public static void firewallDo(int port)
{
firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(
Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));
fwMgr = (INetFwMgr)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWMgr"));
firewallRule = (INetFwRule)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule"));
firewallRule.Action = NET_FW_ACTION_.NET_FW_ACTION_BLOCK;
firewallRule.Enabled = true;
firewallRule.InterfaceTypes = "All";
firewallRule.Name = "Auto_Deny_" + port.ToString();
firewallRule.Description = "Cyberscript " + DateTime.Now.ToString("HH:mm:ss tt");
firewallRule.Protocol = (int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_TCP;
firewallRule.LocalPorts = port.ToString();
firewallPolicy.Rules.Add(firewallRule);
}
static bool portcheck(int port)
{
bool exists = false;
Type tNetFwPolicy2 = Type.GetTypeFromProgID("HNetCfg.FwPolicy2");
INetFwPolicy2 fwPolicy2 = (INetFwPolicy2)Activator.CreateInstance(tNetFwPolicy2);
var currentProfiles = fwPolicy2.CurrentProfileTypes;
List <INetFwRule> RuleList = new List <INetFwRule>();
string i = Convert.ToString(port);
foreach (INetFwRule rule in fwPolicy2.Rules)
{
if (rule.LocalPorts == i)
{
exists = true;
return(exists);
}
}
return(exists);
}
private static void AddNewFirewallRule(int port)
{
lock (s_portLock)
{
if (s_AddedRulesByPort.ContainsKey(port))
{
return;
}
// If we add any rules, register to delete them at process exit.
RegisterForProcessExit();
// Create the FwPolicy2 object.
Type netFwPolicy2Type = Type.GetTypeFromProgID("HNetCfg.FwPolicy2", false);
INetFwPolicy2 fwPolicy2 = (INetFwPolicy2)Activator.CreateInstance(netFwPolicy2Type);
// Get the Rules object
INetFwRules rulesObject = fwPolicy2.Rules;
int CurrentProfiles = fwPolicy2.CurrentProfileTypes;
// Create a Rule Object.
Type netFwRuleType = Type.GetTypeFromProgID("HNetCfg.FWRule", false);
INetFwRule newRule = (INetFwRule)Activator.CreateInstance(netFwRuleType);
newRule.Name = String.Format(s_PortNameFormat, port);
newRule.Description = String.Format("Rule added for Bridge use of port {0}", port);
newRule.Protocol = (int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_TCP;
newRule.LocalPorts = port.ToString();
newRule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN;
newRule.Enabled = true;
newRule.Profiles = CurrentProfiles;
newRule.Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW;
// Add a new rule
rulesObject.Add(newRule);
Trace.WriteLine(String.Format("Added firewall rule {0}", newRule.Name),
typeof(PortManager).Name);
s_AddedRulesByPort[port] = newRule.Name;
}
}
/// <summary>
/// Add a ports/protocol exception rule for all profiles for Vista or later firewall
/// </summary>
/// <param name="ruleName"></param>
/// <param name="appPath"></param>
/// <returns>false if the firewall type isn't available, true for successful completion.</returns>
public static bool AddPortExceptionToVistaFirewall(string ruleName, string ports, NET_FW_IP_PROTOCOL_ protocol)
{
Type fwPolicy2Type = Type.GetTypeFromProgID("HNetCfg.FwPolicy2");
if (fwPolicy2Type == null)
{
return(false);
}
INetFwPolicy2 fwPolicy2 = (INetFwPolicy2)System.Activator.CreateInstance(fwPolicy2Type);
INetFwRule fwRule = (INetFwRule)System.Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwRule"));
fwRule.Name = ruleName;
fwRule.Protocol = (int)protocol;
fwRule.LocalPorts = ports;
fwRule.Enabled = true;
fwPolicy2.Rules.Add(fwRule);
return(true);
}
private void AddFirewallRule(string p)
{
INetFwRule firewallRule = (INetFwRule)Activator.CreateInstance(
Type.GetTypeFromProgID("HNetCfg.FWRule"));
firewallRule.Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW;
firewallRule.Description = "Used to allow Samana Monitor access.";
firewallRule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN;
firewallRule.Enabled = true;
firewallRule.InterfaceTypes = "All";
firewallRule.Protocol = (int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_TCP;
firewallRule.LocalPorts = p;
firewallRule.Name = "SamanaMonitor";
INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(
Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));
firewallPolicy.Rules.Add(firewallRule);
}
/// <summary>
/// Open a certain port, name of the rule includes timeout of opening port.
