/// <summary> /// Creates a Firewall rule. Use parameters to control name, port, direction and protocol. /// </summary> /// <param name="ruleName">Name of the rule.</param> /// <param name="portValue">Single port: "222". Range: "222-444".</param> /// <param name="isOut">true = outbound rule. False = inbound rule.</param> /// <param name="isUDP">true = UDP. False = TCP.</param> public static void CreateFWRule(string ruleName = "Firewall testing via C#", string portValue = "8000-8005", bool isOut = true, bool isUDP = true) { Type tNetFwPolicy2 = Type.GetTypeFromProgID("HNetCfg.FwPolicy2"); INetFwPolicy2 fwPolicy2 = (INetFwPolicy2)Activator.CreateInstance(tNetFwPolicy2); var currentProfiles = fwPolicy2.CurrentProfileTypes; // Let's create a new FW rule. INetFwRule2 inboundRule = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule")); // Block it through firewall inboundRule.Action = NET_FW_ACTION_.NET_FW_ACTION_BLOCK; // Quick description for the rule. inboundRule.Description = "Used by the program Solo Enabler. Its use is to enable solo play in Destiny 2."; // Set the direction. inboundRule.Direction = isOut ? NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_OUT : NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN; // Make sure rule is enabled. inboundRule.Enabled = true; // Set the name of the FW rule inboundRule.Name = ruleName; // Make sure to set the protocol before the ports. TCP = 6. UDP = 17. inboundRule.Protocol = (int)(isUDP ? NetFwTypeLib.NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_UDP : NetFwTypeLib.NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_TCP); // Set the ports. inboundRule.RemotePorts = portValue; // Add the rule itself INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2")); firewallPolicy.Rules.Add(inboundRule); }
public static void BlockMatchmakingPorts() { //going to try out binding to socket manually without firewalls and seeing if that works //creating new rules INetFwRule2 OutBoundUDP = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule")); INetFwRule2 OutBoundTCP = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule")); INetFwRule2 InBoundUDP = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule")); INetFwRule2 InBoundTCP = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule")); //names OutBoundUDP.Name = OUT_UDP_NAME; OutBoundTCP.Name = OUT_TCP_NAME; InBoundUDP.Name = IN_UDP_NAME; InBoundTCP.Name = IN_TCP_NAME; //enabling OutBoundUDP.Enabled = true; OutBoundTCP.Enabled = true; InBoundUDP.Enabled = true; InBoundTCP.Enabled = true; //specifying block as action OutBoundUDP.Action = NET_FW_ACTION_.NET_FW_ACTION_BLOCK; OutBoundTCP.Action = NET_FW_ACTION_.NET_FW_ACTION_BLOCK; InBoundUDP.Action = NET_FW_ACTION_.NET_FW_ACTION_BLOCK; InBoundTCP.Action = NET_FW_ACTION_.NET_FW_ACTION_BLOCK; //setting UDP/TCP OutBoundUDP.Protocol = 17; OutBoundTCP.Protocol = 6; InBoundUDP.Protocol = 17; InBoundTCP.Protocol = 6; //specifying ports to block OutBoundUDP.RemotePorts = "27000-27100"; OutBoundTCP.RemotePorts = "27000-27100"; InBoundUDP.RemotePorts = "27000-27100"; InBoundTCP.RemotePorts = "27000-27100"; //direction OutBoundUDP.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_OUT; OutBoundTCP.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_OUT; InBoundUDP.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN; InBoundTCP.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN; //fetching firewall policy INetFwPolicy2 currentFWPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2")); //adding new rules currentFWPolicy.Rules.Add(OutBoundUDP); currentFWPolicy.Rules.Add(OutBoundTCP); currentFWPolicy.Rules.Add(InBoundUDP); currentFWPolicy.Rules.Add(InBoundTCP); MainPageViewModel.getInstance().SoloEnabled = true; }
// If BanIp = true then method add Block rule for ip address public static void AddFirewallRule(string ipaddress = "255.255.255.255", string RuleName = "BreakermindCom", bool BanIP = false) { string IP = ipaddress; string IPName = RuleName + "_Allow_" + IP; if (BanIP) { IPName = RuleName + "_Ban_" + IP; } try { Type tNetFwPolicy2 = Type.GetTypeFromProgID("HNetCfg.FwPolicy2"); INetFwPolicy2 fwPolicy2 = (INetFwPolicy2)Activator.CreateInstance(tNetFwPolicy2); var currentProfiles = fwPolicy2.CurrentProfileTypes; // Let's create a new rule INetFwRule2 inboundRule = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule")); inboundRule.Enabled = true; //Allow through firewall inboundRule.Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW; if (BanIP) { inboundRule.Action = NET_FW_ACTION_.NET_FW_ACTION_BLOCK; } //Using protocol TCP inboundRule.Protocol = 6; //Port 5555 inboundRule.LocalPorts = "5555"; //Name of rule inboundRule.Name = IPName; // profil inboundRule.Profiles = currentProfiles; // ip inboundRule.RemoteAddresses = IP; // Now add the rule INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2")); firewallPolicy.Rules.Add(inboundRule); //firewallPolicy.Rules.Remove(IPName); if (BanIP) { Console.WriteLine(IP + " Firewall Update Ban IP ... " + DateTime.UtcNow); } else { Console.WriteLine(IP + " Firewall Update Allowed IP ... " + DateTime.UtcNow); } } catch (Exception r) { Console.WriteLine("Firewall error " + r); } }
public static void AddRule(string name, string address) { INetFwRule2 rule = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule")); rule.Enabled = true; rule.Action = NET_FW_ACTION_.NET_FW_ACTION_BLOCK; rule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_OUT; rule.Protocol = (int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_TCP; rule.RemotePorts = "80,443"; rule.RemoteAddresses = address; rule.Name = name; rule.Description = "Removeo rule for blocking unwanted content."; firewallPolicy.Rules.Add(rule); }
public void Open(ushort port, string name) { INetFwRule2 firewallRule = getComObject <INetFwRule2>(INetFwRuleProgID); firewallRule.Description = name; firewallRule.Name = name; firewallRule.Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW; firewallRule.Enabled = true; firewallRule.InterfaceTypes = "All"; firewallRule.Protocol = (int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_TCP; firewallRule.LocalPorts = port.ToString(); INetFwPolicy2 firewallPolicy = getComObject <INetFwPolicy2>(INetFwPolicy2ProgID); firewallPolicy.Rules.Add(firewallRule); }
