由最近软件需要控制windows 防火墙端口
资料参考:
https://www.cnblogs.com/candyzhmm/p/8194600.html
https://docs.microsoft.com/zh-cn/previous-versions/visualstudio/visual-studio-2012/ff731708(v=vs.110)
点击此处下载类库:添加修改防火墙端口 (此类库没有进行大量测试,可能存在未知问题)
以下是控制防火墙“高级设置”核心代码:
/// <summary> /// 为WindowsDefender防火墙添加一条通信端口规则 /// </summary> /// <param name="direction">入站规则/出站规则</param> /// <param name="type">规则类型</param> /// <param name="action">设置规则是阻止还是允许</param> /// <param name="ruleName">规则名称</param> /// <param name="appPath">应用程序完整路径</param> /// <param name="profile">配置文件</param> /// <param name="localAddresses">本地地址</param> /// <param name="localPorts">本地端口</param> /// <param name="remoteAddresses">远端地址</param> /// <param name="remotePorts">远端端口</param> /// <param name="description">描述</param> /// <param name="grouping">组</param> /// <returns>添加成功 则:ture 如果规则名称存在返回:false </returns> public static bool FirewallRuleCreate(NET_FW_RULE_DIRECTION_ direction, NET_FW_IP_PROTOCOL_ type, NET_FW_ACTION_ action, string ruleName, string appPath, MyFirewallProfile profile = 0, string localAddresses = null, string localPorts = null, string remoteAddresses = null, string remotePorts = null, string description = null, string grouping = null) { //创建防火墙策略类的实例 INetFwPolicy2 policy2 = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2")); //检查是否有同名规则 foreach (INetFwRule item in policy2.Rules) { if (item.Name == ruleName) { return false; } } //创建防火墙规则类的实例: 有关该接口的详细介绍:https://docs.microsoft.com/zh-cn/windows/win32/api/netfw/nn-netfw-inetfwrule INetFwRule rule = (INetFwRule)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwRule")); //为规则添加名称 rule.Name = ruleName; //为规则添加描述 rule.Description = description; //选择入站规则还是出站规则,IN为入站,OUT为出站 rule.Direction = direction; //为规则添加协议类型 rule.Protocol = (int)type; //为规则添加应用程序(注意这里是应用程序的绝对路径名) rule.ApplicationName = appPath; //为规则添加本地IP地址 if (!string.IsNullOrEmpty(localAddresses)) { rule.LocalAddresses = localAddresses; } //为规则添加本地端口 if (!string.IsNullOrEmpty(localPorts)) { //需要移除空白字符(不能包含空白字符,下同) rule.LocalPorts = localPorts.Replace(" ", "");// "1-29999, 30003-33332, 33334-55554, 55556-60004, 60008-65535"; } //为规则添加远程IP地址 if (!string.IsNullOrEmpty(remoteAddresses)) { rule.RemoteAddresses = remoteAddresses; } //为规则添加远程端口 if (!string.IsNullOrEmpty(remotePorts)) { rule.RemotePorts = remotePorts.Replace(" ", ""); } //为规则设置配置文件范围 if (MyFirewallProfile.Default != profile) { rule.Profiles = (int)profile; //2147483647 所有 } //设置规则是阻止还是允许(ALLOW=允许,BLOCK=阻止) rule.Action = action; //分组 名 rule.Grouping = grouping; rule.InterfaceTypes = "All"; //是否启用规则 rule.Enabled = true; try { //添加规则到防火墙策略 policy2.Rules.Add(rule); } catch (Exception e) { string error = string.Format("防火墙添加规则出错:{0} {1}", ruleName, e.Message); throw new Exception(e.ToString()); } return true; }
防火墙 配置文件 枚举
public enum MyFirewallProfile
{
Default = 0,
Domain = 1,
Special = 2,
DomainOrSpecial = 3,
All = 2147483647
}