XBOX
Scope: Windows Store, XBOX Game Pass Edition (all)
Problem 1: RW access to the executables for the xbox-app / win-store version, it is not possible to manually add the rule w/o cmd
Problem 2: Running application reports namespace back, fw cannot translate provided namespace = path invalid
Issue: Connection to Server not possible
Impact: High, Multiplayer not possible
#1 Workaround: Set Windows Firewall with Advanced Security Settings to allow outbound connections that do not match a rule by default / Temporarily disable Third-Party Security Provider (Firewall) **NOT RECOMMENDED
#2 Workaround: For the ease of access to Mods, to Mod, to play Multiplayer acquire the Game on Steam.
Following the official Microsoft TechNet guidelines to configurate, add or apply specific firewall settings do not work as the folder/sub-folders have different file-permission settings and cannot be applied or created / added to pre-defined rules. Adding a new firewall without the selection of the package has no effect. The package cannot be selected because it is not registered.
----------------------------------------------------------------------
System Info
Windows 10 Version 2004 (Build 19041.450)
XBOX App Ver. 2008.1001.11.0
CK3 Version XGP
Windows Firewall (Local), Network Firewall Appliance (no issues)
----------------------------------------------------------------------
Windows Firewall Configuration (Domain, Private, Public):
State ON
Firewall Policy BlockInbound,BlockOutbound
LocalFirewallRules N/A (GPO-store only)
LocalConSecRules N/A (GPO-store only)
InboundUserNotification Enable
RemoteManagement Disable
UnicastResponseToMulticast Disable
LogAllowedConnections Enable
LogDroppedConnections Enable
----------------------------------------------------------------------
Windows Defender Configuration
AMRunningMode : Normal
AMServiceEnabled : True
AntispywareEnabled : True
AntivirusEnabled : True
BehaviorMonitorEnabled : True
ComputerState : 0
IoavProtectionEnabled : True
IsTamperProtected : True
IsVirtualMachine : True
NISEnabled : True
OnAccessProtectionEnabled : True
RealTimeProtectionEnabled : True
----------------------------------------------------------------------
IP / WinSock Configuration
pushd interface ipv4
set global icmpredirects=enabled taskoffload=disabled mldlevel=none
add route prefix=0.0.0.0/0 interface="Ethernet" nexthop=192.168.XX.XX publish=Yes
set interface interface="Ethernet (Kernel Debugger)" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 4" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="vEthernet (Eth0)" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="vEthernet (Eth1)" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
add address name="Ethernet" address=192.168.XX.XX mask=255.255.255.0
add address name="vEthernet (Eth0)" address=192.168.XX.XX mask=255.255.240.0
add address name="vEthernet (Eth1)" address=172.23.XX.XX mask=255.255.240.0
DHCP Disable
NetBIOS Disable
----------------------------------------------------------------------
App-Package reset not working
App-Package repair not working
App-Package Uninstall / Install not working
Configure Windows Firewall with Advanced Security by Using an Answer File not working
Netsh advfirewall firewall add rule not working (no file access / namespaces)
Different Device-1 same issue (XBGP)
Steam Edition: Running
Cookie Edition: Running
PsExec set RW access for CK3.exe, ckpatch.exe, paradox launcher.exe to user context (with condition) works temp. / until NTtrustedinstaller
----------------------------------------------------------------------
The game will be started with a conditional setting, to run the app-package "ParadoxInteractive.ProjectTitus_1.0.66.0_x64__zfnrdv2de78ny" that the SYSAPPID must be contain Conditional Value. Is that the case u have Read / Execute Permission.
The executable gives a invalid path / namespace back to work with "\device\harddiskvolume{value}\launcher\bin\paradox launcher.exe".
The firewall rule cannot be applied to the executable manually under the current file permission with ease of access
The name-space blob is invalid as fwrule.
Problem 1: RW access to the executables for the xbox-app / win-store version, it is not possible to manually add the rule w/o cmd
Problem 2: Running application reports namespace back, fw cannot translate provided namespace = path invalid
Issue: Connection to Server not possible
Impact: High, Multiplayer not possible
#1 Workaround: Set Windows Firewall with Advanced Security Settings to allow outbound connections that do not match a rule by default / Temporarily disable Third-Party Security Provider (Firewall) **NOT RECOMMENDED
Following the official Microsoft TechNet guidelines to configurate, add or apply specific firewall settings do not work as the folder/sub-folders have different file-permission settings and cannot be applied or created / added to pre-defined rules. Adding a new firewall without the selection of the package has no effect. The package cannot be selected because it is not registered.
----------------------------------------------------------------------
System Info
Windows 10 Version 2004 (Build 19041.450)
XBOX App Ver. 2008.1001.11.0
CK3 Version XGP
Windows Firewall (Local), Network Firewall Appliance (no issues)
----------------------------------------------------------------------
Windows Firewall Configuration (Domain, Private, Public):
State ON
Firewall Policy BlockInbound,BlockOutbound
LocalFirewallRules N/A (GPO-store only)
LocalConSecRules N/A (GPO-store only)
InboundUserNotification Enable
RemoteManagement Disable
UnicastResponseToMulticast Disable
LogAllowedConnections Enable
LogDroppedConnections Enable
----------------------------------------------------------------------
Windows Defender Configuration
AMRunningMode : Normal
AMServiceEnabled : True
AntispywareEnabled : True
AntivirusEnabled : True
BehaviorMonitorEnabled : True
ComputerState : 0
IoavProtectionEnabled : True
IsTamperProtected : True
IsVirtualMachine : True
NISEnabled : True
OnAccessProtectionEnabled : True
RealTimeProtectionEnabled : True
----------------------------------------------------------------------
IP / WinSock Configuration
pushd interface ipv4
set global icmpredirects=enabled taskoffload=disabled mldlevel=none
add route prefix=0.0.0.0/0 interface="Ethernet" nexthop=192.168.XX.XX publish=Yes
set interface interface="Ethernet (Kernel Debugger)" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 4" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="vEthernet (Eth0)" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="vEthernet (Eth1)" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
add address name="Ethernet" address=192.168.XX.XX mask=255.255.255.0
add address name="vEthernet (Eth0)" address=192.168.XX.XX mask=255.255.240.0
add address name="vEthernet (Eth1)" address=172.23.XX.XX mask=255.255.240.0
DHCP Disable
NetBIOS Disable
----------------------------------------------------------------------
App-Package reset not working
App-Package repair not working
App-Package Uninstall / Install not working
Configure Windows Firewall with Advanced Security by Using an Answer File not working
Netsh advfirewall firewall add rule not working (no file access / namespaces)
Different Device-1 same issue (XBGP)
Steam Edition: Running
Cookie Edition: Running
----------------------------------------------------------------------
The executable gives a invalid path / namespace back to work with "\device\harddiskvolume{value}\launcher\bin\paradox launcher.exe".
The firewall rule cannot be applied to the executable manually under the current file permission with ease of access
The name-space blob is invalid as fwrule.
Ref 1: previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc771920(v=ws.10)
Ref 2: windows-hardware/manufacture/desktop/configure-windows-firewall-with-advanced-security-by-using-an-answer-file
Ref 3: powershell/module/netsecurity/?view=win10-ps&redirectedfrom=MSDN&viewFallbackFrom=winserverr2-ps
Ref 4: XX
Ref 5: /windows/win32/api/fileapi/nf-fileapi-getvolumepathnamew
Ref 6: /windows/win32/fileio/naming-a-file
Attachments
Last edited: