使用API​​更新现有防火墙规则

时间:2012-03-15 01:30:13

标签: c# api windows-firewall

我能够以编程方式将单个规则添加到Windows防火墙(Server 2008 R2),但是我试图避免每个IP地址有多个规则,并且只想更新现有规则RemoteAddresses。下面是我用来添加规则的代码,我正在尽力研究如何更新现有的远程地址规则,但没有运气。

感谢任何帮助!

string ip = "x.x.x.x";

INetFwRule2 firewallRule = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule"));

firewallRule.Name = "Block Bad IP Addresses";
firewallRule.Description = "Block Nasty Incoming Connections from IP Address.";
firewallRule.Action = NET_FW_ACTION_.NET_FW_ACTION_BLOCK;
firewallRule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN;
firewallRule.Enabled = true;
firewallRule.InterfaceTypes = "All";
firewallRule.RemoteAddresses = ip;

INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));
firewallPolicy.Rules.Add(firewallRule);

3 个答案:

答案 0 :(得分:10)

以下代码适用于我:

INetFwPolicy2 firewallPolicy = (INetFwPolicy2) Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));

var rule = firewallPolicy.Rules.Item("Block Bad IP Addresses"); // Name of your rule here
rule.Name = "Block Block Block"; // Update the rule here. Nothing else needed to persist the changes

答案 1 :(得分:5)

除了amdmax的答案(抱歉,我无法添加评论),我发现没有简单的方法调用来检查规则是否存在,所以我想出了这个以确保创建规则是否存在:

  INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(
      Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));

  INetFwRule firewallRule = firewallPolicy.Rules.OfType<INetFwRule>().Where(x => x.Name == RULE_NAME).FirstOrDefault();

  if (firewallRule == null)
  {
    firewallRule = (INetFwRule)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule"));
    firewallRule.Name = RULE_NAME;
    firewallPolicy.Rules.Add(firewallRule);
  }

答案 2 :(得分:0)

我发现此软件包可通过nuget WindowsFirewallHelper

获得 
MANUAL_IMMEDIATE

示例

PM> install-package WindowsFirewallHelper
相关问题
最新问题