home *** CD-ROM | disk | FTP | other *** search
- <?xml version="1.0"?>
- <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified"
- xmlns:xs="http://www.w3.org/2001/XMLSchema">
-
- <!-- -->
- <!-- Firewall Policy Type -->
- <!-- -->
- <xs:element name="Rule" type="FirewallPolicyType"/>
-
- <xs:complexType name="FirewallPolicyType">
- <xs:sequence>
- <xs:element name="Firewall" type="FirewallType"
- minOccurs="1" maxOccurs="1"/>
- </xs:sequence>
- <xs:attribute name="Name" type="ExtensionRuleType"/>
- </xs:complexType>
-
- <xs:simpleType name="ExtensionRuleType">
- <xs:restriction base="xs:string">
- <xs:enumeration value="Microsoft.OS.Networking.Firewall"/>
- </xs:restriction>
- </xs:simpleType>
-
- <!-- -->
- <!-- Firewall Type -->
- <!-- -->
- <xs:complexType name="FirewallType">
- <xs:sequence>
- <xs:element name="FirewallRules"
- type="FirewallRulesType"
- minOccurs="0"
- maxOccurs="1">
- <xs:unique name="UniqueFirewallRuleIdConstraint">
- <xs:selector xpath="FirewallRule"/>
- <xs:field xpath="@Id"/>
- </xs:unique>
- </xs:element>
- </xs:sequence>
- <xs:attribute name="Mode" type="FirewallModeType" use="optional"/>
- <xs:attribute name="GPOPath" type="xs:string" use="optional"/>
- </xs:complexType>
-
- <xs:simpleType name="FirewallModeType">
- <xs:restriction base="xs:string">
- <xs:enumeration value="Off"/>
- <xs:enumeration value="On"/>
- <xs:enumeration value="Shielded"/>
- </xs:restriction>
- </xs:simpleType>
-
- <!-- -->
- <!-- Firewall Rules Type -->
- <!-- -->
- <xs:complexType name="FirewallRulesType">
- <xs:sequence>
- <xs:element name="FirewallRule"
- type="FirewallRuleType"
- minOccurs="0"
- maxOccurs="unbounded">
- </xs:element>
- </xs:sequence>
- </xs:complexType>
-
- <!-- -->
- <!-- Firewall Rule Type -->
- <!-- -->
- <xs:complexType name="FirewallRuleType">
- <xs:all>
- <xs:element name="LocalPorts" type="PortSetType"
- minOccurs="0" maxOccurs="1" />
- <xs:element name="RemotePorts" type="PortSetType"
- minOccurs="0" maxOccurs="1"/>
- <xs:element name="LocalAddresses" type="AddressSetType"
- minOccurs="0" maxOccurs="1"/>
- <xs:element name="RemoteAddresses" type="AddressSetType"
- minOccurs="0" maxOccurs="1"/>
- <xs:element name="Interfaces" type="InterfaceSetType"
- minOccurs="0" maxOccurs="1"/>
- <xs:element name="ICMPs" type="ICMPSetType"
- minOccurs="0" maxOccurs="1"/>
- </xs:all>
- <xs:attribute name="Id" type="xs:string" use="required"/>
- <xs:attribute name="Name" type="FirewallRuleNameType" use="required"/>
- <xs:attribute name="Description" type="FirewallRuleDescriptionType"
- use="optional"/>
- <xs:attribute name="Profile" type="ProfileType" use="optional"/>
- <xs:attribute name="Group" type="GroupType" use="optional"/>
- <xs:attribute name="ProtocolKeyword" type="ProtocolKeywordType"
- use="optional"/>
- <xs:attribute name="ProtocolNumber" type="ProtocolNumberType"
- use="optional"/>
- <xs:attribute name="Direction" type="DirectionType" use="optional"/>
- <xs:attribute name="Program" type="ProgramType" use="optional"/>
- <xs:attribute name="Service" type="ServiceNameType" use="optional"/>
- <xs:attribute name="Enabled" type="BooleanType" use="optional"/>
