Argh. Somedays I love Windows. Somedays I hate Windows. Today is full of hate...
As a developer, one of the benefits of resolving a HD crash with a fresh Windows install is that I get the rare "end user experience" when trying to run my own software. Often, during the course of development, I make system tweaks and changes to support new functionality, and then of course everything runs perfect on my machine. With today being the first day I've run my CMC SysTrayService for monitoring the remote since I reinstalled Windows a few months back, I was greeted with many frustrating errors.
The first error I experienced was that it couldn't bind to TCP port 51408, which is needed to allow the My Movies iOS/Android app to control CMC. Not too surprising, as this would normally be blocked by the Windows Firewall. Instead of manually opening a port like I did last time, I figured it was much better to program the app to open it for the user.
So I created some new code to check if the port could be opened, and if not then to automatically add a new firewall rule if you are running as Admin (prompts to to run as Admin if you are not). The new code runs great, and sure enough I could see the new firewall rule being created, but for whatever reason it wouldn't take effect.
After trying many different solutions, I finally rebooted
after creating the rule. Sure enough, that worked (even though according to MS documentation, rule changes are supposed to be immediate).
With the app now binding to port 51408, I decided to test removing the new firewall rule and trying again. And this brings me to the moment I really, truly, and completely hate Microsoft - now Windows behaves completely different! $#*%!
Now, instead of getting a failure to bind to the port, my app somehow always succeeds. Instead, Microsoft pops up a nice little Windows Security Alert:
- image.png (178.4 KiB) Viewed 3528 times
If I "Allow access", it adds an exception to the firewall rules to allow my app full access (not just the one port). If I click "Cancel", it still adds firewall rules, but now says my app is blocked. But, and here's the really fun part, my app no longer get's the error on binding to port 51408 even if the firewall blocks access, so it acts like everything is just fine, yet you can't control it from the My Movies app because the firewall is blocking access.
I've tried deleting all the new rules in the firewall and rebooting, but no matter what I can't get back to the original behavior where my app couldn't bind to port 51408. At least with that binding error, I could give helpful info to the user that the port needed to be opened, and even open it for them.
This also means I don't have a way to predict which experience end users will encounter. I suppose it doesn't matter too much - if they get the bind error, they can let the app resolve it. Otherwise, if they get the security alert / access prompt, then as long as they click Allow Access all is good.
But if they get the security alert and don't allow access... joy, I get to support those users who can't get it to work and now need firewall help...
/rant