[英]How to enable/disable Firewall?
The INetFwPolicy2 interface allows an application or service to access the firewall policy. INetFwPolicy2接口允许应用程序或服务访问防火墙策略。
I am using visual studio 2017.我正在使用 Visual Studio 2017。
Question is related to this https://stackoverflow.com/a/33700472/2451446问题与此有关https://stackoverflow.com/a/33700472/2451446
Code is little different and I have problem to disable fire wall.代码几乎没有什么不同,我在禁用防火墙时遇到了问题。
Logic before disable fire wall is ok.禁用防火墙之前的逻辑是可以的。
public Task<StatusCodeResult> ResetFirewallStatus()
{
Type netFwPolicy2Type = Type.GetTypeFromProgID("HNetCfg.FwPolicy2");
dynamic mgr = Activator.CreateInstance(netFwPolicy2Type);
var fwCurrentProfileTypes = mgr.CurrentProfileTypes;
// Get current status
bool firewallEnabled = mgr.FirewallEnabled(fwCurrentProfileTypes); // return true
// Disables Firewall
mgr.FirewallEnabled(false); //breaks here !!!!
return Task.FromResult<StatusCodeResult>(Ok());
}
error message is:错误信息是:
System.ArgumentException: 'Value does not fall within the expected range.'
System.ArgumentException: '值不在预期范围内。'
I tried to use set_FirewallEnabled(fwCurrentProfileTypes,false);
我尝试使用
set_FirewallEnabled(fwCurrentProfileTypes,false);
and also put_FirewallEnabled(fwCurrentProfileTypes,false)
还有
put_FirewallEnabled(fwCurrentProfileTypes,false)
In this case error is:在这种情况下,错误是:
Microsoft.CSharp.RuntimeBinder.RuntimeBinderException: ''System.__ComObject' does not contain a definition for 'set_FirewallEnabled'' ('put_FirewallEnabled'')
Microsoft.CSharp.RuntimeBinder.RuntimeBinderException:“System.__ComObject”不包含“set_FirewallEnabled”的定义(“put_FirewallEnabled”)
Edit编辑
MY SOLUTION:我的解决方案:
const int domainProfile = 1;
const int privateProfile = 2;
const int publicProfile = 4;
public bool EnableDisableFirewall(bool enableFirewall)
{
dynamic mgr = getFwPolicy2();
mgr.FirewallEnabled[domainProfile] = enableFirewall;
mgr.FirewallEnabled[privateProfile] = enableFirewall;
mgr.FirewallEnabled[publicProfile] = enableFirewall;
return enableFirewall;
}
public bool IsFirewallOn()
{
dynamic mgr = getFwPolicy2();
// Get current status
var isDomainProfileEnabled = mgr.FirewallEnabled(domainProfile);
var isPrivateProfileEnabled = mgr.FirewallEnabled(privateProfile);
var isPublicProfileEnabled = mgr.FirewallEnabled(publicProfile);
return isDomainProfileEnabled && isPrivateProfileEnabled && isPublicProfileEnabled;
}
private object getFwPolicy2()
{
Type netFwPolicy2Type = Type.GetTypeFromProgID("HNetCfg.FwPolicy2");
dynamic mgr = Activator.CreateInstance(netFwPolicy2Type);
return mgr;
}
You have two problems, writing this code late-bound does not exactly help to get this right.你有两个问题,后期编写这段代码并不能完全帮助做到这一点。 Adding a reference to c:\\windows\\system32\\firewallapi.dll so you can use the INetFwPolicy2 interface directly helps you get it right.
添加对 c:\\windows\\system32\\firewallapi.dll 的引用,以便您可以直接使用 INetFwPolicy2 接口帮助您正确使用。 One quirk you are battling is that the FirewallEnabled property is an indexed property.
您正在解决的一个怪癖是 FirewallEnabled 属性是一个索引属性。 There is no equivalent in the C# language.
C# 语言中没有等效项。 Anyhoo, doing it late-bound requires:
Anyhoo,后期绑定需要:
bool firewallEnabled = mgr.FirewallEnabled(fwCurrentProfileTypes);
bool firewallEnabled = mgr.FirewallEnabled(fwCurrentProfileTypes);
The MSDN documentation specifically warns about this, you cannot use the value returned by CurrentProfileTypes. MSDN 文档对此特别警告,您不能使用 CurrentProfileTypes 返回的值。 It requires specifying a specific profile .
它需要指定一个特定的配置文件。 I recommend you use:
我建议你使用:
int profile = 2; // 1=domain, 2=private, 4=public
bool firewallEnabled = mgr.FirewallEnabled[profile];
Note the use of the [angle brackets], allowed for indexed properties in the specific case of COM-implemented properties.请注意 [尖括号] 的使用,允许在 COM 实现的属性的特定情况下索引属性。
mgr.FirewallEnabled(false);
mgr.FirewallEnabled(false); //breaks here !!!!
//这里断了!!!!
You have to select the specific profile that you want to disable.您必须选择要禁用的特定配置文件。 Proper syntax looks like:
正确的语法如下所示:
mgr.FirewallEnabled[profile] = false;
Beware that you can only tinker with the firewall when your programs runs elevated with admin privileges.请注意,当您的程序以管理员权限运行时,您只能修改防火墙。 Add the required manifest if you haven't done so yet.
如果您还没有这样做,请添加所需的清单。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.