Adding an application firewall rule to both private and public networks via win7 FirewallAPI
A little background: Basicaly I\'d like to add a program firewall access rule to both private and public networks.
I used to use this- \"netsh firewall add allowedpr
-
My answer is from David's answer but more detail. And fix problem about setting Localports. You need to setting Protocol before setting Localports. More detail is bellow:
the first, you need to import reference FirewallAPI.dll. It's in "C:\Windows\System32\FirewallAPI.dll" then:
using NetFwTypeLib;and insert code into your:
Type tNetFwPolicy2 = Type.GetTypeFromProgID("HNetCfg.FwPolicy2"); INetFwPolicy2 fwPolicy2 = (INetFwPolicy2)Activator.CreateInstance(tNetFwPolicy2); var currentProfiles = fwPolicy2.CurrentProfileTypes; // Let's create a new rule INetFwRule2 inboundRule = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule")); inboundRule.Enabled = true; //Allow through firewall inboundRule.Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW; //Using protocol TCP inboundRule.Protocol = 6; // TCP //Port 81 inboundRule.LocalPorts = "81"; //Name of rule inboundRule.Name = "MyRule"; // ...// inboundRule.Profiles = currentProfiles; // Now add the rule INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2")); firewallPolicy.Rules.Add(inboundRule);讨论(0) -
Just in case you guys want Outbound rule:
inboundRule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_OUT;讨论(0) -
This page doesn't say this has been answered and is old, so just in case, for future use, I'll answer this.
First, import reference FirewallAPI.dll, located at "C:\Windows\System32\FirewallAPI.dll", then add the using directive
using NetFwTypeLib;The
inboundRule.Profilesproperty seems to be classified as a set of flags with the following values (the property's type is an int, so i made an enum):public enum FirewallProfiles { Domain = 1, Private = 2, Public = 4 }So, with that code, we can change the Profiles to the following:
// Create a new rule INetFwRule2 inboundRule = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwRule")); // Enable the rule inboundRule.Enabled = true; // Allow through firewall inboundRule.Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW; // Using protocol TCP inboundRule.Protocol = 6; // TCP // Set port number inboundRule.LocalPorts = "1234"; // Name of rule inboundRule.Name = "Name Of Firewall Rule"; // Set profiles inboundRule.Profiles = (int)(FirewallProfiles.Private | FirewallProfiles.Public); // Add the rule INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2")); firewallPolicy.Rules.Add(inboundRule);Or you could change
inboundRule.Profilesto an int value.Two notes:
1: If you don't run this code under administrative privilege's,
firewallPolicty.Rules.Add(inboundRule);will throw an exception.
2:
inboundRule.Profilesmust be between values 1 and 7. Otherwise, it will throw an exception讨论(0) -
I think your best bet is to talk to the Windows Firewall with Advanced Security API.
A quick google for "C# INetFwRule2" will show you numerous examples of how to register or update a Firewall rule.
In order to add to both public and private policies i've used something along the lines of
Type tNetFwPolicy2 = Type.GetTypeFromProgID("HNetCfg.FwPolicy2"); INetFwPolicy2 fwPolicy2 = (INetFwPolicy2)Activator.CreateInstance(tNetFwPolicy2); var currentProfiles = fwPolicy2.CurrentProfileTypes; // Let's create a new rule INetFwRule2 inboundRule = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule")); inboundRule.Enabled = true; inboundRule.LocalPorts = "1234"; inboundRule.Protocol = 6; // TCP // ... inboundRule.Profiles = currentProfiles; // Now add the rule INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2")); firewallPolicy.Rules.Add(inboundRule);讨论(0)
加载中...
- 热议问题