通过编程管理windows 防火墙
来源:互联网 发布:数据恢复后照片无预览 编辑:程序博客网 时间:2024/06/05 22:35
最近项目中需要通过程序自动设置windows 防火墙,查了一下资料,可以通过命令行netsh firewall来实现。封装了一个类来实现对运行放开的程序(Allowed program)进行管理。管理其他内容比如放开端口等方法是类似的。
namespace WinFirewall
{
public enum TScope
{
ALL,
SUBNET,
CUSTOM,
}
public enum TMode
{
ENABLE,
DISABLE,
}
/**////
/// Manage the allowed program with the Windows Firewall.
///
public class AllowedProgram
{
Set AllowedProgram Help#region Set AllowedProgram Help
/**//*
set allowedprogram
[ program = ] path
[ [ name = ] name
[ mode = ] ENABLE|DISABLE
[ scope = ] ALL|SUBNET|CUSTOM
[ addresses = ] addresses
[ profile = ] CURRENT|DOMAIN|STANDARD|ALL ]
Sets firewall allowed program configuration.
Parameters:
program - Program path and file name.
name - Program name (optional).
mode - Program mode (optional).
ENABLE - Allow through firewall (default).
DISABLE - Do not allow through firewall.
scope - Program scope (optional).
ALL - Allow all traffic through firewall (default).
SUBNET - Allow only local network (subnet) traffic through firewall.
CUSTOM - Allow only specified traffic through firewall.
addresses - Custom scope addresses (optional).
profile - Configuration profile (optional).
CURRENT - Current profile (default).
DOMAIN - Domain profile.
STANDARD - Standard profile.
ALL - All profiles.
Remarks: 'scope' must be 'CUSTOM' to specify 'addresses'.
Examples:
set allowedprogram C:\MyApp\MyApp.exe MyApp ENABLE
set allowedprogram C:\MyApp\MyApp.exe MyApp DISABLE
set allowedprogram C:\MyApp\MyApp.exe MyApp ENABLE CUSTOM
157.60.0.1,172.16.0.0/16,10.0.0.0/255.0.0.0,LocalSubnet
set allowedprogram program = C:\MyApp\MyApp.exe name = MyApp mode = ENABLE
set allowedprogram program = C:\MyApp\MyApp.exe name = MyApp mode = DISABLE
set allowedprogram program = C:\MyApp\MyApp.exe name = MyApp mode = ENABLE
scope = CUSTOM addresses =
157.60.0.1,172.16.0.0/16,10.0.0.0/255.0.0.0,LocalSubnet
*/
#endregion
private field#region private field
private String m_Program;
private String m_Name;
private TScope m_Scope = TScope.ALL;
private TMode m_Mode = TMode.ENABLE;
private String m_Address;
#endregion
public property#region public property
/**////
/// Program path and file name.
///
public String Program
{
get
{
return m_Program;
}
set
{
m_Program = value;
}
}
/**////
/// Program name (optional).
///
public String Name
{
get
{
return m_Name;
}
set
{
m_Name = value;
}
}
/**////
/// Program scope (optional).
/// ALL - Allow all traffic through firewall (default).
/// SUBNET - Allow only local network (subnet) traffic through firewall.
/// CUSTOM - Allow only specified traffic through firewall. ///
public TScope Scope
{
get
{
return m_Scope;
}
set
{
m_Scope = value;
}
}
/**////
/// Program mode (optional).
/// ENABLE - Allow through firewall (default).
/// DISABLE - Do not allow through firewall
///
public TMode Mode
{
get
{
return m_Mode;
}
set
{
m_Mode = value;
}
}
/**////
/// Custom scope addresses (optional).
///
///
/// 157.60.0.1,172.16.0.0/16,10.0.0.0/255.0.0.0
///
public String Address
{
get
{
return m_Address;
}
set
{
m_Address = value;
}
}
#endregion
public method#region public method
/**////
/// Set allowed program
///
public void Set()
{
Debug.Assert(Program != null);
if (Name == null)
{
Name = System.IO.Path.GetFileNameWithoutExtension(Program);
}
if (Scope == TScope.CUSTOM)
{
Debug.Assert(Address != null);
}
RunProcess runCmd = new RunProcess();
String command;
command = String.Format("firewall set allowedprogram {0} {1} {2} {3}",
Program, Name, Mode.ToString(), Scope.ToString());
if (Scope == TScope.CUSTOM)
{
command += " " + Address;
}
runCmd.Run("netsh", command);
if (runCmd.Error != null && runCmd.Error != "")
{
throw new Exception(runCmd.Error);
}
if (!runCmd.Output.ToLower().Contains("ok."))
