Well since the UDF is only to enable/disable the firewall here is the code that a GPO would normally apply to disable it for both profiles. The UDF is on the fly, vs. this setting below would not allow even a local admin to start the firewall without digging into the registry and modifying things.
For those that can't run GPO...
Code:
Dim $NF, $Admin
$Admin=IIf(InGroup(@WKSTA+'\'+SidToName('S-1-5-32-544'))-1+@INWIN=1,'Yes','No')
If @ProductType="Windows XP Professional" or @ProductType="Windows XP Professional Tablet PC"
If $Admin='Yes'
$NF=WriteValue('HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile','EnableFirewall',0,REG_DWORD)
$NF=WriteValue('HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile','EnableFirewall',0,REG_DWORD)
EndIf
EndIf