/// </summary>
/// <param name="tcpPort"></param>
/// <param name="endpoint"></param>
/// <param name="dateTime"></param>
public void OpenPortWithTimeout(int tcpPort, IPEndPoint endpoint, DateTime dateTime)
{
var ruleName = $"{Constants.TcpRulePrefix}{dateTime.ToString("yyyyMMddHHmm")}_{Guid.NewGuid().ToString()}";
INetFwPolicy2 fwPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));
INetFwRule firewallRule = (INetFwRule)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule"));
firewallRule.Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW;
firewallRule.Description = "Created by StupidFirewallManager";
firewallRule.Protocol = (int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_TCP;
firewallRule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN; // inbound
firewallRule.Enabled = true;
firewallRule.InterfaceTypes = "All";
firewallRule.RemoteAddresses = endpoint.Address.ToString();
firewallRule.LocalAddresses = "*";
firewallRule.Name = ruleName;
firewallRule.LocalPorts = tcpPort.ToString();
fwPolicy.Rules.Add(firewallRule);
}
public void Execute(Dictionary <string, string> arguments)
{
string ruleName = string.Empty;
string fwProfile = string.Empty;
if (arguments.ContainsKey("/rulename"))
{
ruleName = arguments["/rulename"];
}
else
{
Console.WriteLine("[-] The \"disablerule\" command requires the \"/rulename\" argument");
Environment.Exit(0);
}
INetFwPolicy2 fwPolicy2 = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWPolicy2"));
INetFwRules fwRules = fwPolicy2.Rules;
foreach (INetFwRule3 rule in fwRules)
{
if (rule.Name == ruleName)
{
if (rule.Enabled == false)
{
Console.WriteLine("[*] Rule \"{0}\" is already disabled.", ruleName);
}
else
{
Console.WriteLine("[*] Attempting to disable rule \"{0}\"", ruleName);
try
{
rule.Enabled = false;
Console.WriteLine("[+] Success!");
}
catch (Exception e)
{
Console.WriteLine("[-] Error while disabling rule \"{0}\":", ruleName);
Console.WriteLine(e.Message);
}
}
}
}
}
public static bool GetFirewallStatus()
{
bool result = false;
try
{
INetFwPolicy2 fwPolicy2 = getCurrPolicy();
NET_FW_PROFILE_TYPE2_ fwCurrentProfileTypes;
//read Current Profile Types (only to increase Performace)
//avoids access on CurrentProfileTypes from each Property
fwCurrentProfileTypes = (NET_FW_PROFILE_TYPE2_)fwPolicy2.CurrentProfileTypes;
result = (fwPolicy2.get_FirewallEnabled(NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_PUBLIC));
}
catch (Exception e)
{
Logger.Log(e.ToString());
}
return(result);
}
public void Setup()
{
Type typeFWPolicy2 = Type.GetTypeFromCLSID(new Guid(guidFWPolicy2));
Type typeFWRule = Type.GetTypeFromCLSID(new Guid(guidRWRule));
INetFwPolicy2 fwPolicy2 = (INetFwPolicy2)Activator.CreateInstance(typeFWPolicy2);
INetFwRule newRule = (INetFwRule)Activator.CreateInstance(typeFWRule);
newRule.Name = "InBound_Rule";
newRule.Description = "Block inbound traffic from 192.168.0.2 over TCP port 4000";
newRule.Protocol = (int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_TCP;
newRule.LocalPorts = "4000";
newRule.RemoteAddress = "192.168.0.2";
