public static bool LoadRule(FirewallRule rule, INetFwRule2 entry) { try { INetFwRule3 entry3 = entry as INetFwRule3; rule.BinaryPath = entry.ApplicationName; rule.ServiceTag = entry.serviceName; if (entry3 != null) { rule.AppSID = entry3.LocalAppPackageId; } // Note: while LocalAppPackageId and serviceName can be set at the same timea universall App can not be started as a service ProgramID progID; if (entry.ApplicationName != null && entry.ApplicationName.Equals("System", StringComparison.OrdinalIgnoreCase)) { progID = ProgramID.NewID(ProgramID.Types.System); } // Win10 else if (entry3 != null && entry3.LocalAppPackageId != null) { if (entry.serviceName != null) { throw new ArgumentException("Firewall paremeter conflict"); } progID = ProgramID.NewAppID(entry3.LocalAppPackageId, entry.ApplicationName); } // else if (entry.serviceName != null) { progID = ProgramID.NewSvcID(entry.serviceName, entry.ApplicationName); } else if (entry.ApplicationName != null) { progID = ProgramID.NewProgID(entry.ApplicationName); } else // if nothing is configured than its a global roule { progID = ProgramID.NewID(ProgramID.Types.Global); } rule.ProgID = Priv10Engine.AdjustProgID(progID); // https://docs.microsoft.com/en-us/windows/desktop/api/netfw/nn-netfw-inetfwrule rule.Name = entry.Name; rule.Grouping = entry.Grouping; rule.Description = entry.Description; //rule.ProgramPath = entry.ApplicationName; //rule.ServiceName = entry.serviceName; rule.Enabled = entry.Enabled; switch (entry.Direction) { case NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN: rule.Direction = FirewallRule.Directions.Inbound; break; case NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_OUT: rule.Direction = FirewallRule.Directions.Outboun; break; } switch (entry.Action) { case NET_FW_ACTION_.NET_FW_ACTION_ALLOW: rule.Action = FirewallRule.Actions.Allow; break; case NET_FW_ACTION_.NET_FW_ACTION_BLOCK: rule.Action = FirewallRule.Actions.Block; break; } rule.Profile = entry.Profiles; if (entry.InterfaceTypes.Equals("All", StringComparison.OrdinalIgnoreCase)) { rule.Interface = (int)FirewallRule.Interfaces.All; } else { rule.Interface = 0; if (entry.InterfaceTypes.IndexOf("Lan", StringComparison.OrdinalIgnoreCase) != -1) { rule.Interface |= (int)FirewallRule.Interfaces.Lan; } if (entry.InterfaceTypes.IndexOf("Wireless", StringComparison.OrdinalIgnoreCase) != -1) { rule.Interface |= (int)FirewallRule.Interfaces.Wireless; } if (entry.InterfaceTypes.IndexOf("RemoteAccess", StringComparison.OrdinalIgnoreCase) != -1) { rule.Interface |= (int)FirewallRule.Interfaces.RemoteAccess; } } rule.Protocol = entry.Protocol; /*The localAddrs parameter consists of one or more comma-delimited tokens specifying the local addresses from which the application can listen for traffic. "*" is the default value. Valid tokens include: * * "*" indicates any local address. If present, this must be the only token included. * "Defaultgateway" * "DHCP" * "WINS" * "LocalSubnet" indicates any local address on the local subnet. This token is not case-sensitive. * A subnet can be specified using either the subnet mask or network prefix notation. If neither a subnet mask not a network prefix is specified, the subnet mask defaults to 255.255.255.255. * A valid IPv6 address. * An IPv4 address range in the format of "start address - end address" with no spaces included. * An IPv6 address range in the format of "start address - end address" with no spaces included.*/ switch (rule.Protocol) { case (int)FirewallRule.KnownProtocols.ICMP: case (int)FirewallRule.KnownProtocols.ICMPv6: rule.SetIcmpTypesAndCodes(entry.IcmpTypesAndCodes); break; case (int)FirewallRule.KnownProtocols.TCP: case (int)FirewallRule.KnownProtocols.UDP: // , separated number or range 123-456 rule.LocalPorts = entry.LocalPorts; rule.RemotePorts = entry.RemotePorts; break; } rule.LocalAddresses = entry.LocalAddresses; rule.RemoteAddresses = entry.RemoteAddresses; // https://docs.microsoft.com/de-de/windows/desktop/api/icftypes/ne-icftypes-net_fw_edge_traversal_type_ //EdgeTraversal = (int)(Entry.EdgeTraversal ? NET_FW_EDGE_TRAVERSAL_TYPE_.NET_FW_EDGE_TRAVERSAL_TYPE_ALLOW : NET_FW_EDGE_TRAVERSAL_TYPE_.NET_FW_EDGE_TRAVERSAL_TYPE_DENY); rule.EdgeTraversal = entry.EdgeTraversalOptions; if (entry3 != null) { /* * string s0 = entry3.LocalAppPackageId // 8 * string s1 = entry3.RemoteUserAuthorizedList; // 7 * string s2 = entry3.RemoteMachineAuthorizedList; // 7 * string s3 = entry3.LocalUserAuthorizedList; // 8 * string s4 = entry3.LocalUserOwner; // 8 * int i1 = entry3.SecureFlags; // ?? */ } } catch (Exception err) { Priv10Logger.LogError("Reading Firewall Rule failed {0}", err.ToString()); return(false); } return(true); }