以编程方式将 IP 添加到 Server 2008 防火墙规则

Posted

技术标签:

【中文标题】以编程方式将 IP 添加到 Server 2008 防火墙规则【英文标题】:Programmatically add IP to Server 2008 firewall rule 【发布时间】:2010-12-07 23:55:45 【问题描述】:

有人知道如何以编程方式将 IP 地址添加到具有高级安全规则的 Server 2008 Windows 防火墙吗?

即我已经设置了一个阻止操作防火墙规则,该规则在范围的“远程 IP 地址”部分下列出了一些 IP 地址。我希望能够以编程方式从此列表中添加(或删除)IP 地址。是否有可用的 .NET 对象来执行此操作?

【问题讨论】:

【参考方案1】:

可在以下位置找到具有高级安全性的 Windows 防火墙起始页:

http://msdn.microsoft.com/en-us/library/ff956124(v=VS.85).aspx

具体来说,您似乎需要 INetFwRule 接口,如下所述:

http://msdn.microsoft.com/en-us/library/aa365344(v=VS.85).aspx

检查 get_RemoteAddresses 和 put_RemoteAddresses

【讨论】:

【参考方案2】:

您也可以尝试netsh 环境。 我曾经用它来更改我的界面的 MTU

【讨论】:

【参考方案3】:

我刚刚在 vb.NET 中完成了这项工作。 添加对“c:\windows\system32\firewallapi.dll”的引用

创建一个名为 Firewall 的类 - 像这样:

Imports NetFwTypeLib
Imports System.Net

Public Class Firewall
    Implements IDisposable
    Private _policy As INetFwPolicy2 = Nothing

    Private ReadOnly Property Policy As INetFwPolicy2
        Get
            If _policy Is Nothing Then
                _policy = DirectCast(Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2")), INetFwPolicy2)
            End If
            Return _policy
        End Get
    End Property

    Public Sub Add(ipAddress As IPAddress, ruleName As String)
        Dim firewallRule As NetFwTypeLib.INetFwRule = Policy.Rules.Item(ruleName)
        Dim NewAddress As String = ipAddress.ToString & "/255.255.255.255"
        If Not firewallRule.RemoteAddresses.Contains(NewAddress) Then
            firewallRule.RemoteAddresses += "," & NewAddress
        End If
    End Sub

    Public Sub Remove(ipAddress As IPAddress, ruleName As String)
        Dim firewallRule As NetFwTypeLib.INetFwRule = Policy.Rules.Item(ruleName)
        Dim NewAddress As String = ipAddress.ToString & "/255.255.255.255"
        If firewallRule.RemoteAddresses.Contains(NewAddress) Then
            Dim ipList As String = firewallRule.RemoteAddresses
            ipList = ipList.Replace(NewAddress, "")
            ipList = ipList.Replace(",,", ",")
            firewallRule.RemoteAddresses = ipList
        End If
    End Sub

    Public Function Exists(ipAddress As IPAddress, ruleName As String) As Boolean
        Dim firewallRule As NetFwTypeLib.INetFwRule = Policy.Rules.Item(ruleName)
        Dim NewAddress As String = ipAddress.ToString & "/255.255.255.255"
        If firewallRule.RemoteAddresses.Contains(NewAddress) Then
            Return True
        Else
            Return False
        End If
    End Function

    Private disposedValue As Boolean
    Protected Overridable Sub Dispose(disposing As Boolean)
        If Not Me.disposedValue Then
            If disposing Then
            End If
            If Not _policy Is Nothing Then
                _policy = Nothing
            End If
        End If
        Me.disposedValue = True
    End Sub

    Public Sub Dispose() Implements IDisposable.Dispose
        Dispose(True)
        GC.SuppressFinalize(Me)
    End Sub
End Class

【讨论】:

【参考方案4】:

我认为您正在寻找的信息可以在这里找到:

http://blogs.msdn.com/b/securitytools/archive/2009/08/21/automating-windows-firewall-settings-with-c.aspx

【讨论】:

存档链接:web.archive.org/web/20100612155926/http://blogs.msdn.com/b/…

以上是关于以编程方式将 IP 添加到 Server 2008 防火墙规则的主要内容,如果未能解决你的问题,请参考以下文章

以编程方式将表添加到 Microsoft SQL Server Compact 3.5 数据库

以编程方式将按钮添加到导航栏

以编程方式将 10 个用户登录到远程桌面会话

以编程方式将按钮添加到 UINavigationController

在 Swift 中以编程方式将视图添加到 stackview

在sql server中以编程方式将内置帐户更改为本地系统