newRule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN;
newRule.Enabled = true;
newRule.Grouping = "@firewallapi.dll,-23255";
newRule.Profiles = fwPolicy2.CurrentProfileTypes;
newRule.Action = NET_FW_ACTION_.NET_FW_ACTION_BLOCK;
fwPolicy2.Rules.Add(newRule);
}
public void CreateFirewallRule()
{
INetFwRule2 firewallRule = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule"));
firewallRule.Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW;
firewallRule.Description = "Used to allow clients to connect to Island Server";
firewallRule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN;
firewallRule.Enabled = true;
firewallRule.Protocol = (int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_TCP;
firewallRule.LocalPorts = HostPort;
firewallRule.Profiles = (int)NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_ALL;
firewallRule.InterfaceTypes = "All";
firewallRule.Name = "Island Server";
INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(
Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));
firewallPolicy.Rules.Add(firewallRule);
}
public static void RemoveRuleVista(string name, string applicationPath)
{
INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));
List <INetFwRule> removeRules = new List <INetFwRule>(2);
foreach (INetFwRule rule in firewallPolicy.Rules)
{
if (((rule.Name != null) && rule.Name.Equals(name, StringComparison.CurrentCultureIgnoreCase)) || ((rule.ApplicationName != null) && rule.ApplicationName.Equals(applicationPath, StringComparison.CurrentCultureIgnoreCase)))
{
removeRules.Add(rule);
}
}
foreach (INetFwRule rule in removeRules)
{
firewallPolicy.Rules.Remove(rule.Name);
}
}
public static bool IsMinerClientRuleExists()
{
FirewallStatus state = Status(FirewallDomain.Domain);
if (state == RemoteDesktop.FirewallStatus.Disabled)
{
return(true);
}
try {
INetFwPolicy2 policyManager = GetPolicyManager();
return
(policyManager.Rules.OfType <INetFwRule>().Any(x => x.Name.StartsWith(MinerClientRuleName)) &&
policyManager.Rules.OfType <INetFwRule>().Any(x => x.Name.StartsWith(NTMinerDaemonRuleName)));
}
catch (Exception e) {
Logger.ErrorDebugLine(e);
return(true);
}
}
/// <summary>
/// Removes CodeSwine Inbound & Outbound firewall rules at program startup.
/// </summary>
public static void DeleteRules()
{
try {
INetFwRule firewallRuleInbound = (INetFwRule)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule"));
firewallRuleInbound.Name = "GTA5 CodeSwine - Private Public Lobby Inbound";
INetFwRule firewallRuleOutbound = (INetFwRule)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule"));
firewallRuleOutbound.Name = "GTA5 CodeSwine - Private Public Lobby Outbound";
INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));
firewallPolicy.Rules.Remove(firewallRuleInbound.Name);
firewallPolicy.Rules.Remove(firewallRuleOutbound.Name);
} catch (Exception e)
{
ErrorLogger.LogException(e);
MessageBox.Show("Run this program as administrator!");
}
}
public static void BlockIPInFirewall(string sourceIP)
{
const string ruleName = "Block Malicious IP";
string blockRange;
if (sourceIP.Contains("."))
