在 C# 中为 Windows 7 和 Xp Sp3 控制 Windows 防火墙
Posted
技术标签:
【中文标题】在 C# 中为 Windows 7 和 Xp Sp3 控制 Windows 防火墙【英文标题】:Controlling Windows Firewall in C# for Windows 7 and Xp Sp3 【发布时间】:2012-04-04 16:54:43 【问题描述】:我这里有一个在 Windows 7 中完美运行的代码,我从 this 帖子中获得了帮助......
在 Win Xp Sp3 PC 上编译相同的代码时会出现问题。它没有出现......说接口丢失(错误)......
我似乎无法弄清楚。我再次添加了对 windows xp 的 hnetcfg.dll(COM APi 参考)的引用(在 windows 7 中,我必须添加其他 dll“FirewallAPi.dll”)到项目
using NATUPNPLib;
using NETCONLib;
using NetFwTypeLib;
但是接口和其他类仍然对 VS 不可见
请原谅发布整个代码
类
防火墙管理器
using System;
using System.Collections;
using System.IO;
using System.Linq;
using System.Reflection;
using System.Runtime.InteropServices;
using NATUPNPLib;
using NETCONLib;
using NetFwTypeLib;
namespace WindowsFirewallManager
/// Allows basic access to the windows firewall API.
/// This can be used to add an exception to the windows firewall
/// exceptions list
public class FirewallHelper
#region Variables
/// Hooray! Singleton access.
private static FirewallHelper instance;
/// Interface to the firewall manager COM object
private INetFwMgr fireWallManager = null;
#endregion
#region Properties
/// Singleton access to the firewallhelper object.
/// Threadsafe.
public static FirewallHelper Instance
get
lock (typeof (FirewallHelper))
return instance ?? (instance = new FirewallHelper());
#endregion
#region Constructivat0r
/// Private Constructor.
/// If this fails, HasFirewall will return false
private FirewallHelper()
// Get the type of HNetCfg.FwMgr, or null if an error occurred
Type fwMgrType = Type.GetTypeFromProgID("HNetCfg.FwMgr", false);
// Assume failed.
fireWallManager = null;
if (fwMgrType != null)
try
fireWallManager =
(INetFwMgr) Activator.CreateInstance(fwMgrType);
// In all other circumnstances, fireWallManager is null.
catch (ArgumentException)
catch (NotSupportedException)
catch (TargetInvocationException)
catch (MissingMethodException)
catch (MethodAccessException)
catch (MemberAccessException)
catch (InvalidComObjectException)
catch (COMException)
catch (TypeLoadException)
#endregion
#region Helper Methods
/// Gets whether or not the firewall is installed on this computer.
public bool IsFirewallInstalled
get
return fireWallManager != null &&
fireWallManager.LocalPolicy != null &&
fireWallManager.LocalPolicy.CurrentProfile != null;
/// Returns whether or not the firewall is enabled.
/// If the firewall is not installed, this returns false.
public bool IsFirewallEnabled
get
return IsFirewallInstalled &&
fireWallManager.LocalPolicy.CurrentProfile.
FirewallEnabled;
/// Returns whether or not the firewall allows Application "Exceptions".
/// If the firewall is not installed, this returns false.
///
///
/// Added to allow access to this method
public bool AppAuthorizationsAllowed
get
return IsFirewallInstalled &&
!fireWallManager.LocalPolicy.CurrentProfile.
ExceptionsNotAllowed;
/// Adds an application to the list of authorized applications.
/// If the application is already authorized, does nothing.
///
///
/// The full path to the application executable. This cannot
/// be blank, and cannot be a relative path.
///
///
/// This is the name of the application, purely for display
/// puposes in the Microsoft Security Center.
///
///
/// When applicationFullPath is null OR
/// When appName is null.