{
throw new Exception(runCmd.Output);
}
}
/**////
/// Delete allowed program
///
public void Delete()
{
Debug.Assert(Program != null);
RunProcess runCmd = new RunProcess();
String command = String.Format("firewall delete allowedprogram {0}",
Program);
runCmd.Run("netsh", command);
if (runCmd.Error != null && runCmd.Error != "")
{
throw new Exception(runCmd.Error);
}
if (!runCmd.Output.ToLower().Contains("ok."))
{
throw new Exception(runCmd.Output);
}
}
#endregion
}
}
调用的相关例程
private void buttonSetAllowProgram_Click(object sender, EventArgs e)
{
try
{
AllowedProgram allowedProgram = new AllowedProgram();
allowedProgram.Program = textBoxProgramFilePath.Text.Trim();
if (checkBoxEnable.Checked)
{
allowedProgram.Mode = TMode.ENABLE;
}
else
{
allowedProgram.Mode = TMode.DISABLE;
}
allowedProgram.Scope = (TScope)comboBoxScope.SelectedItem;
allowedProgram.Address = textBoxAddress.Text.Trim();
allowedProgram.Set();
MessageBox.Show("OK", "Information", MessageBoxButtons.OK);
}
catch (Exception e1)
{
MessageBox.Show(e1.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
private void buttonDelAllowProgram_Click(object sender, EventArgs e)
{
try
{
AllowedProgram allowedProgram = new AllowedProgram();
allowedProgram.Program = textBoxProgramFilePath.Text.Trim();
allowedProgram.Delete();
MessageBox.Show("OK", "Information", MessageBoxButtons.OK);
}
catch (Exception e1)
{
MessageBox.Show(e1.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
程序中用到一个公共类 RunProcess,这个类可从另一篇文章 《一个C#写的调用外部进程类》 获得
namespace WinFirewall
{
public enum TScope
{
ALL,
SUBNET,
CUSTOM,
}
public enum TMode
{
ENABLE,
DISABLE,
}
/**////
/// Manage the allowed program with the Windows Firewall.
///
public class AllowedProgram
{
Set AllowedProgram Help#region Set AllowedProgram Help
/**//*
set allowedprogram
[ program = ] path
[ [ name = ] name
[ mode = ] ENABLE|DISABLE
[ scope = ] ALL|SUBNET|CUSTOM
[ addresses = ] addresses
[ profile = ] CURRENT|DOMAIN|STANDARD|ALL ]
Sets firewall allowed program configuration.
Parameters:
program - Program path and file name.
name - Program name (optional).
mode - Program mode (optional).
ENABLE - Allow through firewall (default).
DISABLE - Do not allow through firewall.
scope - Program scope (optional).
ALL - Allow all traffic through firewall (default).
SUBNET - Allow only local network (subnet) traffic through firewall.
CUSTOM - Allow only specified traffic through firewall.
addresses - Custom scope addresses (optional).
profile - Configuration profile (optional).
CURRENT - Current profile (default).
DOMAIN - Domain profile.
STANDARD - Standard profile.
ALL - All profiles.
Remarks: 'scope' must be 'CUSTOM' to specify 'addresses'.
Examples:
set allowedprogram C:\MyApp\MyApp.exe MyApp ENABLE
set allowedprogram C:\MyApp\MyApp.exe MyApp DISABLE
set allowedprogram C:\MyApp\MyApp.exe MyApp ENABLE CUSTOM
157.60.0.1,172.16.0.0/16,10.0.0.0/255.0.0.0,LocalSubnet
set allowedprogram program = C:\MyApp\MyApp.exe name = MyApp mode = ENABLE
set allowedprogram program = C:\MyApp\MyApp.exe name = MyApp mode = DISABLE
set allowedprogram program = C:\MyApp\MyApp.exe name = MyApp mode = ENABLE
scope = CUSTOM addresses =
157.60.0.1,172.16.0.0/16,10.0.0.0/255.0.0.0,LocalSubnet
*/
#endregion
private field#region private field
private String m_Program;
private String m_Name;
private TScope m_Scope = TScope.ALL;
private TMode m_Mode = TMode.ENABLE;
private String m_Address;
#endregion
public property#region public property
/**////
/// Program path and file name.
///
public String Program
{
get
{
return m_Program;
}
set
{
m_Program = value;
}
}
/**////
/// Program name (optional).
///
public String Name
{
get
{
return m_Name;
}
set
{
m_Name = value;
}
}
/**////
/// Program scope (optional).
/// ALL - Allow all traffic through firewall (default).
/// SUBNET - Allow only local network (subnet) traffic through firewall.