{
blockRange = sourceIP.Substring(0, sourceIP.LastIndexOf('.')) + ".0/24";
}
else
{
blockRange = sourceIP.Substring(0, sourceIP.LastIndexOf(':')) + ":0/112";
}
var firewallRule = GetFirewallRule(ruleName);
if (firewallRule == null)
{
INetFwPolicy2 fwPolicy2 = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));
var currentProfiles = fwPolicy2.CurrentProfileTypes;
// Let's create a new rule
INetFwRule2 inboundRule = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule"));
inboundRule.Name = ruleName;
inboundRule.Enabled = true;
inboundRule.Protocol = 6; // TCP
inboundRule.RemoteAddresses = blockRange;
inboundRule.Action = NET_FW_ACTION_.NET_FW_ACTION_BLOCK;
inboundRule.Profiles = currentProfiles;
fwPolicy2.Rules.Add(inboundRule);
}
else
{
firewallRule.RemoteAddresses += "," + blockRange;
}
}
// 参考链接:
// https://msdn.microsoft.com/en-us/library/windows/desktop/aa366418(v=vs.85).aspx
// https://stackoverflow.com/questions/15409790/adding-an-application-firewall-rule-to-both-private-and-public-networks-via-win7
// bing: hnetcfg.fwpolicy2 c#
/// <summary>
/// 添加一个应用程序完整路径到Windows防火墙的“受信”列表中
/// </summary>
/// <param name="path"></param>
public static void AllowApplication(string path)
{
if (string.IsNullOrEmpty(path))
{
throw new ArgumentNullException(nameof(path));
}
if (File.Exists(path) == false)
{
throw new FileNotFoundException("File not found: " + path);
}
string ruleName = Path.GetFileNameWithoutExtension(path);
Type tNetFwPolicy2 = Type.GetTypeFromProgID("HNetCfg.FwPolicy2");
INetFwPolicy2 fwPolicy2 = (INetFwPolicy2)Activator.CreateInstance(tNetFwPolicy2);
try {
// 检查规则是否已存在
if (fwPolicy2.Rules.Item(ruleName) != null)
{
return;
}
}
catch {// 如果规则不存在,会抛出异常,这里就直接吃掉异常
}
// 创建一个入站规则实例
INetFwRule2 inboundRule = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule"));
inboundRule.Enabled = true;
//设置为允许
inboundRule.Action = NET_FW_ACTION.NET_FW_ACTION_ALLOW;
//指定使用TCP协议
inboundRule.ApplicationName = path;
//规则名称
inboundRule.Name = ruleName;
// 规则影响范围(配置文件)
inboundRule.Profiles = (int)NET_FW_PROFILE_TYPE2.NET_FW_PROFILE2_ALL;
// 添加规则到防火墙
fwPolicy2.Rules.Add(inboundRule);
}
/// <summary>
/// Removes Inbound & Outbound firewall rules at program startup.
/// </summary>
public static void DeleteRules(Game game)
{
try {
INetFwRule firewallRuleInboundTCP = (INetFwRule)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule"));
firewallRuleInboundTCP.Name = game.GetTCPRuleName("Inbound");
INetFwRule firewallRuleInboundUDP = (INetFwRule)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule"));
firewallRuleInboundUDP.Name = game.GetUDPRuleName("Inbound");
INetFwRule firewallRuleOutboundTCP = (INetFwRule)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule"));
firewallRuleOutboundTCP.Name = game.GetTCPRuleName("Outbound");
INetFwRule firewallRuleOutboundUDP = (INetFwRule)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule"));
firewallRuleOutboundUDP.Name = game.GetUDPRuleName("Outbound");
INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));
if (game.TcpPorts.Length > 0)
{
firewallPolicy.Rules.Remove(firewallRuleInboundTCP.Name);
firewallPolicy.Rules.Remove(firewallRuleOutboundTCP.Name);
}
if (game.UdpPorts.Length > 0)
{
firewallPolicy.Rules.Remove(firewallRuleInboundUDP.Name);
firewallPolicy.Rules.Remove(firewallRuleOutboundUDP.Name);
}
} catch (Exception e)
{
ErrorLogger.LogException(e);
if (lblAdmin != null)
{
lblAdmin.Visibility = Visibility.Visible;
}
else
{
MessageBox.Show("Run this program as administrator!");
}
}
}
/// <summary>
/// Sets, Removes or Toggles Inbound firewall rules.
