" maxOccurs="1"/>
  77.             <xs:element name="Interfaces" type="InterfaceSetType" 
  78.                         minOccurs="0" maxOccurs="1"/>
  79.             <xs:element name="ICMPs" type="ICMPSetType" 
  80.                         minOccurs="0" maxOccurs="1"/>
  81.         </xs:all>
  82.         <xs:attribute name="Id" type="xs:string" use="required"/>
  83.         <xs:attribute name="Name" type="FirewallRuleNameType" use="required"/>
  84.         <xs:attribute name="Description" type="FirewallRuleDescriptionType" 
  85.                       use="optional"/>
  86.         <xs:attribute name="Profile" type="ProfileType" use="optional"/>
  87.         <xs:attribute name="Group" type="GroupType" use="optional"/>
  88.         <xs:attribute name="ProtocolKeyword" type="ProtocolKeywordType" 
  89.                       use="optional"/>
  90.         <xs:attribute name="ProtocolNumber" type="ProtocolNumberType" 
  91.                       use="optional"/>
  92.         <xs:attribute name="Direction" type="DirectionType" use="optional"/>
  93.         <xs:attribute name="Program" type="ProgramType" use="optional"/>
  94.         <xs:attribute name="Service" type="ServiceNameType" use="optional"/>
  95.         <xs:attribute name="Enabled" type="BooleanType" use="optional"/>
  96.         <xs:attribute name="Action" type="RuleActionType" use="optional"/>
  97.     </xs:complexType>
  98.  
  99.     <xs:simpleType name="FirewallRuleNameType">
  100.         <xs:restriction base="xs:string">
  101.             <xs:minLength value="1"/>
  102.             <xs:maxLength value="1024"/>
  103.         </xs:restriction>
  104.     </xs:simpleType>
  105.  
  106.     <xs:simpleType name="FirewallRuleDescriptionType">
  107.         <xs:restriction base="xs:string">
  108.             <xs:minLength value="0"/>
  109.             <xs:maxLength value="1024"/>
  110.         </xs:restriction>
  111.     </xs:simpleType>
  112.  
  113.     <xs:simpleType name="ProfileType">
  114.         <xs:restriction base="xs:string">
  115.             <xs:enumeration value="Domain"/>
  116.             <xs:enumeration value="Private"/>
  117.             <xs:enumeration value="Public"/>
  118.             <xs:enumeration value="DomainAndPrivate"/>
  119.             <xs:enumeration value="DomainAndPublic"/>
  120.             <xs:enumeration value="PrivateAndDomain"/>
  121.             <xs:enumeration value="PrivateAndPublic"/>
  122.             <xs:enumeration value="PublicAndDomain"/>
  123.             <xs:enumeration value="PublicAndPrivate"/>
  124.             <xs:enumeration value="All"/>
  125.         </xs:restriction>
  126.     </xs:simpleType>
  127.  
  128.     <xs:simpleType name="GroupType">
  129.         <xs:restriction base="xs:string">
  130.             <xs:minLength value="0"/>
  131.             <xs:maxLength value="1024"/>
  132.         </xs:restriction>
  133.     </xs:simpleType>
  134.  
  135.     <xs:simpleType name="ProtocolKeywordType">
  136.         <xs:restriction base="xs:string">
  137.             <xs:enumeration value="HOPOPT"/>
  138.             <xs:enumeration value="ICMP_V4"/>
  139.             <xs:enumeration value="IGMP"/>
  140.             <xs:enumeration value="TCP"/>
  141.             <xs:enumeration value="UDP"/>
  142.             <xs:enumeration value="RDP"/>
  143.             <xs:enumeration value="IRTP"/>
  144.             <xs:enumeration value="IPV6"/>
  145.             <xs:enumeration value="IPV6_ROUTE"/>
  146.             <xs:enumeration value="IPV6_FRAGMENT"/>
  147.             <xs:enumeration value="GRE"/>
  148.             <xs:enumeration value="ESP"/>
  149.             <xs:enumeration value="AH"/>
  150.             <xs:enumeration value="ICMP_V6"/>
  151.             <xs:enumeration value="IPV6_NO_NEXT"/>
  152.             <xs:enumeration value="IPV6_OPTIONS"/>
  153.             <xs:enumeration value="VRRP"/>
  154.             <xs:enumeration value="PGM"/>
  155.             <xs:enumeration value="L2TP"/>
  156.             <xs:enumeration value="ANY"/>
  157.             <xs:enumeration value="OTHER"/>
  158.         </xs:restriction>
  159.     </xs:simpleType>
  160.  