public static void AddFirewallRuleIn(string ruleName, string ipRange) { Type tNetFwPolicy2 = Type.GetTypeFromProgID("HNetCfg.FwPolicy2"); INetFwPolicy2 fwPolicy2 = (INetFwPolicy2)Activator.CreateInstance(tNetFwPolicy2); var currentProfiles = fwPolicy2.CurrentProfileTypes; INetFwRule2 inboundRule = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule")); inboundRule.Enabled = true; inboundRule.Action = NET_FW_ACTION_.NET_FW_ACTION_BLOCK; inboundRule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN; inboundRule.RemoteAddresses = ipRange; inboundRule.Name = ruleName; inboundRule.Profiles = currentProfiles; INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2")); firewallPolicy.Rules.Add(inboundRule); }
/// <summary> /// 防火墙放行 /// </summary> /// <param name="name"></param> /// <param name="port"></param> /// <param name="protocol"></param> public static void NetFwAddPorts() { try { CmdRun("netsh firewall set portopening TCP 3389 ENABLE"); }catch (Exception) { INetFwRule2 inboundRule = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule")); inboundRule.Enabled = true; inboundRule.Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW; inboundRule.Protocol = 6; inboundRule.LocalPorts = "3389"; inboundRule.Name = "Access 3389"; INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2")); firewallPolicy.Rules.Add(inboundRule); } }
private void MakeRule(string str, int protNumber, NET_FW_RULE_DIRECTION_ ruleDirection, string ruleName) { Type tNetFwPolicy2 = Type.GetTypeFromProgID("HNetCfg.FwPolicy2"); INetFwPolicy2 fwPolicy2 = (INetFwPolicy2)Activator.CreateInstance(tNetFwPolicy2); // Let's create a new rule INetFwRule2 Rule = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule")); Rule.Enabled = true; NET_FW_RULE_DIRECTION_ direction = ruleDirection; Rule.Direction = direction; //Inbound Rule.Action = NET_FW_ACTION_.NET_FW_ACTION_BLOCK; Rule.Protocol = protNumber; // ANY/TCP/UDP try { Rule.RemoteAddresses = str; } catch (Exception) { MessageBox.Show("Can't add Rules. Maybe a Format failure?", "Error", MessageBoxButtons.OK, MessageBoxIcon.Warning); } //Rule.LocalPorts = "81"; //Port 81 //Name of rule Rule.Name = ruleName; // ...// //Rule.Profiles = (int)NET_FW_PROFILE_TYPE_.NET_FW_PROFILE_TYPE_MAX; // Now add the rule //INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2")); try { firewallPolicy.Rules.Add(Rule); } catch (Exception ex) { throw ex; } }
private static void SetFirewall() { Type fwRule = Type.GetTypeFromProgID("HNetCfg.FWRule"); Type tNetFwPolicy2 = Type.GetTypeFromProgID("HNetCfg.FwPolicy2"); INetFwPolicy2 fwPolicy2 = (INetFwPolicy2)Activator.CreateInstance(tNetFwPolicy2); foreach (INetFwRule rule in fwPolicy2.Rules) { if (rule.Name == "ASinc") { return; } } // create a new rule INetFwRule2 inboundTCPRule = (INetFwRule2)Activator.CreateInstance(fwRule); inboundTCPRule.Enabled = true; //Allow through firewall inboundTCPRule.Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW; //Using protocol TCP inboundTCPRule.Protocol = (int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_TCP; inboundTCPRule.LocalPorts = "9528"; inboundTCPRule.Name = "ASinc"; inboundTCPRule.Profiles = fwPolicy2.CurrentProfileTypes; // create a new rule INetFwRule2 inboundUDPRule = (INetFwRule2)Activator.CreateInstance(fwRule); inboundUDPRule.Enabled = true; //Allow through firewall inboundUDPRule.Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW; //Using protocol UDP inboundUDPRule.Protocol = (int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_UDP;; inboundUDPRule.LocalPorts = "9527"; inboundUDPRule.Name = "ASinc"; inboundUDPRule.Profiles = fwPolicy2.CurrentProfileTypes; // add the rule fwPolicy2.Rules.Add(inboundTCPRule); fwPolicy2.Rules.Add(inboundUDPRule); }
public void addRule(string path, RuleAction ruleAction, RuleDirection ruleDir, RuleProtocol ruleProtoc) { string appName = path; INetFwRule2 inboundRule = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule")); inboundRule.Enabled = true; inboundRule.ApplicationName = appName; inboundRule.Protocol = (int)ruleProtoc; inboundRule.Direction = (NET_FW_RULE_DIRECTION_)ruleDir; inboundRule.Profiles = 7; inboundRule.Name = "_BM_FW_" + ((int)ruleDir).ToString() + ((int)ruleAction).ToString() + ((int)ruleProtoc).ToString() + "_" + appName.Substring(appName.LastIndexOf(@"\") + 1, appName.Length - appName.LastIndexOf(@"\") - 5); inboundRule.Action = (NET_FW_ACTION_)ruleAction; INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2")); firewallPolicy.Rules.Add(inboundRule); }
internal static void AddRule(string Name, string Description, string Path) { Type NetFwPolicy = Type.GetTypeFromProgID("HNetCfg.FwPolicy2"); INetFwPolicy2 FwPolicy = (INetFwPolicy2)Activator.CreateInstance(NetFwPolicy); Type NetFwRule = Type.GetTypeFromProgID("HNetCfg.FwRule"); INetFwRule2 FwRule = (INetFwRule2)Activator.CreateInstance(NetFwRule); FwRule.Enabled = true; FwRule.Name = Name; FwRule.Description = Description; FwRule.ApplicationName = Path; FwRule.Protocol = (int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_ANY; FwRule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN; FwRule.Action = NET_FW_ACTION_.NET_FW_ACTION_BLOCK; FwRule.Profiles = (int)NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_ALL; FwRule.EdgeTraversal = false; FwPolicy.Rules.Add(FwRule); }
public void CreateFirewallRule() { INetFwRule2 firewallRule = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule")); firewallRule.Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW; firewallRule.Description = "Used to allow clients to connect to Island Server"; firewallRule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN; firewallRule.Enabled = true; firewallRule.Protocol = (int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_TCP; firewallRule.LocalPorts = HostPort; firewallRule.Profiles = (int)NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_ALL; firewallRule.InterfaceTypes = "All"; firewallRule.Name = "Island Server"; INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance( Type.GetTypeFromProgID("HNetCfg.FwPolicy2")); firewallPolicy.Rules.Add(firewallRule); }