/// </summary>
/// <param name="addresses">Scope to block.</param>
/// <param name="enabled">True to enable, false to disable the rule.</param>
/// <param name="toggle">True to prevent adding or removing the rule again.</param>
public static bool CreateInbound(string addresses, Game game, bool enabled, bool toggle)
{
try
{
INetFwRule firewallRuleTCP = createFWRule(addresses, game, enabled, false, RuleProtocol.eRuleProtoTCP);
INetFwRule firewallRuleUDP = createFWRule(addresses, game, enabled, false, RuleProtocol.eRuleProtoUDP);
INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));
if (!toggle)
{
if (game.TcpPorts.Length > 0)
{
firewallPolicy.Rules.Add(firewallRuleTCP);
}
if (game.UdpPorts.Length > 0)
{
firewallPolicy.Rules.Add(firewallRuleUDP);
}
}
else
{
if (game.TcpPorts.Length > 0)
{
firewallPolicy.Rules.Remove(firewallRuleTCP.Name);
firewallPolicy.Rules.Add(firewallRuleTCP);
}
if (game.UdpPorts.Length > 0)
{
firewallPolicy.Rules.Remove(firewallRuleUDP.Name);
firewallPolicy.Rules.Add(firewallRuleUDP);
}
}
}
catch (Exception e)
{
ErrorLogger.LogException(e);
return(false);
}
return(true);
}
/// <summary>
/// This is slightly different from <see cref="ApplyUdpRules(FirewallRule[])"/> but it
/// could be made equal.
/// should be expired.
/// </summary>
/// <param name="rules"></param>
public void ApplyBasicTcpRules(FirewallRule[] rules)
{
var ports = rules.Select(r => r.TcpPort).ToArray();
var portRanges = PortRangeHelper.GetRangeExclusive(ports);
//now get already existing rules.
var allStaticTcpRule = SearchFirewallRules()
.Where(r => r.Name.StartsWith(Constants.TcpStaticPrefix));
INetFwPolicy2 fwPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));
//we need to create other rules, and be 100% sure that only new rules for udp are created
var newRules = portRanges
.Select(range => new
{
Name = $"{Constants.TcpStaticPrefix}_{range.LowerPortInclusive}_{range.UpperPortInclusive}",
Range = range
})
.ToList();
var rulesToRemove = allStaticTcpRule.Where(r => !newRules.Any(nr => nr.Name == r.Name)).ToList();
foreach (var ruleToRemove in rulesToRemove)
{
fwPolicy.Rules.Remove(ruleToRemove.Name);
}
var rulesToAdd = newRules.Where(r => !allStaticTcpRule.Any(ur => ur.Name == r.Name)).ToList();
foreach (var ruleToAdd in rulesToAdd)
{
INetFwRule firewallRule = (INetFwRule)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule"));
firewallRule.Action = NET_FW_ACTION_.NET_FW_ACTION_BLOCK;
firewallRule.Description = "Created by StupidFirewallManager";
firewallRule.Protocol = (int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_TCP;
firewallRule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN; // inbound
firewallRule.Enabled = true;
firewallRule.InterfaceTypes = "All";
firewallRule.RemoteAddresses = "*"; // add more blocks comma separated
firewallRule.LocalAddresses = "*";
firewallRule.Name = ruleToAdd.Name;
firewallRule.LocalPorts = $"{ruleToAdd.Range.LowerPortInclusive}-{ruleToAdd.Range.UpperPortInclusive}";
fwPolicy.Rules.Add(firewallRule);
}
}
public string fwApplicationRule(string ruleName, string filePath, NET_FW_ACTION_ fwAction, NET_FW_RULE_DIRECTION_ fwDirection, bool isAddRule)
{
if (isAddRule)
{
if (isApplicationRuleExists(filePath, fwAction, true))
{
return("Exclude");
}
if (isApplicationRuleExists(filePath, fwAction))
{
return(fwAction.ToString().Replace("NET_FW_ACTION_", string.Empty));
}
}
try
{
INetFwRule fwRule = (INetFwRule)Activator.CreateInstance(
