From ba17c7561347447f055f1258e10547c7d35b8110 Mon Sep 17 00:00:00 2001
From: Aleksandr Chebotov <47745270+al-cheb@users.noreply.github.com>
Date: Mon, 24 Aug 2020 09:44:21 +0300
Subject: [PATCH] [Windows] Set the dynamic port range to start at port 49152
 and to end at the 65536 (16384 ports) (#1442)

* set the dynamic port range

* update pester test

* update context about VS installer

* update dynamicports pester test
---
 images/win/Windows2016-Azure.json             |  3 ++-
 images/win/Windows2019-Azure.json             |  3 ++-
 .../Installers/Configure-DynamicPort.ps1      | 14 +++++++++++++
 .../scripts/Tests/WindowsFeatures.Tests.ps1   | 20 ++++++++++++++++++-
 4 files changed, 37 insertions(+), 3 deletions(-)
 create mode 100644 images/win/scripts/Installers/Configure-DynamicPort.ps1

diff --git a/images/win/Windows2016-Azure.json b/images/win/Windows2016-Azure.json
index af87f5e87156..e4a3893d382d 100644
--- a/images/win/Windows2016-Azure.json
+++ b/images/win/Windows2016-Azure.json
@@ -326,7 +326,8 @@
         {
             "type": "powershell",
             "scripts":[
-                "{{ template_dir }}/scripts/Installers/Install-WindowsUpdates.ps1"
+                "{{ template_dir }}/scripts/Installers/Install-WindowsUpdates.ps1",
+                "{{ template_dir }}/scripts/Installers/Configure-DynamicPort.ps1"
             ],
             "elevated_user": "{{user `install_user`}}",
             "elevated_password": "{{user `install_password`}}"
diff --git a/images/win/Windows2019-Azure.json b/images/win/Windows2019-Azure.json
index 85c722061664..8cd69ef8a5c9 100644
--- a/images/win/Windows2019-Azure.json
+++ b/images/win/Windows2019-Azure.json
@@ -325,7 +325,8 @@
         {
             "type": "powershell",
             "scripts":[
-                "{{ template_dir }}/scripts/Installers/Install-WindowsUpdates.ps1"
+                "{{ template_dir }}/scripts/Installers/Install-WindowsUpdates.ps1",
+                "{{ template_dir }}/scripts/Installers/Configure-DynamicPort.ps1"
             ],
             "elevated_user": "{{user `install_user`}}",
             "elevated_password": "{{user `install_password`}}"
diff --git a/images/win/scripts/Installers/Configure-DynamicPort.ps1 b/images/win/scripts/Installers/Configure-DynamicPort.ps1
new file mode 100644
index 000000000000..88e8ae2039cb
--- /dev/null
+++ b/images/win/scripts/Installers/Configure-DynamicPort.ps1
@@ -0,0 +1,14 @@
+# https://support.microsoft.com/en-us/help/929851/the-default-dynamic-port-range-for-tcp-ip-has-changed-in-windows-vista
+# The new default start port is 49152, and the new default end port is 65535.
+# Default port configuration was changed during image generation by Visual Studio Enterprise Installer to:
+#   Protocol tcp Dynamic Port Range
+#   ---------------------------------
+#   Start Port      : 1024
+#   Number of Ports : 64511
+Write-Host "Set the dynamic port range to start at port 49152 and to end at the 65536 (16384 ports)"
+$null = netsh int ipv4 set dynamicport tcp start=49152 num=16384
+$null = netsh int ipv4 set dynamicport udp start=49152 num=16384
+$null = netsh int ipv6 set dynamicport tcp start=49152 num=16384
+$null = netsh int ipv6 set dynamicport udp start=49152 num=16384
+
+Invoke-PesterTests -TestFile "WindowsFeatures" -TestName "DynamicPorts"
\ No newline at end of file
diff --git a/images/win/scripts/Tests/WindowsFeatures.Tests.ps1 b/images/win/scripts/Tests/WindowsFeatures.Tests.ps1
index 7e5ec0a1ed2b..f4c955e3a602 100644
--- a/images/win/scripts/Tests/WindowsFeatures.Tests.ps1
+++ b/images/win/scripts/Tests/WindowsFeatures.Tests.ps1
@@ -32,10 +32,28 @@ Describe "ContainersFeature" {
 }
 
 Describe "DiskSpace" {
-    it "The image has enough disk space"{
+    It "The image has enough disk space"{
         $availableSpaceMB =  [math]::Round((Get-PSDrive -Name C).Free / 1MB)
         $minimumFreeSpaceMB = 18 * 1024
 
         $availableSpaceMB | Should -BeGreaterThan $minimumFreeSpaceMB
     }
+}
+
+Describe "DynamicPorts" {
+    It "Test TCP dynamicport start=49152 num=16384" {
+        $tcpPorts = Get-NetTCPSetting | Where-Object {$_.SettingName -ne "Automatic"} | Where-Object {
+            $_.DynamicPortRangeStartPort -ne 49152 -or $_.DynamicPortRangeNumberOfPorts -ne 16384
+        }
+
+        $tcpPorts | Should -BeNullOrEmpty
+    }
+
+    It "Test UDP dynamicport start=49152 num=16384" {
+        $udpPorts = Get-NetUDPSetting | Where-Object {
+            $_.DynamicPortRangeStartPort -ne 49152 -or $_.DynamicPortRangeNumberOfPorts -ne 16384
+        }
+
+        $udpPorts | Should -BeNullOrEmpty
+    }
 }
\ No newline at end of file