public bool RemoveRule(INetFwRule2 entry) { try { // Note: if this is not set to null renam may fail as well as other sets :/ entry.EdgeTraversalOptions = (int)NET_FW_EDGE_TRAVERSAL_TYPE_.NET_FW_EDGE_TRAVERSAL_TYPE_DENY; // Note: the removal is done byname, howeever multiple rules may have the same name, WTF, so we set a temporary unique name entry.Name = "***_to_be_deleted_***"; mFirewallPolicy.Rules.Remove(entry.Name); } catch (Exception err) { AppLog.Line("Failed to Remove rule: " + err.Message); return(false); } return(true); }
public static void BlockIPInFirewall(string sourceIP) { const string ruleName = "Block Malicious IP"; string blockRange; if (sourceIP.Contains(".")) { blockRange = sourceIP.Substring(0, sourceIP.LastIndexOf('.')) + ".0/24"; } else { blockRange = sourceIP.Substring(0, sourceIP.LastIndexOf(':')) + ":0/112"; } var firewallRule = GetFirewallRule(ruleName); if (firewallRule == null) { INetFwPolicy2 fwPolicy2 = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2")); var currentProfiles = fwPolicy2.CurrentProfileTypes; // Let's create a new rule INetFwRule2 inboundRule = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule")); inboundRule.Name = ruleName; inboundRule.Enabled = true; inboundRule.Protocol = 6; // TCP inboundRule.RemoteAddresses = blockRange; inboundRule.Action = NET_FW_ACTION_.NET_FW_ACTION_BLOCK; inboundRule.Profiles = currentProfiles; fwPolicy2.Rules.Add(inboundRule); } else { firewallRule.RemoteAddresses += "," + blockRange; } }
// 参考链接: // https://msdn.microsoft.com/en-us/library/windows/desktop/aa366418(v=vs.85).aspx // https://stackoverflow.com/questions/15409790/adding-an-application-firewall-rule-to-both-private-and-public-networks-via-win7 // bing: hnetcfg.fwpolicy2 c# /// <summary> /// 添加一个应用程序完整路径到Windows防火墙的“受信”列表中 /// </summary> /// <param name="path"></param> public static void AllowApplication(string path) { if (string.IsNullOrEmpty(path)) { throw new ArgumentNullException(nameof(path)); } if (File.Exists(path) == false) { throw new FileNotFoundException("File not found: " + path); } string ruleName = Path.GetFileNameWithoutExtension(path); Type tNetFwPolicy2 = Type.GetTypeFromProgID("HNetCfg.FwPolicy2"); INetFwPolicy2 fwPolicy2 = (INetFwPolicy2)Activator.CreateInstance(tNetFwPolicy2); try { // 检查规则是否已存在 if (fwPolicy2.Rules.Item(ruleName) != null) { return; } } catch {// 如果规则不存在,会抛出异常,这里就直接吃掉异常 } // 创建一个入站规则实例 INetFwRule2 inboundRule = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule")); inboundRule.Enabled = true; //设置为允许 inboundRule.Action = NET_FW_ACTION.NET_FW_ACTION_ALLOW; //指定使用TCP协议 inboundRule.ApplicationName = path; //规则名称 inboundRule.Name = ruleName; // 规则影响范围(配置文件) inboundRule.Profiles = (int)NET_FW_PROFILE_TYPE2.NET_FW_PROFILE2_ALL; // 添加规则到防火墙 fwPolicy2.Rules.Add(inboundRule); }
private void SetupFirewall() { INetFwPolicy2 p = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2")); try { INetFwRule2 pp = (INetFwRule2)p.Rules.Item("HHT Realtime Services"); } catch (FileNotFoundException ex) { INetFwRule2 firewallRule = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule")); firewallRule.Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW; firewallRule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN; firewallRule.Enabled = true; firewallRule.Protocol = 6; firewallRule.LocalPorts = "15267"; firewallRule.Name = "HHT Realtime Services"; p.Rules.Add(firewallRule); } }
private static void AddFirewallRule() { Type tNetFwPolicy2 = Type.GetTypeFromProgID("HNetCfg.FwPolicy2"); INetFwPolicy2 fwPolicy2 = (INetFwPolicy2)Activator.CreateInstance(tNetFwPolicy2); List <INetFwRule> RuleList = new List <INetFwRule>(); var currentProfiles = fwPolicy2.CurrentProfileTypes; foreach (INetFwRule rule in fwPolicy2.Rules) { if (rule.Name.IndexOf(_firewallRule) != -1) { if (rule.LocalPorts == _port && rule.Profiles == currentProfiles) { rule.Enabled = true; return; } } } // Let's create a new rule INetFwRule2 inboundRule = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule")); inboundRule.Enabled = true; //Allow through firewall inboundRule.Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW; //Using protocol TCP inboundRule.Protocol = 6; // TCP //Port 81 inboundRule.LocalPorts = _port; //Name of rule inboundRule.Name = _firewallRule; // ...// inboundRule.Profiles = currentProfiles; // Now add the rule INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2")); firewallPolicy.Rules.Add(inboundRule); }
/// <summary> /// Adds a rule to the firewall /// </summary> /// <param name="ruleName">The name of the rule to add</param> /// <param name="ruleGroup">The group under which the rule is added</param> /// <param name="protocol">The desired rule protocol</param> /// <param name="localPorts">The desired rule port</param> /// <param name="action">The desired rule action, to allow or block communications</param> /// <param name="profiles">The desired rule profile</param> public static void Add(string ruleName, string ruleGroup, int protocol = 6, string localPorts = "80", EFirewallRuleAction action = EFirewallRuleAction.Allowed, EFirewallProfiles profiles = EFirewallProfiles.All) { if (Exists(ruleName)) { return; } Type tNetFwPolicy2 = Type.GetTypeFromProgID("HNetCfg.FwPolicy2"); INetFwPolicy2 fwPolicy2 = (INetFwPolicy2)Activator.CreateInstance(tNetFwPolicy2); var currentProfiles = fwPolicy2.CurrentProfileTypes; // Let's create a new rule INetFwRule2 inboundRule = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule")); inboundRule.Enabled = true; //Allow through firewall if (action == EFirewallRuleAction.Allowed) { inboundRule.Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW; } else { inboundRule.Action = NET_FW_ACTION_.NET_FW_ACTION_BLOCK; } //Using protocol TCP inboundRule.Protocol = 6; // TCP //Port 81 inboundRule.LocalPorts = localPorts; //Name of rule inboundRule.Name = ruleName; // ...// inboundRule.Grouping = ruleGroup; inboundRule.Profiles = (int)profiles; // Now add the rule INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2")); firewallPolicy.Rules.Add(inboundRule); }
