[英]Programmatically manage Windows Firewall
我正在嘗試以編程方式創建出站 Windows 防火牆規則。 此外,我想以編程方式啟用和禁用此規則。 我怎樣才能在 C# 中做到這一點? 手動,我可以通過進入控制面板,單擊 Windows 防火牆,然后單擊高級設置來執行此操作。
最好使用 Windows 庫 C:\\windows\\system32\\FirewallAPI.dll。 此 DLL 自 Windows 7 起可用。如果您將其添加到項目引用中,Visual Studio 將自動為此 COM 庫添加包裝器,或者您可以使用 tlbimp.exe 手動創建包裝器。
using NetFwTypeLib;
INetFwRule firewallRule = (INetFwRule)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule"));
firewallRule.Action = NET_FW_ACTION_.NET_FW_ACTION_BLOCK;
firewallRule.Description = "Your rule description";
firewallRule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN; // inbound
firewallRule.Enabled = true;
firewallRule.InterfaceTypes = "All";
firewallRule.RemoteAddresses = "1.2.3.0/24"; // add more blocks comma separated
firewallRule.Name = "You rule name";
firewallPolicy.Rules.Add(firewallRule);
VS IntelliSense 應該為您提供有關該庫的足夠詳細信息。
您可以將 netsh advfirewall 命令語法包裝到一個小型庫中,以允許您按需啟用/禁用設置。 如果失敗,請參閱http://msdn.microsoft.com/en-us/library/windows/desktop/ff956124(v=vs.85).aspx了解具有高級安全 API 的 Windows 防火牆。
你可以使用這個 nuget 包WindowsFirewallHelper
PM> Install-Package WindowsFirewallHelper
示例代碼為應用程序添加新的出站規則
var rule = FirewallManager.Instance.CreateApplicationRule(
@"MyApp Rule",
FirewallAction.Allow,
@"C:\MyApp.exe"
);
rule.Direction = FirewallDirection.Outbound;
FirewallManager.Instance.Rules.Add(rule);
您可以使用“netsh”命令。 制作一個方法來調用它。
如果您不想引用FirewallAPI.dll
或安裝 nuget WindowsFirewallHelper
請使用此選項。
例子:
/// <summary>
/// Creates a Firewall Rule on current computer. Uses 'netsh'
/// </summary>
/// <param name="rulename"></param>
/// <param name="protocol"></param>
/// <param name="port"></param>
/// <param name="direction">"in" or "out"</param>
/// <param name="action"></param>
/// <returns>netsh command response</returns>
public static string CreateFirewalPort(string rulename, string protocol, int port, string direction = "in", string action = "allow")
{
// https://support.microsoft.com/en-us/help/947709/how-to-use-the-netsh-advfirewall-firewall-context-instead-of-the-netsh
//Remove any rule with the same name. Otherwise every time you run this code a new rule is added.
Process removeproc = new Process
{
StartInfo = {
FileName = "netsh",
Arguments = $@"advfirewall firewall delete rule name=""{rulename}""",
UseShellExecute = false,
WindowStyle = ProcessWindowStyle.Hidden,
RedirectStandardOutput = true
}
};
try
{
removeproc.Start();
var output = removeproc.StandardOutput.ReadToEnd();
removeproc.WaitForExit();
}
catch (Exception ex)
{
Log.Info(ex.Message);
}
Process process = new Process
{
StartInfo = {
FileName = "netsh",
Arguments = $@"advfirewall firewall add rule name=""{rulename}"" protocol={protocol} localport={port} dir={direction} action={action}",
UseShellExecute = false,
WindowStyle = ProcessWindowStyle.Hidden,
RedirectStandardOutput = true
}
};
try
{
process.Start();
var output = process.StandardOutput.ReadToEnd();
process.WaitForExit();
return output;
}
catch (Exception ex)
{
return ex.ExceptionToString();
}
}
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.