Type.GetTypeFromProgID("HNetCfg.FWRule"));
fwRule.Action = fwAction;
fwRule.Enabled = true;
fwRule.InterfaceTypes = "All";
fwRule.Name = ruleName.ToLower();
fwRule.ApplicationName = filePath.ToLower();
INetFwPolicy2 fwPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));
fwRule.Direction = fwDirection;
if (isAddRule)
{
fwPolicy.Rules.Add(fwRule);
return(fwRule.Action.ToString().Replace("NET_FW_ACTION_", string.Empty));
}
else
{
fwPolicy.Rules.Remove(fwRule.Name);
return("success");
}
}
catch (Exception ex)
{
return(ex.Message);
}
}
private void SetupFirewall()
{
INetFwPolicy2 p = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));
try
{
INetFwRule2 pp = (INetFwRule2)p.Rules.Item("HHT Realtime Services");
}
catch (FileNotFoundException ex)
{
INetFwRule2 firewallRule = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule"));
firewallRule.Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW;
firewallRule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN;
firewallRule.Enabled = true;
firewallRule.Protocol = 6;
firewallRule.LocalPorts = "15267";
firewallRule.Name = "HHT Realtime Services";
p.Rules.Add(firewallRule);
}
}
public static void RemoveRule(string RuleName)
{
try
{
INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));
foreach (INetFwRule rule in firewallPolicy.Rules)
{
if (rule.Name.IndexOf(RuleName) != -1)
{
firewallPolicy.Rules.Remove(rule.Name);
break;
}
}
firewallPolicy = null;
}
catch (Exception ex)
{
Logger.Exception(ex);
}
}
private static void CloseAllOpenedPortsInFireWall()
{
Type NetFwPolicy2Type = Type.GetTypeFromProgID("HNetCfg.FwPolicy2", false);
INetFwPolicy2 fwPolicy2 = (INetFwPolicy2)Activator.CreateInstance(NetFwPolicy2Type);
// Get the Rules object
INetFwRules RulesObject = fwPolicy2.Rules;
lock (s_portLock)
{
foreach (var pair in s_AddedRulesByPort)
{
RulesObject.Remove(pair.Value);
Trace.WriteLine(String.Format("Removed firewall rule {0}", pair.Value),
typeof(PortManager).Name);
}
s_AddedRulesByPort.Clear();
}
}
public void React(IpV4Address scanner)
{
try
{
INetFwPolicy2 fwPolicy = GetNetFwPolicy();
if (ExistsBlockingRuleFor(scanner, fwPolicy))
{
return;
}
Console.WriteLine("Adding firewall rule...");
INetFwRule newRule = SetupNetFwRule(scanner);
newRule.Profiles = fwPolicy.CurrentProfileTypes;
fwPolicy.Rules.Add(newRule);
}
catch (UnauthorizedAccessException exception)
{
throw new InvalidOperationException("You don't have rights for changing firewall rules without administrator rights.", exception);
}
}
public FirewallService()
{
outboundRules = new List <INetFwRule>();
inboundRules = new List <INetFwRule>();
INetFwPolicy2 netFwPolicy2 = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));
foreach (INetFwRule netFwRule in netFwPolicy2.Rules)
{
if (netFwRule.Direction == NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_OUT)
{
outboundRules.Add(netFwRule);
}
if (netFwRule.Direction == NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN)
{
inboundRules.Add(netFwRule);
}
}
outboundRules = outboundRules.OrderBy(r => r.Name).ToList();
inboundRules = inboundRules.OrderBy(r => r.Name).ToList();
}
public static void RemoveRdpRule()
{
FirewallStatus state = Status(FirewallDomain.Domain);
if (state == RemoteDesktop.FirewallStatus.Disabled)
{
return;
}
try {
INetFwOpenPorts openPorts = GetOpenPorts();
openPorts.Remove(RdpTcpPort, NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_TCP);
openPorts.Remove(RdpUdpPort, NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_UDP);