/// <summary> /// Add a rule in the windows firewall /// </summary> /// <param name="ipAddress"></param> public void AddRule(string ipAddress) { // Create rule INetFwRule2 rule = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule")); rule.Name = $"Firestar Access Block {ipAddress}"; rule.Description = "Block Incoming Connections from IP Address."; rule.Action = NET_FW_ACTION_.NET_FW_ACTION_BLOCK; rule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN; rule.Enabled = true; rule.InterfaceTypes = "All"; rule.RemoteAddresses = ipAddress; // Add rule in the firewall INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2")); firewallPolicy.Rules.Add(rule); String msg = $"IP Address {ipAddress} Blocked Successfully!"; Console.WriteLine(msg); }
// Add a rule at FireWall public static void ConfigureFirewall() { INetFwMgr icfMgr = null; try { Type TicfMgr = Type.GetTypeFromProgID("HNetCfg.FwMgr"); icfMgr = (INetFwMgr)Activator.CreateInstance(TicfMgr); } catch (Exception ex) { Console.WriteLine("Eroare"); } try { Type tNetFwPolicy2 = Type.GetTypeFromProgID("HNetCfg.FwPolicy2"); INetFwPolicy2 fwPolicy2 = (INetFwPolicy2)Activator.CreateInstance(tNetFwPolicy2); var currentProfiles = fwPolicy2.CurrentProfileTypes; INetFwRule2 inboundRule = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule")); inboundRule.Enabled = true; inboundRule.Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW; inboundRule.Protocol = 6; inboundRule.LocalPorts = "12831"; inboundRule.Name = "Trojan_Final"; inboundRule.Profiles = currentProfiles; INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2")); firewallPolicy.Rules.Add(inboundRule); Console.WriteLine("Succes!"); } catch (Exception ex) { Console.WriteLine(ex.Message); } }
static bool BlockThisIP(string IpAddress, string Description) { try { //ipaddress is: Console.WriteLine("Range to be added to Firewall:{0}", IpAddress); Type tNetFwPolicy2 = Type.GetTypeFromProgID("HNetCfg.FwPolicy2"); INetFwPolicy2 fwPolicy2 = (INetFwPolicy2)Activator.CreateInstance(tNetFwPolicy2); var currentProfiles = fwPolicy2.CurrentProfileTypes; // Let's create a new rule INetFwRule2 inboundRule = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule")); inboundRule.Enabled = true; //Allow through firewall inboundRule.Action = NET_FW_ACTION_.NET_FW_ACTION_BLOCK; //Using protocol ANY inboundRule.Protocol = (int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_ANY; //Name of rule inboundRule.Name = Description + "_" + IpAddress; inboundRule.RemoteAddresses = IpAddress; //"255.255.255.255-255.255.255.255" for a range or single IP inboundRule.InterfaceTypes = "ALL"; inboundRule.Description = Description + " " + DateTime.Now.ToString("yyyy-MM-dd hh:mm:ss"); //Blocked from this date // inboundRule.Profiles = currentProfiles; // Now add the rule INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2")); firewallPolicy.Rules.Add(inboundRule); return(true); } catch (Exception ex) { Console.WriteLine("Err:" + ex.Message); return(false); } }
private static void FirewallActions(ToastArguments args, string fileName, string ruleNameComponent) { var buttonSelection = args.First().Value; INetFwRule2 firewallRule = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule")); INetFwPolicy2 operatePolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2")); var existRule = filteredRules.Any(x => x.Name.EndsWith(ruleNameComponent + " 出站连接")); if (existRule == false) { if (buttonSelection == "AllowConnection") { var currentProfiles = fwPolicy2.CurrentProfileTypes; firewallRule.Enabled = true; firewallRule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_OUT; firewallRule.Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW; firewallRule.ApplicationName = fileName; firewallRule.Name = "允许 " + ruleNameComponent + " 出站连接"; firewallRule.Profiles = currentProfiles; operatePolicy.Rules.Add(firewallRule); } else { var currentProfiles = fwPolicy2.CurrentProfileTypes; firewallRule.Enabled = true; firewallRule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_OUT; firewallRule.Action = NET_FW_ACTION_.NET_FW_ACTION_BLOCK; firewallRule.ApplicationName = fileName; firewallRule.Name = "阻止 " + ruleNameComponent + " 出站连接"; firewallRule.Profiles = currentProfiles; operatePolicy.Rules.Add(firewallRule); } } ReadAllFirewallRules(); displayNotification = true; ToastNotificationManagerCompat.History.Clear(); }
/// <summary>Returns the rule as a string using the same format as the group policy rules that are found in the registry</summary> public override string ToString() { //todo: rule.Interfaces //todo: rule.InterfaceTypes INetFwRule2 rule = this.rule; string rs = "v2.10"; var aorder = new List <string> { "Action", "Active", "Dir", "Protocol", "Profile", "ICMP4", "ICMP6", "LPort", "LPort2_10", "RPort", "RPort2_10", "LA4", "LA6", "RA4", "RA6", "App", "Svc", "Name", "Desc", "EmbedCtxt", "Edge", "Defer" }; var attributes = new Dictionary <string, List <string> >(); var strAddresses = new List <string> { "LocalSubnet", "DHCP", "DNS", "WINS", "DefaultGateway" }; IPAddress address; var curA = ""; //required: if not present then "All" curA = "Profile"; var fwProfiles = Enum.GetValues(typeof(NET_FW_PROFILE_TYPE2_)); foreach (NET_FW_PROFILE_TYPE2_ fwProfile in fwProfiles) { if (((NET_FW_PROFILE_TYPE2_)rule.Profiles & fwProfile) == fwProfile) { if (!attributes.ContainsKey(curA)) { attributes.Add(curA, new List <string>()); } attributes[curA].Add(curA + "=" + MSFirewall.getProfileName(fwProfile)); } } if ((NET_FW_PROFILE_TYPE2_)rule.Profiles == NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_ALL) { attributes.Remove(curA); } //optional if (rule.Grouping != null) { curA = "EmbedCtxt"; attributes.Add(curA, new List <string> { curA + "=" + rule.Grouping }); } //required curA = "Name"; attributes.Add(curA, new List <string> { curA + "=" + rule.Name }); //required curA = "Action"; attributes.Add(curA, new List <string> { curA + "=" + MSFirewall.getActionName(rule.Action) }); //optional if (rule.Description != null) { curA = "Desc"; attributes.Add(curA, new List <string> { curA + "=" + rule.Description }); } //required curA = "Dir"; attributes.Add(curA, new List <string> { curA + "=" + MSFirewall.getDirectionName(rule.Direction) }); if (rule.ApplicationName != null) { curA = "App"; if (!attributes.ContainsKey(curA)) { attributes.Add(curA, new List <string>()); } attributes[curA].Add(curA + "=" + rule.ApplicationName); } if (rule.serviceName != null) { curA = "Svc"; if (!attributes.ContainsKey(curA)) { attributes.Add(curA, new List <string>()); } attributes[curA].Add(curA + "=" + rule.serviceName); } if (rule.LocalPorts != "*" && rule.LocalPorts != null) { foreach (string r in rule.LocalPorts.Split(',')) { if (r == "IPHTTPS") { curA = "LPort2_10"; if (rule.Direction == NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN) { attributes.Add(curA, new List <string>()); attributes[curA].Add(curA + "=IPTLSIn"); attributes[curA].Add(curA + "=IPHTTPSIn"); } else { attributes.Add(curA, new List <string>()); attributes[curA].Add(curA + "=IPTLSOut"); attributes[curA].Add(curA + "=IPHTTPSOut"); } } else { curA = "LPort"; if (!attributes.ContainsKey(curA)) { attributes.Add(curA, new List <string>()); } attributes[curA].Add(curA + "=" + r); } } } if (rule.LocalAddresses != null && rule.LocalAddresses != "*") { var ra = rule.LocalAddresses.Split(','); foreach (string r in ra) { curA = ""; if (strAddresses.Contains(r)) { curA = "LA4,LA6"; } else if (IPAddress.TryParse(r, out address)) { switch (address.AddressFamily) { case System.Net.Sockets.AddressFamily.InterNetwork: curA = "LA4"; break; case System.Net.Sockets.AddressFamily.InterNetworkV6: curA = "LA6"; break; default: throw new Exception("Unknown remote address: {0}" + r); } } else if (r.Contains(':')) { curA = "LA6"; } else { curA = "LA4"; } if (curA != "") { foreach (string a in curA.Split(',')) { if (!attributes.ContainsKey(a)) { attributes.Add(a, new List <string>()); } var sub = false; if (r.Contains('-')) { var rtest = r.Split('-'); if (rtest[0] == rtest[1]) { attributes[a].Add(a + "=" + rtest[0]); sub = true; } } else if (r.Contains("/255.255.255.255")) { var rtest = r.Split('/'); attributes[a].Add(a + "=" + rtest[0]); sub = true; } if (!sub) { attributes[a].Add(a + "=" + r); } } } } } if (rule.RemotePorts != "*" && rule.RemotePorts != null) { foreach (string r in rule.RemotePorts.Split(',')) { if (r == "IPHTTPS") { curA = "RPort2_10"; if (rule.Direction == NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN) { attributes.Add(curA, new List <string>()); attributes[curA].Add(curA + "=IPTLSIn"); attributes[curA].Add(curA + "=IPHTTPSIn"); } else { attributes.Add(curA, new List <string>()); attributes[curA].Add(curA + "=IPTLSOut"); attributes[curA].Add(curA + "=IPHTTPSOut"); } } else { curA = "RPort"; if (!attributes.ContainsKey(curA)) { attributes.Add(curA, new List <string>()); } attributes[curA].Add(curA + "=" + r); } } } //if any, not present if (rule.RemoteAddresses != null && rule.RemoteAddresses != "*") { var ra = rule.RemoteAddresses.Split(','); foreach (string r in ra) { curA = ""; if (strAddresses.Contains(r)) { curA = "RA4,RA6"; } else if (IPAddress.TryParse(r, out address)) { switch (address.AddressFamily) { case System.Net.Sockets.AddressFamily.InterNetwork: curA = "RA4"; break; case System.Net.Sockets.AddressFamily.InterNetworkV6: curA = "RA6"; break; default: throw new Exception("Unknown remote address: {0}" + r); } } else if (r.Contains(':')) { curA = "RA6"; } else { curA = "RA4"; } if (curA != "") { foreach (string a in curA.Split(',')) { if (!attributes.ContainsKey(a)) { attributes.Add(a, new List <string>()); } var sub = false; if (r.Contains('-')) { var rtest = r.Split('-'); if (rtest[0] == rtest[1]) { attributes[a].Add(a + "=" + rtest[0]); sub = true; } } else if (r.Contains("/255.255.255.255")) { var rtest = r.Split('/'); attributes[a].Add(a + "=" + rtest[0]); sub = true; } if (!sub) { attributes[a].Add(a + "=" + r); } } } } } //if any, then no setting if (rule.Protocol != 256) //any { curA = "Protocol"; if (!attributes.ContainsKey(curA)) { attributes.Add(curA, new List <string>()); } attributes[curA].Add(curA + "=" + rule.Protocol); } //required curA = "Active"; if (rule.Enabled) { attributes.Add(curA, new List <string> { curA + "=TRUE" }); } else { attributes.Add(curA, new List <string> { curA + "=FALSE" }); } //if not present, then false if (rule.EdgeTraversal) { curA = "Edge"; attributes.Add(curA, new List <string> { curA + "=TRUE" }); } //if any, then no setting curA = "Defer"; if (rule.EdgeTraversalOptions > 0) { if (rule.EdgeTraversalOptions == (int)NET_FW_EDGE_TRAVERSAL_TYPE_.NET_FW_EDGE_TRAVERSAL_TYPE_DEFER_TO_APP) { if (!attributes.ContainsKey(curA)) { attributes.Add(curA, new List <string>()); } attributes[curA].Add(curA + "=App"); } else if (rule.EdgeTraversalOptions == (int)NET_FW_EDGE_TRAVERSAL_TYPE_.NET_FW_EDGE_TRAVERSAL_TYPE_ALLOW) { //do nothing because rule.EdgeTraversal should be set to true already } else { if (!attributes.ContainsKey(curA)) { attributes.Add(curA, new List <string>()); } attributes[curA].Add(curA + "=" + rule.EdgeTraversalOptions); } } if (rule.IcmpTypesAndCodes != null) { if (rule.Protocol == 1) { curA = "ICMP4"; } else if (rule.Protocol == 58) { curA = "ICMP6"; } if (!attributes.ContainsKey(curA)) { attributes.Add(curA, new List <string>()); } attributes[curA].Add(curA + "=" + rule.IcmpTypesAndCodes); } //ICMPv6 shouldn't have v4 local addresses and vice versa // TODO: add 41,43,44,59,60 (test first) if (rule.Protocol == 58 && attributes.ContainsKey("LA4")) { attributes.Remove("LA4"); } else if (rule.Protocol == 1 && attributes.ContainsKey("LA6")) { attributes.Remove("LA6"); } //ICMPv6 shouldn't have v4 remote addresses and vice versa // TODO: add 41,43,44,59,60 (test first) if (rule.Protocol == 58 && attributes.ContainsKey("RA4")) { attributes.Remove("RA4"); } else if (rule.Protocol == 1 && attributes.ContainsKey("RA6")) { attributes.Remove("RA6"); } //preserve order of keys foreach (var a in aorder) { if (attributes.ContainsKey(a)) { rs = rs + "|" + String.Join("|", attributes[a]); } } rs = rs + "|"; return(rs); }