- <xs:attribute name="Action" type="RuleActionType" use="optional"/>
- </xs:complexType>
-
- <xs:simpleType name="FirewallRuleNameType">
- <xs:restriction base="xs:string">
- <xs:minLength value="1"/>
- <xs:maxLength value="1024"/>
- </xs:restriction>
- </xs:simpleType>
-
- <xs:simpleType name="FirewallRuleDescriptionType">
- <xs:restriction base="xs:string">
- <xs:minLength value="0"/>
- <xs:maxLength value="1024"/>
- </xs:restriction>
- </xs:simpleType>
-
- <xs:simpleType name="ProfileType">
- <xs:restriction base="xs:string">
- <xs:enumeration value="Domain"/>
- <xs:enumeration value="Private"/>
- <xs:enumeration value="Public"/>
- <xs:enumeration value="DomainAndPrivate"/>
- <xs:enumeration value="DomainAndPublic"/>
- <xs:enumeration value="PrivateAndDomain"/>
- <xs:enumeration value="PrivateAndPublic"/>
- <xs:enumeration value="PublicAndDomain"/>
- <xs:enumeration value="PublicAndPrivate"/>
- <xs:enumeration value="All"/>
- </xs:restriction>
- </xs:simpleType>
-
- <xs:simpleType name="GroupType">
- <xs:restriction base="xs:string">
- <xs:minLength value="0"/>
- <xs:maxLength value="1024"/>
- </xs:restriction>
- </xs:simpleType>
-
- <xs:simpleType name="ProtocolKeywordType">
- <xs:restriction base="xs:string">
- <xs:enumeration value="HOPOPT"/>
- <xs:enumeration value="ICMP_V4"/>
- <xs:enumeration value="IGMP"/>
- <xs:enumeration value="TCP"/>
- <xs:enumeration value="UDP"/>
- <xs:enumeration value="RDP"/>
- <xs:enumeration value="IRTP"/>
- <xs:enumeration value="IPV6"/>
- <xs:enumeration value="IPV6_ROUTE"/>
- <xs:enumeration value="IPV6_FRAGMENT"/>
- <xs:enumeration value="GRE"/>
- <xs:enumeration value="ESP"/>
- <xs:enumeration value="AH"/>
- <xs:enumeration value="ICMP_V6"/>
- <xs:enumeration value="IPV6_NO_NEXT"/>
- <xs:enumeration value="IPV6_OPTIONS"/>
- <xs:enumeration value="VRRP"/>
- <xs:enumeration value="PGM"/>
- <xs:enumeration value="L2TP"/>
- <xs:enumeration value="ANY"/>
- <xs:enumeration value="OTHER"/>
- </xs:restriction>
- </xs:simpleType>
-
- <xs:simpleType name="ProtocolNumberType">
- <xs:restriction base="xs:integer">
- <xs:minInclusive value="0"/>
- <xs:maxInclusive value="255"/>
- </xs:restriction>
- </xs:simpleType>
-
- <xs:simpleType name="DirectionType">
- <xs:restriction base="xs:string">
- <xs:enumeration value="Inbound"/>
- <xs:enumeration value="Outbound"/>
- </xs:restriction>
- </xs:simpleType>
-
- <xs:simpleType name="ProgramType">
- <xs:restriction base="xs:string">
- <xs:minLength value="0"/>
- <xs:maxLength value="260"/>
- </xs:restriction>
- </xs:simpleType>
-
- <xs:simpleType name="ServiceNameType">
- <xs:restriction base="xs:string">
- <xs:minLength value="0"/>
- <xs:maxLength value="260"/>
- </xs:restriction>
- </xs:simpleType>
-
- <xs:simpleType name="RuleActionType">
- <xs:restriction base="xs:string">
- <xs:enumeration value="AllowConnections"/>
- <xs:enumeration value="AllowSecureConnections"/>
- <xs:enumeration value="AllowSecureEncryptedConnections"/>
- <xs:enumeration value="BlockConnections"/>
- </xs:restriction>
- </xs:simpleType>
-
- <xs:simpleType name="SpecialPortsKeywordType">
- <xs:restriction base="xs:string">
- <xs:enumeration value="DynamicRPC"/>