///
///
/// When applicationFullPath is blank OR
/// When appName is blank OR
/// applicationFullPath contains invalid path characters OR
/// applicationFullPath is not an absolute path
///
///
/// If the firewall is not installed OR
/// If the firewall does not allow specific application 'exceptions' OR
/// Due to an exception in COM this method could not create the
/// necessary COM types
///
///
/// If no file exists at the given applicationFullPath
public void GrantAuthorization(string applicationFullPath,
string appName,
NET_FW_SCOPE_ scope,
NET_FW_IP_VERSION_ ipVersion)
#region Parameter checking
if (applicationFullPath == null)
throw new ArgumentNullException("applicationFullPath");
if (appName == null)
throw new ArgumentNullException("appName");
if (applicationFullPath.Trim().Length == 0)
throw new ArgumentException(
"applicationFullPath must not be blank");
if (applicationFullPath.Trim().Length == 0)
throw new ArgumentException("appName must not be blank");
if (applicationFullPath.IndexOfAny(Path.InvalidPathChars) >= 0)
throw new ArgumentException(
"applicationFullPath must not contain invalid path characters");
if (!Path.IsPathRooted(applicationFullPath))
throw new ArgumentException(
"applicationFullPath is not an absolute path");
if (!File.Exists(applicationFullPath))
throw new FileNotFoundException("File does not exist",
applicationFullPath);
// State checking
if (!IsFirewallInstalled)
throw new FirewallHelperException(
"Cannot grant authorization: Firewall is not installed.");
if (!AppAuthorizationsAllowed)
throw new FirewallHelperException(
"Application exemptions are not allowed.");
#endregion
if (!HasAuthorization(applicationFullPath))
// Get the type of HNetCfg.FwMgr, or null if an error occurred
Type authAppType =
Type.GetTypeFromProgID("HNetCfg.FwAuthorizedApplication",
false);
// Assume failed.
INetFwAuthorizedApplication appInfo = null;
if (authAppType != null)
try
appInfo =
(INetFwAuthorizedApplication)
Activator.CreateInstance(authAppType);
// In all other circumnstances, appInfo is null.
catch (ArgumentException)
catch (NotSupportedException)
catch (TargetInvocationException)
catch (MissingMethodException)
catch (MethodAccessException)
catch (MemberAccessException)
catch (InvalidComObjectException)
catch (COMException)
catch (TypeLoadException)
if (appInfo == null)
throw new FirewallHelperException(
"Could not grant authorization: can't create INetFwAuthorizedApplication instance.");
appInfo.Name = appName;
appInfo.ProcessImageFileName = applicationFullPath;
appInfo.Scope = scope;
appInfo.IpVersion = ipVersion;
appInfo.Enabled = true;
// ...
// Use defaults for other properties of the AuthorizedApplication COM object
// Authorize this application
fireWallManager.LocalPolicy.CurrentProfile.
AuthorizedApplications.Add(appInfo);
// otherwise it already has authorization so do nothing
/// Removes an application to the list of authorized applications.
/// Note that the specified application must exist or a FileNotFound
/// exception will be thrown.
/// If the specified application exists but does not current have
/// authorization, this method will do nothing.
///
///
/// The full path to the application executable. This cannot
/// be blank, and cannot be a relative path.
///
///
/// When applicationFullPath is null
///
///
/// When applicationFullPath is blank OR
/// applicationFullPath contains invalid path characters OR
/// applicationFullPath is not an absolute path
///
///
/// If the firewall is not installed.
///
///
/// If the specified application does not exist.
public void RemoveAuthorization(string applicationFullPath)
#region Parameter checking
if (applicationFullPath == null)
throw new ArgumentNullException("applicationFullPath");
if (applicationFullPath.Trim().Length == 0)
throw new ArgumentException(
"applicationFullPath must not be blank");
if (applicationFullPath.IndexOfAny(Path.InvalidPathChars) >= 0)
throw new ArgumentException(
"applicationFullPath must not contain invalid path characters");
if (!Path.IsPathRooted(applicationFullPath))
throw new ArgumentException(
"applicationFullPath is not an absolute path");
if (!File.Exists(applicationFullPath))
throw new FileNotFoundException("File does not exist",
applicationFullPath);
// State checking
if (!IsFirewallInstalled)
throw new FirewallHelperException(
"Cannot remove authorization: Firewall is not installed.");
#endregion
if (HasAuthorization(applicationFullPath))
// Remove Authorization for this application
fireWallManager.LocalPolicy.CurrentProfile.