  161.     <xs:simpleType name="ProtocolNumberType">
  162.         <xs:restriction base="xs:integer">
  163.             <xs:minInclusive value="0"/>
  164.             <xs:maxInclusive value="255"/>
  165.         </xs:restriction>
  166.     </xs:simpleType>
  167.  
  168.     <xs:simpleType name="DirectionType">
  169.         <xs:restriction base="xs:string">
  170.             <xs:enumeration value="Inbound"/>
  171.             <xs:enumeration value="Outbound"/>
  172.         </xs:restriction>
  173.     </xs:simpleType>
  174.  
  175.     <xs:simpleType name="ProgramType">
  176.         <xs:restriction base="xs:string">
  177.             <xs:minLength value="0"/>
  178.             <xs:maxLength value="260"/>
  179.         </xs:restriction>
  180.     </xs:simpleType>
  181.  
  182.     <xs:simpleType name="ServiceNameType">
  183.         <xs:restriction base="xs:string">
  184.             <xs:minLength value="0"/>
  185.             <xs:maxLength value="260"/>
  186.         </xs:restriction>
  187.     </xs:simpleType>
  188.  
  189.     <xs:simpleType name="RuleActionType">
  190.         <xs:restriction base="xs:string">
  191.             <xs:enumeration value="AllowConnections"/>
  192.             <xs:enumeration value="AllowSecureConnections"/>
  193.             <xs:enumeration value="AllowSecureEncryptedConnections"/>
  194.             <xs:enumeration value="BlockConnections"/>
  195.         </xs:restriction>
  196.     </xs:simpleType>
  197.  
  198.     <xs:simpleType name="SpecialPortsKeywordType">
  199.       <xs:restriction base="xs:string">
  200.         <xs:enumeration value="DynamicRPC"/>
  201.         <xs:enumeration value="RPCEndPointMapper"/>
  202.         <xs:enumeration value="EdgeTraversal"/>
  203.       </xs:restriction>
  204.     </xs:simpleType>
  205.  
  206.     <!-- -->
  207.     <!-- Port Set Type -->
  208.     <!-- -->
  209.     <xs:complexType name="PortSetType">
  210.         <xs:sequence>
  211.             <xs:choice minOccurs="0" maxOccurs="unbounded">
  212.                 <xs:element name="Port" type="PortType" 
  213.                             minOccurs="0" maxOccurs="unbounded"/>
  214.                 <xs:element name="CustomPort" type="CustomPortType" 
  215.                             minOccurs="0" maxOccurs="unbounded"/>
  216.                 <xs:element name="RegistryPort" type="RegistryPortType" 
  217.                             minOccurs="0" maxOccurs="unbounded"/>
  218.             </xs:choice>
  219.         </xs:sequence>
  220.         <xs:attribute name="SpecialPorts" type="SpecialPortsKeywordType" use="optional"/>
  221.     </xs:complexType>
  222.  
  223.     <xs:complexType name="PortType">
  224.         <xs:attribute name="Value" type="PortValueType" use="required"/>
  225.     </xs:complexType>
  226.  
  227.     <xs:complexType name="CustomPortType">
  228.         <xs:attribute name="DefaultValue" type="PortValueType" use="required"/>
  229.         <xs:attribute name="FunctionName" type="xs:string" use="required"/>
  230.         <xs:attribute name="DLLPath" type="xs:string" use="required"/>
  231.         <xs:attribute name="ResultValue" type="PortValueType" use="optional"/>
  232.     </xs:complexType>
  233.  