INetFwPolicy2 policyManager = GetPolicyManager();
policyManager.Rules.Remove(RdpRuleName);
}
catch (Exception e) {
Logger.ErrorDebugLine(e);
}
}
public bool DeleteRockstarRules()
{
try {
Type firewallType = Type.GetTypeFromProgID("HNetCfg.FwPolicy2");
INetFwPolicy2 fwPolicy = (INetFwPolicy2)Activator.CreateInstance(firewallType);
fwPolicy.Rules.Remove(_RockstarGamesRulesName + "OutUDP");
_RockstarGamesOutUDPRuleCreated = false;
_RockstarGamesOutUDPEnabled = false;
Console.WriteLine("Rockstar OutUDP has been removed");
fwPolicy.Rules.Remove(_RockstarGamesRulesName + "InUDP");
_RockstarGamesInUDPRuleCreated = false;
_RockstarGamesInUDPEnabled = false;
Console.WriteLine("Rockstar InUDP has been removed");
_RockstarGamesRulesActivated = false;
return(true);
}
catch (Exception ex) { throw ex; }
}
public static void BlockIP(params string[] remoteAddresses)
{
string ruleName = "Block3389";
Type typeFWPolicy2 = Type.GetTypeFromProgID("HNetCfg.FwPolicy2");
Type typeFWRule = Type.GetTypeFromProgID("HNetCfg.FwRule");
try
{
INetFwPolicy2 fwPolicy2 = (INetFwPolicy2)Activator.CreateInstance(typeFWPolicy2);
var rules = fwPolicy2.Rules.Cast <INetFwRule>();
var rule = rules.FirstOrDefault(x => x.Name == ruleName);
string newAddresses = string.Join(',', remoteAddresses);
if (rule is null)
{
INetFwRule newRule = (INetFwRule)Activator.CreateInstance(typeFWRule);
newRule.Name = ruleName;
newRule.Description = "Block inbound traffic over TCP port 3389";
newRule.Protocol = (int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_TCP;
newRule.LocalPorts = "3389";
newRule.RemoteAddresses = newAddresses;
newRule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN;
newRule.Enabled = true;
newRule.Grouping = "@firewallapi.dll,-23255";
newRule.Profiles = fwPolicy2.CurrentProfileTypes;
newRule.Action = NET_FW_ACTION_.NET_FW_ACTION_BLOCK;
fwPolicy2.Rules.Add(newRule);
}
else
{
rule.RemoteAddresses += $",{newAddresses}";
}
Console.ForegroundColor = ConsoleColor.Red;
Console.WriteLine($"Blocked! IP : {newAddresses}");
Console.ResetColor();
}
catch (COMException ex)
{
Console.WriteLine(ex);
}
}
private static void AddFirewallRule()
{
Type tNetFwPolicy2 = Type.GetTypeFromProgID("HNetCfg.FwPolicy2");
INetFwPolicy2 fwPolicy2 = (INetFwPolicy2)Activator.CreateInstance(tNetFwPolicy2);
List <INetFwRule> RuleList = new List <INetFwRule>();
var currentProfiles = fwPolicy2.CurrentProfileTypes;
foreach (INetFwRule rule in fwPolicy2.Rules)
{
if (rule.Name.IndexOf(_firewallRule) != -1)
{
if (rule.LocalPorts == _port && rule.Profiles == currentProfiles)
{
rule.Enabled = true;
return;
}
}
}
// Let's create a new rule
INetFwRule2 inboundRule = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule"));
inboundRule.Enabled = true;
//Allow through firewall
inboundRule.Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW;
//Using protocol TCP
inboundRule.Protocol = 6; // TCP
//Port 81
inboundRule.LocalPorts = _port;
//Name of rule
inboundRule.Name = _firewallRule;
// ...//
inboundRule.Profiles = currentProfiles;
// Now add the rule
INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));
firewallPolicy.Rules.Add(inboundRule);
}
private bool FirewallRuleExists(string ruleName)
{
try
{
Type tNetFwPolicy2 = Type.GetTypeFromProgID("HNetCfg.FwPolicy2");
INetFwPolicy2 fwPolicy2 = (INetFwPolicy2)Activator.CreateInstance(tNetFwPolicy2);
foreach (INetFwRule rule in fwPolicy2.Rules)
{
if (rule.Name.IndexOf(ruleName, StringComparison.Ordinal) != -1)