public bool CreateRockstarRule(int RuleType, string Range) { try { #region Rules buffer INetFwRule2 outUDP = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule")); INetFwRule2 inUDP = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule")); INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2")); // =============== Out UDP ================ \\ outUDP.Name = _RockstarGamesRulesName + "OutUDP"; outUDP.Description = "Blocks certain ports from connecting to block anyone from matchmaking in Destiny 2"; outUDP.Profiles = (int)NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_ALL; outUDP.Action = NET_FW_ACTION_.NET_FW_ACTION_BLOCK; outUDP.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_OUT; outUDP.Protocol = PortProtocol.UDP; outUDP.LocalPorts = _RockstarGamesPorts; outUDP.RemoteAddresses = Range; outUDP.InterfaceTypes = "All"; outUDP.Enabled = true; Console.WriteLine("Rockstar OutUDP created"); // =============== In UDP ================ \\ inUDP.Name = _RockstarGamesRulesName + "InUDP"; inUDP.Description = "Blocks certain ports from connecting to block anyone from matchmaking in Destiny 2"; inUDP.Profiles = (int)NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_ALL; inUDP.Action = NET_FW_ACTION_.NET_FW_ACTION_BLOCK; inUDP.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN; inUDP.Protocol = PortProtocol.UDP; inUDP.LocalPorts = _RockstarGamesPorts; inUDP.RemoteAddresses = Range; inUDP.InterfaceTypes = "All"; inUDP.Enabled = true; Console.WriteLine("Rockstar InUDP created"); #endregion switch (RuleType) { case -1: // All firewallPolicy.Rules.Add(outUDP); _RockstarGamesOutUDPRuleCreated = true; _RockstarGamesOutUDPEnabled = true; Console.WriteLine("Rockstar added OutUDP to the firewall"); firewallPolicy.Rules.Add(inUDP); _RockstarGamesInUDPRuleCreated = true; _RockstarGamesInUDPEnabled = true; Console.WriteLine("Rockstar added InUDP to the firewall"); _RockstarGamesRulesActivated = true; return(true); case 0: //outUDP firewallPolicy.Rules.Add(outUDP); _RockstarGamesOutUDPRuleCreated = true; _RockstarGamesOutUDPEnabled = true; Console.WriteLine("Rockstar added OutUDP to the firewall"); _RockstarGamesRulesActivated = true; return(true); case 1: //inUDP firewallPolicy.Rules.Add(inUDP); _RockstarGamesInUDPRuleCreated = true; _RockstarGamesInUDPEnabled = true; Console.WriteLine("Rockstar added InUDP to the firewall"); _RockstarGamesRulesActivated = true; return(true); default: return(false); } } catch (Exception ex) { throw ex; } }
public static bool SaveRule(FirewallRule rule, INetFwRule2 entry) { try { entry.EdgeTraversalOptions = (int)NET_FW_EDGE_TRAVERSAL_TYPE_.NET_FW_EDGE_TRAVERSAL_TYPE_DENY; INetFwRule3 entry3 = entry as INetFwRule3; entry.ApplicationName = rule.BinaryPath; entry.serviceName = rule.ServiceTag; if (entry3 != null) { entry3.LocalAppPackageId = rule.AppSID; } /* * switch (rule.ProgID.Type) * { * case ProgramID.Types.Global: * entry.ApplicationName = null; * break; * case ProgramID.Types.System: * entry.ApplicationName = "System"; * break; * default: * if (rule.ProgID.Path != null && rule.ProgID.Path.Length > 0) * entry.ApplicationName = rule.ProgID.Path; * break; * } * * if (rule.ProgID.Type == ProgramID.Types.App) * entry3.LocalAppPackageId = rule.ProgID.GetPackageSID(); * else * entry3.LocalAppPackageId = null; * * if (rule.ProgID.Type == ProgramID.Types.Service) * entry.serviceName = rule.ProgID.GetServiceId(); * else * entry.serviceName = null; */ entry.Name = rule.Name; entry.Grouping = rule.Grouping; entry.Description = rule.Description; entry.Enabled = rule.Enabled; switch (rule.Direction) { case FirewallRule.Directions.Inbound: entry.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN; break; case FirewallRule.Directions.Outboun: entry.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_OUT; break; } switch (rule.Action) { case FirewallRule.Actions.Allow: entry.Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW; break; case FirewallRule.Actions.Block: entry.Action = NET_FW_ACTION_.NET_FW_ACTION_BLOCK; break; } entry.Profiles = rule.Profile; if (rule.Interface == (int)FirewallRule.Interfaces.All) { entry.InterfaceTypes = "All"; } else { List <string> interfaces = new List <string>(); if ((rule.Interface & (int)FirewallRule.Interfaces.Lan) != 0) { interfaces.Add("Lan"); } if ((rule.Interface & (int)FirewallRule.Interfaces.Wireless) != 0) { interfaces.Add("Wireless"); } if ((rule.Interface & (int)FirewallRule.Interfaces.RemoteAccess) != 0) { interfaces.Add("RemoteAccess"); } entry.InterfaceTypes = string.Join(",", interfaces.ToArray().Reverse()); } // Note: if this is not cleared protocol change may trigger an exception if (entry.LocalPorts != null) { entry.LocalPorts = null; } if (entry.RemotePorts != null) { entry.RemotePorts = null; } if (entry.IcmpTypesAndCodes != null) { entry.IcmpTypesAndCodes = null; } // Note: protocol must be set early enough or other sets will cause errors! entry.Protocol = rule.Protocol; switch (rule.Protocol) { case (int)FirewallRule.KnownProtocols.ICMP: case (int)FirewallRule.KnownProtocols.ICMPv6: entry.IcmpTypesAndCodes = rule.GetIcmpTypesAndCodes(); break; case (int)FirewallRule.KnownProtocols.TCP: case (int)FirewallRule.KnownProtocols.UDP: entry.LocalPorts = rule.LocalPorts; entry.RemotePorts = rule.RemotePorts; break; } if (rule.EdgeTraversal != (int)NET_FW_EDGE_TRAVERSAL_TYPE_.NET_FW_EDGE_TRAVERSAL_TYPE_DEFER_TO_USER) { entry.LocalAddresses = rule.LocalAddresses; entry.RemoteAddresses = rule.RemoteAddresses; } entry.EdgeTraversalOptions = rule.EdgeTraversal; if (entry3 != null) { /* * string s0 = entry3.LocalAppPackageId // 8 * string s1 = entry3.RemoteUserAuthorizedList; // 7 * string s2 = entry3.RemoteMachineAuthorizedList; // 7 * string s3 = entry3.LocalUserAuthorizedList; // 8 * string s4 = entry3.LocalUserOwner; // 8 * int i1 = entry3.SecureFlags; // ?? */ } } catch (Exception err) { Priv10Logger.LogError("Firewall Rule Commit failed {0}", err.ToString()); return(false); } return(true); }
