问题
Given - .Net 2.0 XP machine with SP2 and multiple network adapters
Is there an API that can be used to check if the network adapter is firewalled?
OneGuyInDC
回答1:
Give this c# code below a go. It works for Windows 7 (& Vista) and XP. This will get the status of, and enable/disable the Windows firewall for the current profile, eg: Home/Domain/Public access networks.
Usage:
getFirewallStatus()
--> returns true/false for whether the windows firewall is enable/disabled.
setFirewallStatus(newStatus)
--> sets the firewall enabled/disabled to the true/false value passed in
eg, to enable the firewall:
setFirewallStatus(true)
getCurrPolicy()
--> used by the other two methods
isWinXP()
--> returns whether windows version is WinXP/2000 or newer, ie: Vista/Win7
used by the other methods to determine which code to use.
Code:
using NetFwTypeLib;
// (don't forget to add it to your references, its under the COM tab)
public bool isWinXP()
{
OperatingSystem os = Environment.OSVersion;
int majorVersion = os.Version.Major;
// see http://msdn.microsoft.com/en-us/library/ms724832(v=vs.85).aspx
if (majorVersion < 6) // if O/S is not Vista or Windows7
{
return true;
}
else
{
return false;
}
}
private static INetFwPolicy2 getCurrPolicy()
{
INetFwPolicy2 fwPolicy2;
Type tNetFwPolicy2 = Type.GetTypeFromProgID("HNetCfg.FwPolicy2");
fwPolicy2 = (INetFwPolicy2)Activator.CreateInstance(tNetFwPolicy2);
return fwPolicy2;
}
public bool getFirewallStatus()
{
bool result = false;
switch (isWinXP())
{
case true:
Type NetFwMgrType = Type.GetTypeFromProgID("HNetCfg.FwMgr", false);
INetFwMgr mgr = (INetFwMgr)Activator.CreateInstance(NetFwMgrType);
result = mgr.LocalPolicy.CurrentProfile.FirewallEnabled;
break;
case false:
INetFwPolicy2 fwPolicy2 = getCurrPolicy();
NET_FW_PROFILE_TYPE2_ fwCurrentProfileTypes;
//read Current Profile Types (only to increase Performace)
//avoids access on CurrentProfileTypes from each Property
fwCurrentProfileTypes = (NET_FW_PROFILE_TYPE2_)fwPolicy2.CurrentProfileTypes;
result = (fwPolicy2.get_FirewallEnabled(fwCurrentProfileTypes));
break;
default:
result = false; // assume Win7 by default
break;
}
return result;
}
public void setFirewallStatus(bool newStatus)
{
switch (isWinXP())
{
case true:
Type NetFwMgrType = Type.GetTypeFromProgID("HNetCfg.FwMgr", false);
INetFwMgr mgr = (INetFwMgr)Activator.CreateInstance(NetFwMgrType);
mgr.LocalPolicy.CurrentProfile.FirewallEnabled = newStatus;
break;
case false:
NET_FW_PROFILE_TYPE2_ fwCurrentProfileTypes;
INetFwPolicy2 currPolicy = getCurrPolicy();
//read Current Profile Types (only to increase Performace)
//avoids access on CurrentProfileTypes from each Property
fwCurrentProfileTypes = (NET_FW_PROFILE_TYPE2_)currPolicy.CurrentProfileTypes;
currPolicy.set_FirewallEnabled(fwCurrentProfileTypes, newStatus);
break;
default:
NET_FW_PROFILE_TYPE2_ fwCurrentProfileTypes1;
INetFwPolicy2 currPolicy1 = getCurrPolicy();
//read Current Profile Types (only to increase Performace)
//avoids access on CurrentProfileTypes from each Property
fwCurrentProfileTypes1 = (NET_FW_PROFILE_TYPE2_)currPolicy1.CurrentProfileTypes;
currPolicy1.set_FirewallEnabled(fwCurrentProfileTypes1, newStatus);
break;
}
}
回答2:
It is not possible to know in general (e.g. if there is an external firewall) for the following reasons:
- If you aren't receiving incoming connections, your external interface may just be down.
- If you are unable to make outgoing connections, your external interface may just be down.
But there is an API for finding out if the Windows Firewall is enabled on a given network interface. You will need to use COM interop to get the INetFwProfile (for global firewall status) and INetSharingConfiguration (for a specific network interface) interfaces, and check INetFwProfile.FirewallEnabled and INetSharingConfiguration.InternetFirewallEnabled.
See http://msdn.microsoft.com/en-us/library/aa364717%28VS.85%29.aspx for links and for how to use these results to determine the effective firewall status. (It's written in terms of VBScript but should be translatable to C#.)
来源:https://stackoverflow.com/questions/1663960/c-sharp-api-to-test-if-a-network-adapter-is-firewalled