以编程方式将 IP 添加到 Server 2008 防火墙规则
Posted
技术标签:
【中文标题】以编程方式将 IP 添加到 Server 2008 防火墙规则【英文标题】:Programmatically add IP to Server 2008 firewall rule 【发布时间】:2010-12-07 23:55:45 【问题描述】:有人知道如何以编程方式将 IP 地址添加到具有高级安全规则的 Server 2008 Windows 防火墙吗?
即我已经设置了一个阻止操作防火墙规则,该规则在范围的“远程 IP 地址”部分下列出了一些 IP 地址。我希望能够以编程方式从此列表中添加(或删除)IP 地址。是否有可用的 .NET 对象来执行此操作?
【问题讨论】:
【参考方案1】:可在以下位置找到具有高级安全性的 Windows 防火墙起始页:
http://msdn.microsoft.com/en-us/library/ff956124(v=VS.85).aspx
具体来说,您似乎需要 INetFwRule 接口,如下所述:
http://msdn.microsoft.com/en-us/library/aa365344(v=VS.85).aspx
检查 get_RemoteAddresses 和 put_RemoteAddresses
【讨论】:
【参考方案2】:您也可以尝试netsh 环境。 我曾经用它来更改我的界面的 MTU
【讨论】:
【参考方案3】:我刚刚在 vb.NET 中完成了这项工作。 添加对“c:\windows\system32\firewallapi.dll”的引用
创建一个名为 Firewall 的类 - 像这样:
Imports NetFwTypeLib
Imports System.Net
Public Class Firewall
Implements IDisposable
Private _policy As INetFwPolicy2 = Nothing
Private ReadOnly Property Policy As INetFwPolicy2
Get
If _policy Is Nothing Then
_policy = DirectCast(Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2")), INetFwPolicy2)
End If
Return _policy
End Get
End Property
Public Sub Add(ipAddress As IPAddress, ruleName As String)
Dim firewallRule As NetFwTypeLib.INetFwRule = Policy.Rules.Item(ruleName)
Dim NewAddress As String = ipAddress.ToString & "/255.255.255.255"
If Not firewallRule.RemoteAddresses.Contains(NewAddress) Then
firewallRule.RemoteAddresses += "," & NewAddress
End If
End Sub
Public Sub Remove(ipAddress As IPAddress, ruleName As String)
Dim firewallRule As NetFwTypeLib.INetFwRule = Policy.Rules.Item(ruleName)
Dim NewAddress As String = ipAddress.ToString & "/255.255.255.255"
If firewallRule.RemoteAddresses.Contains(NewAddress) Then
Dim ipList As String = firewallRule.RemoteAddresses
ipList = ipList.Replace(NewAddress, "")
ipList = ipList.Replace(",,", ",")
firewallRule.RemoteAddresses = ipList
End If
End Sub
Public Function Exists(ipAddress As IPAddress, ruleName As String) As Boolean
Dim firewallRule As NetFwTypeLib.INetFwRule = Policy.Rules.Item(ruleName)
Dim NewAddress As String = ipAddress.ToString & "/255.255.255.255"
If firewallRule.RemoteAddresses.Contains(NewAddress) Then
Return True
Else
Return False
End If
End Function
Private disposedValue As Boolean
Protected Overridable Sub Dispose(disposing As Boolean)
If Not Me.disposedValue Then
If disposing Then
End If
If Not _policy Is Nothing Then
_policy = Nothing
End If
End If
Me.disposedValue = True
End Sub
Public Sub Dispose() Implements IDisposable.Dispose
Dispose(True)
GC.SuppressFinalize(Me)
End Sub
End Class
【讨论】:
【参考方案4】:我认为您正在寻找的信息可以在这里找到:
http://blogs.msdn.com/b/securitytools/archive/2009/08/21/automating-windows-firewall-settings-with-c.aspx
【讨论】:
存档链接:web.archive.org/web/20100612155926/http://blogs.msdn.com/b/…以上是关于以编程方式将 IP 添加到 Server 2008 防火墙规则的主要内容,如果未能解决你的问题,请参考以下文章
以编程方式将表添加到 Microsoft SQL Server Compact 3.5 数据库
以编程方式将按钮添加到 UINavigationController