使用C#在Windows 10中设置端口防火墙例外
[英]Setting Port Firewall Exceptions in Windows 10 Using C#
问题描述
I'm trying to set a firewall exception for Windows 10. After doing numerous searches, I put together this code: 
我正在尝试为Windows 10设置防火墙例外。在进行了大量搜索之后,我将以下代码放在一起:
private const string PROGID_OPEN_PORT = "HNetCfg.FWOpenPort";
private const string CLSID_FIREWALL_MANAGER = "{304CE942-6E39-40D8-943A-B913C40C9CD4}";
private NetFwTypeLib.INetFwMgr GetFirewallManager()
{
Type objectType = Type.GetTypeFromCLSID(
new Guid(CLSID_FIREWALL_MANAGER));
return Activator.CreateInstance(objectType)
as NetFwTypeLib.INetFwMgr;
}
INetFwMgr manager = GetFirewallManager();
Type type = Type.GetTypeFromProgID(PROGID_OPEN_PORT);
INetFwOpenPort port = Activator.CreateInstance(type) as INetFwOpenPort;
port.Name = "MyPortRule";
port.Port = 9600;
port.Scope = NET_FW_SCOPE_.NET_FW_SCOPE_ALL;
port.Protocol = NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_TCP;
port.IpVersion = NET_FW_IP_VERSION_.NET_FW_IP_VERSION_ANY;
manager.LocalPolicy.CurrentProfile.GloballyOpenPorts.Add(port);
This does get a firewall rule put into the Windows Firewall with Advanced Security, but the Profile for the rule is set to public. 确实会将防火墙规则放入具有高级安全性的Windows防火墙中,但是该规则的配置文件设置为public。 With the Profile set to public the firewall does not let the data through the port. 在将配置文件设置为公共的情况下,防火墙不允许数据通过端口。
Using the Windows UI to modify the rule, I determined that the Profile must be set to 'private' or 'any' in order for the data to pass through. 使用Windows UI修改规则,我确定必须将Profile设置为“ private”或“ any”,以便数据通过。 Why doesn't the port.Scope set to NET_FW_SCOPE_.NET_FW_SCOPE_ALL get the profile set to Any? 为什么未将port.Scope设置为NET_FW_SCOPE_.NET_FW_SCOPE_ALL,却将配置文件设置为Any? How do you set the profile in the firewall rule to private or any? 如何在防火墙规则中将配置文件设置为私有或其他?
I also tried setting port.Scope to NET_FW_SCOPE_.NET_FW_SCOPE_LOCAL_SUBNET. 我还尝试将port.Scope设置为NET_FW_SCOPE_.NET_FW_SCOPE_LOCAL_SUBNET。 The profile is still set to 'public'. 该配置文件仍设置为“公开”。
1 个解决方案
解决方案1
3 2016-12-14 22:14:36
Adding to the GloballyOpenPorts did not work. 添加到GloballyOpenPorts无效。 The following code did work, based on the answer suggested by Stack Overflow. 根据Stack Overflow提出的答案,以下代码确实起作用。
INetFwRule firewallRule = (INetFwRule)Activator.CreateInstance(
Type.GetTypeFromProgID("HNetCfg.FWRule"));
firewallRule.Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW;
firewallRule.Description = "Enables eATM REST Web Service adapter
traffic.";
firewallRule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN;
firewallRule.Enabled = true;
firewallRule.InterfaceTypes = "All";
firewallRule.Name = "MyPort";
firewallRule.Protocol = (int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_TCP;
firewallRule.LocalPorts = "9600";
INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(
Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));
firewallPolicy.Rules.Add(firewallRule);
So... the firewallRule with firewallPolicy worked where the INetFwMgr GloballyOpenPorts did not work because you could not set the Profile value for the port rule. 所以...带firewallPolicy的firewallRule在无法运行INetFwMgr GloballyOpenPorts的地方起作用,因为您无法为端口规则设置Profile值。
If anyone from Microsoft reads this it would be helpful to have some documentation on how these functions can be used. 如果Microsoft的任何人都读过此书,那么拥有一些如何使用这些功能的文档将很有帮助。 The online documentation is very very poor. 联机文档非常差。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.