/// CUSTOM - Allow only specified traffic through firewall. ///
public TScope Scope
{
get
{
return m_Scope;
}
set
{
m_Scope = value;
}
}
/**////
/// Program mode (optional).
/// ENABLE - Allow through firewall (default).
/// DISABLE - Do not allow through firewall
///
public TMode Mode
{
get
{
return m_Mode;
}
set
{
m_Mode = value;
}
}
/**////
/// Custom scope addresses (optional).
///
///
/// 157.60.0.1,172.16.0.0/16,10.0.0.0/255.0.0.0
///
public String Address
{
get
{
return m_Address;
}
set
{
m_Address = value;
}
}
#endregion
public method#region public method
/**////
/// Set allowed program
///
public void Set()
{
Debug.Assert(Program != null);
if (Name == null)
{
Name = System.IO.Path.GetFileNameWithoutExtension(Program);
}
if (Scope == TScope.CUSTOM)
{
Debug.Assert(Address != null);
}
RunProcess runCmd = new RunProcess();
String command;
command = String.Format("firewall set allowedprogram {0} {1} {2} {3}",
Program, Name, Mode.ToString(), Scope.ToString());
if (Scope == TScope.CUSTOM)
{
command += " " + Address;
}
runCmd.Run("netsh", command);
if (runCmd.Error != null && runCmd.Error != "")
{
throw new Exception(runCmd.Error);
}
if (!runCmd.Output.ToLower().Contains("ok."))
{
throw new Exception(runCmd.Output);
}
}
/**////
/// Delete allowed program
///
public void Delete()
{
Debug.Assert(Program != null);
RunProcess runCmd = new RunProcess();
String command = String.Format("firewall delete allowedprogram {0}",
Program);
runCmd.Run("netsh", command);
if (runCmd.Error != null && runCmd.Error != "")
{
throw new Exception(runCmd.Error);
}
if (!runCmd.Output.ToLower().Contains("ok."))
{
throw new Exception(runCmd.Output);
}
}
#endregion
}
}
调用的相关例程
private void buttonSetAllowProgram_Click(object sender, EventArgs e)
{
try
{
AllowedProgram allowedProgram = new AllowedProgram();
allowedProgram.Program = textBoxProgramFilePath.Text.Trim();
if (checkBoxEnable.Checked)
{
allowedProgram.Mode = TMode.ENABLE;
}
else
{
allowedProgram.Mode = TMode.DISABLE;
}
allowedProgram.Scope = (TScope)comboBoxScope.SelectedItem;
allowedProgram.Address = textBoxAddress.Text.Trim();
allowedProgram.Set();
MessageBox.Show("OK", "Information", MessageBoxButtons.OK);
}
catch (Exception e1)
{
MessageBox.Show(e1.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
private void buttonDelAllowProgram_Click(object sender, EventArgs e)
{
try
{
AllowedProgram allowedProgram = new AllowedProgram();
allowedProgram.Program = textBoxProgramFilePath.Text.Trim();
allowedProgram.Delete();
MessageBox.Show("OK", "Information", MessageBoxButtons.OK);
}
catch (Exception e1)
{
MessageBox.Show(e1.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
- 通过编程管理windows 防火墙
- 通过编程管理windows 防火墙
- Oracle通过Windows防火墙
- Oracle通过Windows防火墙
- ArcGIS Server 通过Windows防火墙设置
- 编程控制windows防火墙的exception list.
- 如何通过命令来管理Windows7桌面防火墙
- 如何让你的程序安全通过windows防火墙
- 如何让你的程序安全通过windows防火墙
- Windows 2008 R2 防火墙允许Serv-U通过的方法
- 通过Windows防火墙禁止某程序(或软件)联网
- Windows Server2008通过命令行方式添加防火墙规则
- Windows 防火墙
- 高级安全windows防火墙管理单元无法加载解决方法
- VC:windows自带的防火墙的相关编程
- Windows编程中的堆管理
- Windows编程中的堆管理
- Windows编程中的堆管理
- MVC设计模式
- [官方教程] 暗黑世界 客户端 配置文档
- 中国象棋程序的设计与实现(三)--2012本科毕业论文等重要文档资料
- Java 十进制和十六制之间的转化(负数的处理)
- createElement 创建 HTML 元素
- 通过编程管理windows 防火墙
- 用Python解释SQL语句执行过程
- Linux设备驱动---ioctl函数
- onblur,onchange
- XHXJ's LIS---数位DP
- MAC下《暗黑世界》客户端版本编译说明!!
- eclipse安装maven插件的问题
- Jquery实现图片左右滚动(自动)
- 南京网预赛02 BY bly