All geek questions in one place

Programmatically add an application to all Windows Firewall profiles (Vista +)

I searched around and there are similar questions on SO, however no one talks about how to add an exception to “All Profile” (Windows 7, AKA “Any Profile” on Vista / Windows Server 2008). Examples on the Internet speak of adding to the current profile.

The reason for this is a problem with one of my virtual machines: windows 2008 x86, the current firewall profile is the domain, and my application is added to the domain exclusion list. (Default Firewall Setting: Block any incoming calls that are not on the exception list). However, incoming calls are still blocked if: 1. Turn off the firewall on this virtual machine. 2. manually change the rule profile of my application to "any"

This is very confusing because I thought that only the active profile should be “active” and should be functional, regardless of which other profiles block incoming calls to my application.

I use the XPSP2 INetFwMgr interface to add exceptions that do not support any "profile".

I use C #, but any language with an example will be appreciated.

+6
source share
1 answer

You can try something like this:

using System; using NetFwTypeLib; namespace FirewallManager { class Program { static void Main(string[] args) { INetFwRule firewallRule = (INetFwRule)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule")); firewallRule.Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW; firewallRule.Description = "Allow notepad"; firewallRule.ApplicationName = @"C:\Windows\notepad.exe"; firewallRule.Enabled = true; firewallRule.InterfaceTypes = "All"; firewallRule.Name = "Notepad"; INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance( Type.GetTypeFromProgID("HNetCfg.FwPolicy2")); firewallPolicy.Rules.Add(firewallRule); } } }

For completeness, add a link to c: \ Windows \ System32 \ FirewallAPI.dll

+8
source

Source: https://habr.com/ru/post/885761/

More articles:


All Articles