- <xs:enumeration value="RPCEndPointMapper"/>
- <xs:enumeration value="EdgeTraversal"/>
- </xs:restriction>
- </xs:simpleType>
-
- <!-- -->
- <!-- Port Set Type -->
- <!-- -->
- <xs:complexType name="PortSetType">
- <xs:sequence>
- <xs:choice minOccurs="0" maxOccurs="unbounded">
- <xs:element name="Port" type="PortType"
- minOccurs="0" maxOccurs="unbounded"/>
- <xs:element name="CustomPort" type="CustomPortType"
- minOccurs="0" maxOccurs="unbounded"/>
- <xs:element name="RegistryPort" type="RegistryPortType"
- minOccurs="0" maxOccurs="unbounded"/>
- </xs:choice>
- </xs:sequence>
- <xs:attribute name="SpecialPorts" type="SpecialPortsKeywordType" use="optional"/>
- </xs:complexType>
-
- <xs:complexType name="PortType">
- <xs:attribute name="Value" type="PortValueType" use="required"/>
- </xs:complexType>
-
- <xs:complexType name="CustomPortType">
- <xs:attribute name="DefaultValue" type="PortValueType" use="required"/>
- <xs:attribute name="FunctionName" type="xs:string" use="required"/>
- <xs:attribute name="DLLPath" type="xs:string" use="required"/>
- <xs:attribute name="ResultValue" type="PortValueType" use="optional"/>
- </xs:complexType>
-
- <xs:complexType name="RegistryPortType">
- <xs:attribute name="DefaultValue" type="PortValueType" use="required"/>
- <xs:attribute name="Path" type="xs:string" use="required"/>
- <xs:attribute name="ResultValue" type="PortValueType" use="optional"/>
- </xs:complexType>
-
- <xs:simpleType name="PortValueType">
- <xs:restriction base="xs:integer">
- <xs:minInclusive value="0"/>
- <xs:maxInclusive value="65535"/>
- </xs:restriction>
- </xs:simpleType>
-
- <!-- -->
- <!-- Address Set Type -->
- <!-- -->
- <xs:complexType name="AddressSetType">
- <xs:sequence>
- <xs:choice minOccurs="0" maxOccurs="unbounded">
- <xs:element name="V4Address" type="V4AddressType"
- minOccurs="0" maxOccurs="unbounded"/>
- <xs:element name="V6Address" type="V6AddressType"
- minOccurs="0" maxOccurs="unbounded"/>
- <xs:element name="V4AddressRange" type="V4AddressRangeType"
- minOccurs="0" maxOccurs="unbounded"/>
- <xs:element name="V6AddressRange" type="V6AddressRangeType"
- minOccurs="0" maxOccurs="unbounded"/>
- <xs:element name="V4Subnet" type="V4SubnetType"
- minOccurs="0" maxOccurs="unbounded"/>
- <xs:element name="V6Subnet" type="V6SubnetType"
- minOccurs="0" maxOccurs="unbounded"/>
- </xs:choice>
- </xs:sequence>
- <xs:attribute name="DefaultGateway" type="BooleanType" use="optional"/>
- <xs:attribute name="WINSServers" type="BooleanType" use="optional"/>
- <xs:attribute name="DHCPServers" type="BooleanType" use="optional"/>
- <xs:attribute name="DNSServers" type="BooleanType" use="optional"/>
- <xs:attribute name="LocalSubnet" type="BooleanType" use="optional"/>
- </xs:complexType>
-
- <xs:complexType name="V4AddressType">
- <xs:attribute name="Value" type="V4AddressValueType" use="required"/>
- </xs:complexType>
-
- <xs:complexType name="V6AddressType">
- <xs:attribute name="Value" type="V6AddressValueType" use="required"/>
- </xs:complexType>
-
- <xs:complexType name="V4AddressRangeType">
- <xs:attribute name="Begin" type="V4AddressValueType" use="required"/>