AuthorizedApplications.Remove(applicationFullPath);
// otherwise it does not have authorization so do nothing
/// Returns whether an application is in the list of authorized applications.
/// Note if the file does not exist, this throws a FileNotFound exception.
///
///
/// The full path to the application executable. This cannot
/// be blank, and cannot be a relative path.
///
///
/// The full path to the application executable. This cannot
/// be blank, and cannot be a relative path.
///
///
/// When applicationFullPath is null
///
///
/// When applicationFullPath is blank OR
/// applicationFullPath contains invalid path characters OR
/// applicationFullPath is not an absolute path
///
///
/// If the firewall is not installed.
///
///
/// If the specified application does not exist.
public bool HasAuthorization(string applicationFullPath)
#region Parameter checking
if (applicationFullPath == null)
throw new ArgumentNullException("applicationFullPath");
if (applicationFullPath.Trim().Length == 0)
throw new ArgumentException(
"applicationFullPath must not be blank");
if (applicationFullPath.IndexOfAny(Path.InvalidPathChars) >= 0)
throw new ArgumentException(
"applicationFullPath must not contain invalid path characters");
if (!Path.IsPathRooted(applicationFullPath))
throw new ArgumentException(
"applicationFullPath is not an absolute path");
if (!File.Exists(applicationFullPath))
throw new FileNotFoundException("File does not exist.",
applicationFullPath);
// State checking
if (!IsFirewallInstalled)
throw new FirewallHelperException(
"Cannot remove authorization: Firewall is not installed.");
#endregion
// Locate Authorization for this application
return
GetAuthorizedAppPaths().Cast<string>().Any(
appName =>
appName.ToLower() == applicationFullPath.ToLower());
// Failed to locate the given app.
/// Retrieves a collection of paths to applications that are authorized.
///
///
///
/// If the Firewall is not installed.
public ICollection GetAuthorizedAppPaths()
// State checking
if (!IsFirewallInstalled)
throw new FirewallHelperException(
"Cannot remove authorization: Firewall is not installed.");
ArrayList list = new ArrayList();
// Collect the paths of all authorized applications
foreach (
INetFwAuthorizedApplication app in
fireWallManager.LocalPolicy.CurrentProfile.
AuthorizedApplications)
list.Add(app.ProcessImageFileName);
return list;
#endregion
异常
using System;
namespace WindowsFirewallManager
///
/// Describes a FirewallHelperException.
///
public class FirewallHelperException : Exception
///
/// Construct a new FirewallHelperException
///
///
public FirewallHelperException(string message)
: base(message)
如果可能,我如何使 FirewallManager 与两个操作系统版本或任何其他方式兼容
感谢您的帮助....
【问题讨论】:
【参考方案1】:INetFwMgrINetFwMgr 的 MSDN 文章的备注部分明确提到:
Windows Vista:Windows Vista 用户必须使用在 Windows Vista 中开发的应用程序才能获得该接口的所有方法和属性。
说 INetFwMgr 接口实现在 Vista 中被替换,这是一种有点蹩脚的说法。它有一个新的 IID,因此如果您在运行 Vista 或更高版本的机器上构建程序,那么您的程序将在 XP 上失败。您需要为 XP 用户创建一个特殊的程序版本。您需要使用嵌入在 c:\windows\system32\firewallapi.dll 的 XP 版本 中的类型库来执行此操作。通过在该 DLL 上运行 tlbimp.exe 来获取互操作库。拥有一台可以启动 XP 的机器或虚拟机当然是获取该 DLL 副本并测试您的构建的好方法。
【讨论】:
以上是关于在 C# 中为 Windows 7 和 Xp Sp3 控制 Windows 防火墙的主要内容,如果未能解决你的问题,请参考以下文章
在XP SP3上禁用由IE 7引起的Windows共享拖放确认
C# 应用程序在 Windows 7 中运行,但不在 Windows XP 中