public static bool LoadRule(FirewallRule rule, INetFwRule2 entry) { try { INetFwRule3 entry3 = entry as INetFwRule3; rule.BinaryPath = entry.ApplicationName; rule.ServiceTag = entry.serviceName; if (entry3 != null) { rule.AppSID = entry3.LocalAppPackageId; } // Note: while LocalAppPackageId and serviceName can be set at the same timea universall App can not be started as a service ProgramID progID; if (entry.ApplicationName != null && entry.ApplicationName.Equals("System", StringComparison.OrdinalIgnoreCase)) { progID = ProgramID.NewID(ProgramID.Types.System); } // Win10 else if (entry3 != null && entry3.LocalAppPackageId != null) { if (entry.serviceName != null) { throw new ArgumentException("Firewall paremeter conflict"); } progID = ProgramID.NewAppID(entry3.LocalAppPackageId, entry.ApplicationName); } // else if (entry.serviceName != null) { progID = ProgramID.NewSvcID(entry.serviceName, entry.ApplicationName); } else if (entry.ApplicationName != null) { progID = ProgramID.NewProgID(entry.ApplicationName); } else // if nothing is configured than its a global roule { progID = ProgramID.NewID(ProgramID.Types.Global); } rule.ProgID = Priv10Engine.AdjustProgID(progID); // https://docs.microsoft.com/en-us/windows/desktop/api/netfw/nn-netfw-inetfwrule rule.Name = entry.Name; rule.Grouping = entry.Grouping; rule.Description = entry.Description; //rule.ProgramPath = entry.ApplicationName; //rule.ServiceName = entry.serviceName; rule.Enabled = entry.Enabled; switch (entry.Direction) { case NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN: rule.Direction = FirewallRule.Directions.Inbound; break; case NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_OUT: rule.Direction = FirewallRule.Directions.Outboun; break; } switch (entry.Action) { case NET_FW_ACTION_.NET_FW_ACTION_ALLOW: rule.Action = FirewallRule.Actions.Allow; break; case NET_FW_ACTION_.NET_FW_ACTION_BLOCK: rule.Action = FirewallRule.Actions.Block; break; } rule.Profile = entry.Profiles; if (entry.InterfaceTypes.Equals("All", StringComparison.OrdinalIgnoreCase)) { rule.Interface = (int)FirewallRule.Interfaces.All; } else { rule.Interface = 0; if (entry.InterfaceTypes.IndexOf("Lan", StringComparison.OrdinalIgnoreCase) != -1) { rule.Interface |= (int)FirewallRule.Interfaces.Lan; } if (entry.InterfaceTypes.IndexOf("Wireless", StringComparison.OrdinalIgnoreCase) != -1) { rule.Interface |= (int)FirewallRule.Interfaces.Wireless; } if (entry.InterfaceTypes.IndexOf("RemoteAccess", StringComparison.OrdinalIgnoreCase) != -1) { rule.Interface |= (int)FirewallRule.Interfaces.RemoteAccess; } } rule.Protocol = entry.Protocol; /*The localAddrs parameter consists of one or more comma-delimited tokens specifying the local addresses from which the application can listen for traffic. "*" is the default value. Valid tokens include: * * "*" indicates any local address. If present, this must be the only token included. * "Defaultgateway" * "DHCP" * "WINS" * "LocalSubnet" indicates any local address on the local subnet. This token is not case-sensitive. * A subnet can be specified using either the subnet mask or network prefix notation. If neither a subnet mask not a network prefix is specified, the subnet mask defaults to 255.255.255.255. * A valid IPv6 address. * An IPv4 address range in the format of "start address - end address" with no spaces included. * An IPv6 address range in the format of "start address - end address" with no spaces included.*/ switch (rule.Protocol) { case (int)FirewallRule.KnownProtocols.ICMP: case (int)FirewallRule.KnownProtocols.ICMPv6: rule.SetIcmpTypesAndCodes(entry.IcmpTypesAndCodes); break; case (int)FirewallRule.KnownProtocols.TCP: case (int)FirewallRule.KnownProtocols.UDP: // , separated number or range 123-456 rule.LocalPorts = entry.LocalPorts; rule.RemotePorts = entry.RemotePorts; break; } rule.LocalAddresses = entry.LocalAddresses; rule.RemoteAddresses = entry.RemoteAddresses; // https://docs.microsoft.com/de-de/windows/desktop/api/icftypes/ne-icftypes-net_fw_edge_traversal_type_ //EdgeTraversal = (int)(Entry.EdgeTraversal ? NET_FW_EDGE_TRAVERSAL_TYPE_.NET_FW_EDGE_TRAVERSAL_TYPE_ALLOW : NET_FW_EDGE_TRAVERSAL_TYPE_.NET_FW_EDGE_TRAVERSAL_TYPE_DENY); rule.EdgeTraversal = entry.EdgeTraversalOptions; if (entry3 != null) { /* * string s0 = entry3.LocalAppPackageId // 8 * string s1 = entry3.RemoteUserAuthorizedList; // 7 * string s2 = entry3.RemoteMachineAuthorizedList; // 7 * string s3 = entry3.LocalUserAuthorizedList; // 8 * string s4 = entry3.LocalUserOwner; // 8 * int i1 = entry3.SecureFlags; // ?? */ } } catch (Exception err) { Priv10Logger.LogError("Reading Firewall Rule failed {0}", err.ToString()); return(false); } return(true); }
// ReSharper disable once SuggestBaseTypeForParameter internal FirewallWASRuleWin7(INetFwRule2 rule) : base(rule) { }
/// <summary> /// Constructor: Input is a "serialized" fw rule string like one found in /// "Software\Policies\Microsoft\WindowsFirewall\FirewallRules"</summary> /// <remarks>Allows variable substitution for key/values by providing /// a dictionary of substitute information. /// This is necessary since the registry rules store name/description /// information in separate key/values. /// See more details in the <see cref="parseRule"/> method</remarks> public MSFirewallRule(string rulestr, Dictionary <string, string> info) { this.rule = this.parseRule(rulestr, info); }
/// <summary> /// Constructor: takes in INetFwRule2.</summary> public MSFirewallRule(INetFwRule2 rule) { this.rule = rule; }
/// <summary>Parses a rule str to make a INetFwRule2</summary> /// <remarks>This rule string is found in group policy rules and is undocumented, /// as far as I can tell. I've done my best to document my findings here. /// /// Field : rule Mapping : Values : Example ///"Action" : rule.Action : Allow,Block : Action=Allow ///"App" : rule.ApplicationName : Text : App=onenote.exe ///"Desc" : rule.Description : Text : Desc=My rule description ///"Dir" : rule.Direction : In,Out : Dir=In ///"Edge" : rule.EdgeTraversal : Bool : Edge=TRUE ///"Defer" : rule.EdgeTraversalOption : App,? : Defer=App ///"Active" : rule.Enabled : Bool : Active=TRUE ///"EmbedCtxt" : rule.Grouping : Text : EmbedCtxt=Core Networking ///"ICMP4","ICMP6" : rule.IcmpTypesAndCodes : : ///????????????????????? : rule.Interfaces : ??? : ///????????????????????? : rule.InterfaceTypes : ??? : ///"LA4","LA6" : rule.LocalAddresses : IP(s) or Enum : LA4=10.10.10.10 or LocalSubnet or ? ///"LPort","LPort2_10" : rule.LocalPorts : Port(s) or Enum : LPort=4500 or ? ///"Name" : rule.Name : Text : Name=My rule name ///"Profile" : rule.Profiles : Domain,Private,Public : Profile=Domain ///"Protocol" : rule.Protocol : ProtocolType : Protocol=6 ///"RA4", "RA6" : rule.RemoteAddresses : IP(s) or Enum : RA4=10.10.10.10 or LocalSubnet or ? ///"RPort","RPort2_10" : rule.RemotePorts : Port(s) or Enum : RPort=4500 or ? ///"Svc" : rule.serviceName : Text : Svc=upnphost /// /// Additional notes on fields: /// /// All lists are comma-delimited /// If not present, booleans are FALSE