我编写了一个用 C# 编码的小型聊天程序。它使用 WCF 与本地网络中的其他用户进行通信。此外,它使用 System32 中的防火墙 API dll 添加 4 条规则,允许该程序的所有端口用于传入/传出 TCP 和 UDP 连接。此规则将它们自己添加到当前网络配置(公共、私有)中。当程序关闭时,它会删除 4 条规则。问题是,防火墙会忽略此规则并丢弃传入的数据。当我在两台电脑(正在通信的两台电脑)上停用防火墙时,它可以正常工作。防火墙激活了这 4 条规则,但我真的不明白为什么防火墙会丢弃传入的数据......
在 4 台不同的 Windows 10 机器上测试。在我认为 1,5 小时后,防火墙规则在一台机器上运行,这也让我感到困惑......
这是我创建此规则的方法:
private void FWRule(NET_FW_RULE_DIRECTION_ direction,
NET_FW_ACTION_ fwaction, NET_FW_IP_PROTOCOL_ protocol, bool add)
{
try
{
INetFwRule firewallRule = (INetFwRule)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule"));
INetFwMgr fwMgr = (INetFwMgr)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWMgr"));
firewallRule.Action = fwaction;
firewallRule.Enabled = true;
firewallRule.InterfaceTypes = "All";
firewallRule.serviceName ="Chatty";
firewallRule.Grouping = "Chatty";
firewallRule.Profiles = (int)NET_FW_PROFILE_TYPE_.NET_FW_PROFILE_CURRENT;
firewallRule.ApplicationName = Assembly.GetExecutingAssembly().Location;
if (protocol == NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_TCP)
firewallRule.Name = Assembly.GetExecutingAssembly().GetName().Name + " Server Remote TCP";
else if (protocol == NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_UDP)
firewallRule.Name = Assembly.GetExecutingAssembly().GetName().Name + " Server Remote UDP";
firewallRule.Protocol = (int)protocol;
INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance
(Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));
firewallRule.Direction = direction;
if (add == true)
{
firewallPolicy.Rules.Add(firewallRule);
}
else
{
firewallPolicy.Rules.Remove(firewallRule.Name);
}
}
catch (Exception ex) { MessageBox.Show(ex.Message, "ERROR"); }
}
来自服务器程序防火墙的日志显示防火墙丢弃了来自客户端的传入 TCP 数据(TCP 的服务器端口是 2310,TCP 的客户端端口是随机/未知的):
2016-10-19 10:37:56 DROP ICMP :: ff02::1 - - 80 - - - - 130 0 - RECEIVE
2016-10-19 10:38:54 DROP TCP fe80::91c:1ba7:abfc:5e5f fe80::1c96:dc05:3b26:1eaa 50248 2310 72 S 1175516710 0 8192 - - - RECEIVE
2016-10-19 10:38:57 DROP TCP fe80::91c:1ba7:abfc:5e5f fe80::1c96:dc05:3b26:1eaa 50248 2310 72 S 1175516710 0 8192 - - - RECEIVE
2016-10-19 10:39:03 DROP TCP fe80::91c:1ba7:abfc:5e5f fe80::1c96:dc05:3b26:1eaa 50248 2310 68 S 1175516710 0 8192 - - - RECEIVE
2016-10-19 10:40:02 DROP ICMP :: ff02::1 - - 80 - - - - 130 0 - RECEIVE
2016-10-19 10:41:02 DROP TCP fe80::91c:1ba7:abfc:5e5f fe80::1c96:dc05:3b26:1eaa 50252 2310 72 S 4091559822 0 8192 - - - RECEIVE
2016-10-19 10:41:05 DROP TCP fe80::91c:1ba7:abfc:5e5f fe80::1c96:dc05:3b26:1eaa 50252 2310 72 S 4091559822 0 8192 - - - RECEIVE
2016-10-19 10:41:11 DROP TCP fe80::91c:1ba7:abfc:5e5f fe80::1c96:dc05:3b26:1eaa 50252 2310 68 S 4091559822 0 8192 - - - RECEIVE
2016-10-19 10:41:23 DROP TCP 192.168.1.100 192.168.1.121 50253 2310 52 S 3013060805 0 8192 - - - RECEIVE
2016-10-19 10:41:26 DROP TCP 192.168.1.100 192.168.1.121 50253 2310 52 S 3013060805 0 8192 - - - RECEIVE
2016-10-19 10:41:30 DROP TCP fe80::91c:1ba7:abfc:5e5f fe80::1c96:dc05:3b26:1eaa 50261 2310 72 S 1985828196 0 8192 - - - RECEIVE
2016-10-19 10:41:33 DROP TCP fe80::91c:1ba7:abfc:5e5f fe80::1c96:dc05:3b26:1eaa 50261 2310 72 S 1985828196 0 8192 - - - RECEIVE
2016-10-19 10:41:39 DROP TCP fe80::91c:1ba7:abfc:5e5f fe80::1c96:dc05:3b26:1eaa 50261 2310 68 S 1985828196 0 8192 - - - RECEIVE
2016-10-19 10:42:07 DROP ICMP :: ff02::1 - - 80 - - - - 130 0 - RECEIVE
2016-10-19 10:44:13 DROP ICMP :: ff02::1 - - 80 - - - - 130 0 - RECEIVE
2016-10-19 10:44:28 DROP TCP fe80::91c:1ba7:abfc:5e5f fe80::1c96:dc05:3b26:1eaa 50285 2310 72 S 2762432965 0 8192 - - - RECEIVE
2016-10-19 10:44:29 DROP TCP fe80::91c:1ba7:abfc:5e5f fe80::1c96:dc05:3b26:1eaa 50285 2310 72 S 2762432965 0 8192 - - - RECEIVE
2016-10-19 10:44:35 DROP TCP fe80::91c:1ba7:abfc:5e5f fe80::1c96:dc05:3b26:1eaa 50285 2310 68 S 2762432965 0 8192 - - - RECEIVE
该规则已在 Windows 防火墙中注册(抱歉操作系统是德语):