  234.     <xs:complexType name="RegistryPortType">
  235.         <xs:attribute name="DefaultValue" type="PortValueType" use="required"/>
  236.         <xs:attribute name="Path" type="xs:string" use="required"/>
  237.         <xs:attribute name="ResultValue" type="PortValueType" use="optional"/>
  238.     </xs:complexType>
  239.  
  240.     <xs:simpleType name="PortValueType">
  241.         <xs:restriction base="xs:integer">
  242.             <xs:minInclusive value="0"/>
  243.             <xs:maxInclusive value="65535"/>
  244.         </xs:restriction>
  245.     </xs:simpleType>
  246.  
  247.     <!-- -->
  248.     <!-- Address Set Type -->
  249.     <!-- -->
  250.     <xs:complexType name="AddressSetType">
  251.         <xs:sequence>
  252.             <xs:choice minOccurs="0" maxOccurs="unbounded">
  253.                 <xs:element name="V4Address" type="V4AddressType" 
  254.                             minOccurs="0" maxOccurs="unbounded"/>
  255.                 <xs:element name="V6Address" type="V6AddressType" 
  256.                             minOccurs="0" maxOccurs="unbounded"/>
  257.                 <xs:element name="V4AddressRange" type="V4AddressRangeType" 
  258.                             minOccurs="0" maxOccurs="unbounded"/>
  259.                 <xs:element name="V6AddressRange" type="V6AddressRangeType" 
  260.                             minOccurs="0" maxOccurs="unbounded"/>
  261.                 <xs:element name="V4Subnet" type="V4SubnetType" 
  262.                             minOccurs="0" maxOccurs="unbounded"/>
  263.                 <xs:element name="V6Subnet" type="V6SubnetType" 
  264.                             minOccurs="0" maxOccurs="unbounded"/>
  265.             </xs:choice>
  266.         </xs:sequence>
  267.         <xs:attribute name="DefaultGateway" type="BooleanType" use="optional"/>
  268.         <xs:attribute name="WINSServers" type="BooleanType" use="optional"/>
  269.         <xs:attribute name="DHCPServers" type="BooleanType" use="optional"/>
  270.         <xs:attribute name="DNSServers" type="BooleanType" use="optional"/>
  271.         <xs:attribute name="LocalSubnet" type="BooleanType" use="optional"/>
  272.     </xs:complexType>
  273.  
  274.     <xs:complexType name="V4AddressType">
  275.         <xs:attribute name="Value" type="V4AddressValueType" use="required"/>
  276.     </xs:complexType>
  277.  
  278.     <xs:complexType name="V6AddressType">
  279.         <xs:attribute name="Value" type="V6AddressValueType" use="required"/>
  280.     </xs:complexType>
  281.  
  282.     <xs:complexType name="V4AddressRangeType">
  283.         <xs:attribute name="Begin" type="V4AddressValueType" use="required"/>
  284.         <xs:attribute name="End" type="V4AddressValueType" use="required"/>
  285.     </xs:complexType>
  286.  
  287.     <xs:complexType name="V6AddressRangeType">
  288.         <xs:attribute name="Begin" type="V6AddressValueType" use="required"/>
  289.         <xs:attribute name="End" type="V6AddressValueType" use="required"/>
  290.     </xs:complexType>
  291.  
  292.     <xs:complexType name="V4SubnetType">
  293.         <xs:attribute name="Address" type="V4AddressValueType" use="required"/>
  294.         <xs:attribute name="PrefixLength" type="V4PrefixLengthType" use="required"/>
  295.     </xs:complexType>
  296.  
  297.     <xs:complexType name="V6SubnetType">
  298.         <xs:attribute name="Address" type="V6AddressValueType" use="required"/>
  299.         <xs:attribute name="PrefixLength" type="V6PrefixLengthType" use="required"/>
  300.     </xs:complexType>
  301.  