and normally restrictive fields allow all /// "Action" : required. Will be "Allow" or "Block" /// "App" : optional. Will be a complete path to an executable. Will be a complete path to svchost.exe if using "Svc" field /// "Desc" : optional. Variable substitution needed for rules from registry. /// "Dir" : required. Will be "In" or "Out" /// "Edge" : optional. Will be "TRUE". Default is "FALSE" /// "Defer" : optional. See enum NET_FW_EDGE_TRAVERSAL_TYPE_ for values. Only appears if "Edge" is TRUE and only used for DEFER_TO_APP and DEFER_TO_USER /// "Active" : required. Will be "TRUE" or "FALSE" /// "EmbedCtxt" : optional. Variable substitution needed for rules from registry. /// "ICMP4" : optional. If Protocol is "Icmp", then list of allowed ICMP (v4) types and codes /// "ICMP6" : optional. If Protocol is "IcmpV6", then list of allowed ICMP (v6) types and codes /// "LA4" : optional. IPv4 Addresses (single, range, or subnet). Not allowed if "ICMP6" is defined. /// "LA6" : optional. IPv6 Addresses (single, range, or subnet). Not allowed if "ICMP4" is defined. /// "LPort" : optional. Port or port range. /// TODO: complete field documentation /// </remarks> public INetFwRule2 parseRule(string rulestr, Dictionary <string, string> info) { INetFwRule2 rule = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule")); string[] ruleAttribs = rulestr.Split('|'); foreach (string ra in ruleAttribs) { var kv = ra.Split('='); switch (kv[0]) { case "": case "v2.10": //version ignore break; case "Action": kv[1] = kv[1].ToLower(); if (kv[1] == "allow") { rule.Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW; } else if (kv[1] == "block") { rule.Action = NET_FW_ACTION_.NET_FW_ACTION_BLOCK; } else if (kv[1] == "max") { rule.Action = NET_FW_ACTION_.NET_FW_ACTION_MAX; } else { throw new Exception("parseRule: Unknown action in rule: " + kv[1]); } break; case "Active": kv[1] = kv[1].ToLower(); if (kv[1] == "true") { rule.Enabled = true; } else { rule.Enabled = false; } break; case "App": rule.ApplicationName = kv[1]; break; case "Defer": kv[1] = kv[1].ToLower(); if (kv[1] == "app") { rule.EdgeTraversalOptions = (int)NET_FW_EDGE_TRAVERSAL_TYPE_.NET_FW_EDGE_TRAVERSAL_TYPE_DEFER_TO_APP; } else { throw new Exception("Uknown defer: {0}" + kv[1]); } break; case "Desc": if (info.ContainsKey(kv[1])) { rule.Description = info[kv[1]]; } else { rule.Description = kv[1]; } break; case "Dir": kv[1] = kv[1].ToLower(); if (kv[1] == "in") { rule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN; } else if (kv[1] == "out") { rule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_OUT; } else if (kv[1] == "max") { rule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_MAX; } else { throw new Exception("parseRule: Unknown direction in rule: " + kv[1]); } break; case "Edge": kv[1] = kv[1].ToLower(); if (kv[1] == "true") { rule.EdgeTraversal = true; } else { rule.EdgeTraversal = false; } break; case "EmbedCtxt": if (info.ContainsKey(kv[1])) { rule.Grouping = info[kv[1]]; } else { rule.Grouping = kv[1]; } break; case "ICMP4": case "ICMP6": if (rule.IcmpTypesAndCodes == "*") { rule.IcmpTypesAndCodes = kv[1]; } else { //Console.WriteLine(rule.IcmpTypesAndCodes + " " + kv[1]); rule.IcmpTypesAndCodes += "," + kv[1]; } break; case "LA4": case "LA6": if (rule.LocalAddresses == "*") { rule.LocalAddresses = kv[1]; } else if (!rule.LocalAddresses.Contains(kv[1])) { rule.LocalAddresses += "," + kv[1]; } break; case "LPort": if (rule.LocalPorts == "*") { //Console.WriteLine("init:" + kv[1]); rule.LocalPorts = kv[1]; } else { //Console.WriteLine("append: '" + rule.LocalPorts.ToString() + "'" + ":" + kv[1]); rule.LocalPorts = rule.LocalPorts.ToString() + "," + kv[1]; } break; case "LPort2_10": //todo:IPHTTPS maps to IPHTTPSIn AND IPTLSIn //warning: unknown if correct; no example yet rule.LocalPorts = kv[1]; break; case "Name": if (info.ContainsKey(kv[1])) { rule.Name = info[kv[1]]; } else { rule.Name = kv[1]; } break; case "Profile": if (rule.Profiles == (int)NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_ALL) { switch (kv[1]) { case "Domain": rule.Profiles = (int)NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_DOMAIN; break; case "Private": rule.Profiles = (int)NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_PRIVATE; break; case "Public": rule.Profiles = (int)NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_PUBLIC; break; } } else { switch (kv[1]) { case "Domain": rule.Profiles = rule.Profiles | (int)NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_DOMAIN; break; case "Private": rule.Profiles = rule.Profiles | (int)NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_PRIVATE; break; case "Public": rule.Profiles = rule.Profiles | (int)NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_PUBLIC; break; } } break; case "Protocol": rule.Protocol = Int32.Parse(kv[1]); break; case "RA4": case "RA6": if (rule.RemoteAddresses == "*") { rule.RemoteAddresses = kv[1]; } else if (!rule.RemoteAddresses.Contains(kv[1])) { rule.RemoteAddresses += "," + kv[1]; } //Console.WriteLine(rule.RemoteAddresses + " + " + kv[1]); //Console.WriteLine(rule.RemoteAddresses); break; case "RPort": if (rule.RemotePorts == "*") { //Console.WriteLine("init:" + kv[1]); rule.RemotePorts = kv[1]; } else { //Console.WriteLine("append: '" + rule.RemotePorts.ToString() + "'" + ":" + kv[1]); rule.RemotePorts += "," + kv[1]; } break; case "RPort2_10": //does IPHTTPS maps to IPHTTPSOut AND IPTLSOut ???? //warning: unknown if correct; no example yet rule.RemotePorts = kv[1]; break; case "Svc": rule.serviceName = kv[1]; break; default: throw new Exception("Uknown firewall rule type:" + kv[0]); } } if (((rule.Profiles & (int)NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_DOMAIN) == (int)NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_DOMAIN) && ((rule.Profiles & (int)NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_PRIVATE) == (int)NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_PRIVATE) && ((rule.Profiles & (int)NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_PUBLIC) == (int)NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_PUBLIC) ) { rule.Profiles = (int)NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_ALL; } return(rule); }