- <xs:attribute name="End" type="V4AddressValueType" use="required"/>
- </xs:complexType>
-
- <xs:complexType name="V6AddressRangeType">
- <xs:attribute name="Begin" type="V6AddressValueType" use="required"/>
- <xs:attribute name="End" type="V6AddressValueType" use="required"/>
- </xs:complexType>
-
- <xs:complexType name="V4SubnetType">
- <xs:attribute name="Address" type="V4AddressValueType" use="required"/>
- <xs:attribute name="PrefixLength" type="V4PrefixLengthType" use="required"/>
- </xs:complexType>
-
- <xs:complexType name="V6SubnetType">
- <xs:attribute name="Address" type="V6AddressValueType" use="required"/>
- <xs:attribute name="PrefixLength" type="V6PrefixLengthType" use="required"/>
- </xs:complexType>
-
- <xs:simpleType name="V4AddressValueType">
- <xs:restriction base="xs:string">
- <xs:pattern value="([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})"/>
- </xs:restriction>
- </xs:simpleType>
-
- <xs:simpleType name="V6AddressValueType">
- <xs:restriction base="xs:string"/>
- </xs:simpleType>
-
- <xs:simpleType name="V4PrefixLengthType">
- <xs:restriction base="xs:integer">
- <xs:minInclusive value="1"/>
- <xs:maxInclusive value="31"/>
- </xs:restriction>
- </xs:simpleType>
-
- <xs:simpleType name="V6PrefixLengthType">
- <xs:restriction base="xs:integer">
- <xs:minInclusive value="1"/>
- <xs:maxInclusive value="127"/>
- </xs:restriction>
- </xs:simpleType>
-
- <!-- -->
- <!-- Interface Set Type -->
- <!-- -->
- <xs:complexType name="InterfaceSetType">
- <xs:sequence>
- <xs:element name="Interface" type="InterfaceType"
- minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:complexType>
-
- <xs:complexType name="InterfaceType">
- <xs:attribute name="Id" type="GuidType" use="required"/>
- </xs:complexType>
-
- <!-- -->
- <!-- ICMP Set Type -->
- <!-- -->
- <xs:complexType name="ICMPSetType">
- <xs:sequence>
- <xs:element name="ICMP" type="ICMPType"
- minOccurs="0" maxOccurs="unbounded"/>
- </xs:sequence>
- </xs:complexType>
-
- <xs:complexType name="ICMPType">
- <xs:attribute name="Type" type="ICMPKindType" use="required"/>
- <xs:attribute name="Code" type="ICMPCodeType" use="required"/>
- </xs:complexType>
-
- <xs:simpleType name="ICMPKindType">
- <xs:restriction base="xs:integer">
- <xs:minInclusive value="0"/>
- <xs:maxInclusive value="255"/>
- </xs:restriction>
- </xs:simpleType>
-
- <xs:simpleType name="ICMPCodeType">
- <xs:union>
- <xs:simpleType>
- <xs:restriction base="xs:integer">
- <xs:minInclusive value="0"/>
- <xs:maxInclusive value="255"/>
- </xs:restriction>
- </xs:simpleType>
- <xs:simpleType>
- <xs:restriction base="xs:string">
- <xs:enumeration value="*"/>
- </xs:restriction>
- </xs:simpleType>
- </xs:union>
- </xs:simpleType>
-
- <!-- -->
- <!-- Generic Types -->
- <!-- -->
- <xs:simpleType name="BooleanType">
- <xs:restriction base="xs:string">
- <xs:enumeration value="True"/>
- <xs:enumeration value="False"/>
- </xs:restriction>
- </xs:simpleType>
-
- <xs:simpleType name="GuidType">
- <xs:restriction base="xs:string">
- <xs:pattern value="[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}"/>
- </xs:restriction>
- </xs:simpleType>
-
- </xs:schema>
-