{
return(true);
}
}
}
catch (Exception ex)
{
Logger.Error(ex);
}
return(false);
}
public void ToggleAction(string ruleName)
{
List <INetFwRule> RuleList = new List <INetFwRule>();
foreach (INetFwRule rule in fwPolicy2.Rules)
{
if (rule.Name.IndexOf(ruleName) != -1)
{
INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));
if (firewallPolicy.Rules.Item(ruleName).Action == NET_FW_ACTION_.NET_FW_ACTION_ALLOW)
{
firewallPolicy.Rules.Item(ruleName).Action = NET_FW_ACTION_.NET_FW_ACTION_BLOCK;
}
else
{
firewallPolicy.Rules.Item(ruleName).Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW;
}
}
}
}
private void RemoveExistingRules(INetFwPolicy2 policy)
{
var removeList = policy.Rules.Cast<INetFwRule>().Where(rule => rule.Name.Equals(Name, StringComparison.InvariantCulture)).ToList();
foreach (var rule in removeList)
policy.Rules.Remove(rule.Name);
}
private void CreateRuleOut(String RuleName, String Desc, NET_FW_IP_PROTOCOL_ Protocol, String RemotePorts, NET_FW_RULE_DIRECTION_ Direction, INetFwPolicy2 fwPolicy2)
{
Type typeFWRule = Type.GetTypeFromProgID("HNetCfg.FwRule", false);
INetFwRule newRule = (INetFwRule)Activator.CreateInstance(typeFWRule);
newRule.Name = RuleName;
newRule.Description = Desc;
newRule.Protocol = (int)Protocol;
newRule.RemotePorts = RemotePorts;
newRule.RemoteAddresses = txtRemoteAddress.Text.Replace(" ", "").Replace("\r\n", ",");
newRule.Direction = Direction;
newRule.Enabled = true;
newRule.Grouping = "Elasticsearch";
//newRule.Profiles = fwPolicy2.CurrentProfileTypes;
newRule.Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW;
fwPolicy2.Rules.Add(newRule);
}
public static void Initialize()
{
mgr = (INetFwMgr)Activator.CreateInstance(net_fw_mgr_type);
policy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWPolicy2"));
}
public void CreateNewRule(FirewallRuleEntry entry)
{
_rule = (INetFwRule)Activator.CreateInstance(Type.GetTypeFromCLSID(netFwRuleUuid));
_rule.Action = (NET_FW_ACTION_)((int)entry.RuleAction);//NET_FW_ACTION_.NET_FW_ACTION_ALLOW;
_rule.ApplicationName = entry.ApplicationPath;
_rule.Description = entry.Description;
_rule.Direction = (NET_FW_RULE_DIRECTION_)((int)entry.Direction);//NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN;
_rule.EdgeTraversal = entry.EdgeTraversal;
_rule.Enabled = entry.Enabled;
_rule.Grouping = entry.GroupName;
_rule.Name = entry.RuleName;
_rule.Protocol = (int)entry.Protocol;
_policy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromCLSID(netFwPolicy2Uuid));
_policy.Rules.Add(_rule);
}
/// <summary>
///
/// </summary>
/// <param name="instanceName">Name of the firewall rule</param>
/// <param name="description">Description of the firewall rule</param>
public FWBanManager(string instanceName, string description)
{
banList = new ConcurrentDictionary<string, int>();
try
{
firewall = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWPolicy2"));
rule = FindFWRule(instanceName);
if (rule == null)
{
rule = (INetFwRule)Activator.CreateInstance(Type.GetTypeFromProgID("HnetCfg.FWRule"));
rule.Name = instanceName;
if (description != null && description.Length > 0)
rule.Description = description;
rule.Enabled = true;
rule.Action = NET_FW_ACTION_.NET_FW_ACTION_BLOCK;
rule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN;
rule.RemoteAddresses = "255.255.255.255-255.255.255.255";
firewall.Rules.Add(rule);
}
else
{
rule.Enabled = true;
LoadFirewallList();
}
}
catch (Exception e)
{
throw e;
}
}
