1

我有一个可以添加防火墙异常的 VB.NET 例程,问题是我必须在所有类型的网络下添加一个异常,无论是私有的还是公共的。但是这个例程在 Windows 防火墙的私有类别下添加了一个例外。

我的代码:

Private Sub AddApp()
        Dim appType As Type = Type.GetTypeFromProgID("HnetCfg.FwAuthorizedApplication")
        Dim app As INetFwAuthorizedApplication
        app = DirectCast(Activator.CreateInstance(appType), INetFwAuthorizedApplication)

        ' Set the application properties
        app.Name = "My App"
        app.ProcessImageFileName = "C:\Users\klein\AppData\Roaming\Microsoft\Windows\MyApp.exe"
        app.Enabled = True

        ' Get the firewall manager, so we can get the list of authorized apps
        Dim fwMgrType As Type = Type.GetTypeFromProgID("HnetCfg.FwMgr")
        Dim fwMgr As INetFwMgr
        fwMgr = DirectCast(Activator.CreateInstance(fwMgrType), INetFwMgr)

        ' Get the list of authorized applications from the Firewall Manager, so we can add our app to that list
        Dim apps As INetFwAuthorizedApplications
        apps = fwMgr.LocalPolicy.CurrentProfile.AuthorizedApplications
        apps.Add(app)
    End Sub
4

3 回答 3

0

您是否尝试过修改规则的范围?

类似的东西;

app.Scope = 0;

应该将范围定义为 ALL

于 2013-03-14T17:53:12.603 回答
0

而不是将应用程序添加到CurrentProfile尝试使用GetProfileByType

    apps = fwMgr.LocalPolicy.GetProfileByType(NET_FW_PROFILE_TYPE_.NET_FW_PROFILE_CURRENT).AuthorizedApplications   ' PUBLIC
    apps = fwMgr.LocalPolicy.GetProfileByType(NET_FW_PROFILE_TYPE_.NET_FW_PROFILE_DOMAIN).AuthorizedApplications    ' DOMAIN
    apps = fwMgr.LocalPolicy.GetProfileByType(NET_FW_PROFILE_TYPE_.NET_FW_PROFILE_STANDARD).AuthorizedApplications  ' PRIVATE

我使用以下代码,它工作正常。

Imports NetFwTypeLib
Module modMain

    Sub Main()

        AddApp(NET_FW_PROFILE_TYPE_.NET_FW_PROFILE_CURRENT)  'public
        AddApp(NET_FW_PROFILE_TYPE_.NET_FW_PROFILE_STANDARD) 'private

    End Sub

    Private Sub AddApp(ProfileType As NET_FW_PROFILE_TYPE_)

        Dim app As INetFwAuthorizedApplication = DirectCast(Activator.CreateInstance(Type.GetTypeFromProgID("HnetCfg.FwAuthorizedApplication")), INetFwAuthorizedApplication)
        app.Name = Application.ProductName
        app.ProcessImageFileName = Application.ExecutablePath
        app.Enabled = True
        Dim fwMgr As INetFwMgr = DirectCast(Activator.CreateInstance(Type.GetTypeFromProgID("HnetCfg.FwMgr")), INetFwMgr)
        fwMgr.LocalPolicy.GetProfileByType(ProfileType).AuthorizedApplications.Add(app)

    End Sub 
End Module
于 2015-04-08T09:13:21.260 回答
0

使用 INetFwPolicy2 接口。代码是 c#,但移植起来应该不难。

public class Firewall
{
    public enum ProtocolType
    {
        Tcp = 6,
        Udp = 17, 
        Any = 256
    }

    public static bool CheckAddPortRule(String FwRuleTitle, string Ports, ProtocolType Protcol, NET_FW_PROFILE_TYPE2_ Profile2Types)
    {
        try
        {
            Type Tpolicy2Class = Type.GetTypeFromProgID("HNetCfg.FwPolicy2");
            INetFwPolicy2 policy2Class = (INetFwPolicy2)Activator.CreateInstance(Tpolicy2Class);
            foreach (INetFwRule itm in policy2Class.Rules)
            {
                try
                {
                    if (itm.Name.ToLower() == FwRuleTitle.ToLower())
                    {
                        itm.Profiles = (int)Profile2Types;
                        itm.Protocol = (int)Protcol;
                        itm.LocalPorts = Ports;
                        return true;
                    }
                }
                catch (Exception ex)
                {
                }
            }
            INetFwRule fwRule = (INetFwRule)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule"));
            fwRule.Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW;
            fwRule.Name = FwRuleTitle;
            fwRule.Profiles = (int)Profile2Types;
            fwRule.Protocol = (int)Protcol;
            fwRule.LocalPorts = Ports;
            fwRule.Enabled = true;
            fwRule.InterfaceTypes = "All"; //Acceptable values for this property are "RemoteAccess", "Wireless", "Lan", and "All". 
            policy2Class.Rules.Add(fwRule);
            return true;
        }
        catch (Exception ex)
        {
        }
        return false;
    }
}

你可以这样称呼它。

    NET_FW_PROFILE_TYPE2_ Profile2Types = NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_DOMAIN | NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_PUBLIC;
Firewall.CheckAddPortRule("Rule title", "1234", Firewall.ProtocolType.Tcp, Profile2Types);
于 2017-09-14T09:12:54.017 回答