  302.     <xs:simpleType name="V4AddressValueType">
  303.         <xs:restriction base="xs:string">
  304.             <xs:pattern value="([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})"/>
  305.         </xs:restriction>
  306.     </xs:simpleType>
  307.  
  308.     <xs:simpleType name="V6AddressValueType">
  309.         <xs:restriction base="xs:string"/>
  310.     </xs:simpleType>
  311.  
  312.     <xs:simpleType name="V4PrefixLengthType">
  313.         <xs:restriction base="xs:integer">
  314.             <xs:minInclusive value="1"/>
  315.             <xs:maxInclusive value="31"/>
  316.         </xs:restriction>
  317.     </xs:simpleType>
  318.  
  319.     <xs:simpleType name="V6PrefixLengthType">
  320.         <xs:restriction base="xs:integer">
  321.             <xs:minInclusive value="1"/>
  322.             <xs:maxInclusive value="127"/>
  323.         </xs:restriction>
  324.     </xs:simpleType>
  325.  
  326.     <!-- -->
  327.     <!-- Interface Set Type -->
  328.     <!-- -->
  329.     <xs:complexType name="InterfaceSetType">
  330.         <xs:sequence>
  331.             <xs:element name="Interface" type="InterfaceType" 
  332.                         minOccurs="0" maxOccurs="unbounded"/>
  333.         </xs:sequence>
  334.     </xs:complexType>
  335.  
  336.     <xs:complexType name="InterfaceType">
  337.         <xs:attribute name="Id" type="GuidType" use="required"/>
  338.     </xs:complexType>
  339.  
  340.     <!-- -->
  341.     <!-- ICMP Set Type -->
  342.     <!-- -->
  343.     <xs:complexType name="ICMPSetType">
  344.         <xs:sequence>
  345.             <xs:element name="ICMP" type="ICMPType" 
  346.                         minOccurs="0" maxOccurs="unbounded"/>
  347.         </xs:sequence>
  348.     </xs:complexType>
  349.  
  350.     <xs:complexType name="ICMPType">
  351.         <xs:attribute name="Type" type="ICMPKindType" use="required"/>
  352.         <xs:attribute name="Code" type="ICMPCodeType" use="required"/>
  353.     </xs:complexType>
  354.  
  355.     <xs:simpleType name="ICMPKindType">
  356.         <xs:restriction base="xs:integer">
  357.             <xs:minInclusive value="0"/>
  358.             <xs:maxInclusive value="255"/>
  359.         </xs:restriction>
  360.     </xs:simpleType>
  361.  
  362.     <xs:simpleType name="ICMPCodeType">
  363.         <xs:union>
  364.             <xs:simpleType>
  365.                 <xs:restriction base="xs:integer">
  366.                     <xs:minInclusive value="0"/>
  367.                     <xs:maxInclusive value="255"/>
  368.                 </xs:restriction>
  369.             </xs:simpleType>
  370.             <xs:simpleType>
  371.                 <xs:restriction base="xs:string">
  372.                     <xs:enumeration value="*"/>
  373.                 </xs:restriction>
  374.             </xs:simpleType>
  375.         </xs:union>
  376.     </xs:simpleType>
  377.  
  378.     <!-- -->
  379.     <!-- Generic Types -->
  380.     <!-- -->
  381.     <xs:simpleType name="BooleanType">
  382.         <xs:restriction base="xs:string">
  383.             <xs:enumeration value="True"/>
  384.             <xs:enumeration value="False"/>
  385.         </xs:restriction>
  386.     </xs:simpleType>
  387.  
  388.     <xs:simpleType name="GuidType">
  389.         <xs:restriction base="xs:string">
  390.             <xs:pattern value="[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}"/>
  391.         </xs:restriction>
  392.     </xs:simpleType>
  393.  
  394. </xs:schema>
  395.