2008-05-21 07:20作者:肖波出处:天极网责任编辑:nancy
最近项目中需要通过程序自动设置windows 防火墙,查了一下资料,可以通过命令行netsh firewall来实现。封装了一个类来实现对运行放开的程序(Allowed program)进行管理。管理其他内容比如放开端口等方法是类似的。
程序中用到一个公共类 RunProcess,这个类可从另一篇文章 《一个C#写的调用外部进程类》 获得
| namespace WinFirewall { public enum TScope { ALL, SUBNET, CUSTOM, } public enum TMode { ENABLE, DISABLE, } /**//// /// Manage the allowed program with the Windows Firewall. /// public class AllowedProgram { Set AllowedProgram Help#region Set AllowedProgram Help /**//* set allowedprogram [ program = ] path [ [ name = ] name [ mode = ] ENABLE|DISABLE [ scope = ] ALL|SUBNET|CUSTOM [ addresses = ] addresses [ profile = ] CURRENT|DOMAIN|STANDARD|ALL ] Sets firewall allowed program configuration. Parameters: program - Program path and file name. name - Program name (optional). mode - Program mode (optional). ENABLE - Allow through firewall (default). DISABLE - Do not allow through firewall. scope - Program scope (optional). ALL - Allow all traffic through firewall (default). SUBNET - Allow only local network (subnet) traffic through firewall. CUSTOM - Allow only specified traffic through firewall. addresses - Custom scope addresses (optional). profile - Configuration profile (optional). CURRENT - Current profile (default). DOMAIN - Domain profile. STANDARD - Standard profile. ALL - All profiles. Remarks: 'scope' must be 'CUSTOM' to specify 'addresses'. Examples: set allowedprogram C:\MyApp\MyApp.exe MyApp ENABLE set allowedprogram C:\MyApp\MyApp.exe MyApp DISABLE set allowedprogram C:\MyApp\MyApp.exe MyApp ENABLE CUSTOM 157.60.0.1,172.16.0.0/16,10.0.0.0/255.0.0.0,LocalSubnet set allowedprogram program = C:\MyApp\MyApp.exe name = MyApp mode = ENABLE set allowedprogram program = C:\MyApp\MyApp.exe name = MyApp mode = DISABLE set allowedprogram program = C:\MyApp\MyApp.exe name = MyApp mode = ENABLE scope = CUSTOM addresses = 157.60.0.1,172.16.0.0/16,10.0.0.0/255.0.0.0,LocalSubnet */ #endregion private field#region private field private String m_Program; private String m_Name; private TScope m_Scope = TScope.ALL; private TMode m_Mode = TMode.ENABLE; private String m_Address; #endregion public property#region public property /**//// /// Program path and file name. /// public String Program { get { return m_Program; } set { m_Program = value; } } /**//// /// Program name (optional). /// public String Name { get { return m_Name; } set { m_Name = value; } } /**//// /// Program scope (optional). /// ALL - Allow all traffic through firewall (default). /// SUBNET - Allow only local network (subnet) traffic through firewall. /// CUSTOM - Allow only specified traffic through firewall. /// public TScope Scope { get { return m_Scope; } set { m_Scope = value; } } /**//// /// Program mode (optional). /// ENABLE - Allow through firewall (default). /// DISABLE - Do not allow through firewall /// public TMode Mode { get { return m_Mode; } set { m_Mode = value; } } /**//// /// Custom scope addresses (optional). /// /// /// 157.60.0.1,172.16.0.0/16,10.0.0.0/255.0.0.0 /// public String Address { get { return m_Address; } set { m_Address = value; } } #endregion public method#region public method /**//// /// Set allowed program /// public void Set() { Debug.Assert(Program != null); if (Name == null) { Name = System.IO.Path.GetFileNameWithoutExtension(Program); } if (Scope == TScope.CUSTOM) { Debug.Assert(Address != null); } RunProcess runCmd = new RunProcess(); String command; command = String.Format("firewall set allowedprogram {0} {1} {2} {3}", Program, Name, Mode.ToString(), Scope.ToString()); if (Scope == TScope.CUSTOM) { command += " " + Address; } runCmd.Run("netsh", command); if (runCmd.Error != null && runCmd.Error != "") { throw new Exception(runCmd.Error); } if (!runCmd.Output.ToLower().Contains("ok.")) { throw new Exception(runCmd.Output); } } /**//// /// Delete allowed program /// public void Delete() { Debug.Assert(Program != null); RunProcess runCmd = new RunProcess(); String command = String.Format("firewall delete allowedprogram {0}", Program); runCmd.Run("netsh", command); if (runCmd.Error != null && runCmd.Error != "") { throw new Exception(runCmd.Error); } if (!runCmd.Output.ToLower().Contains("ok.")) { throw new Exception(runCmd.Output); } } #endregion } } 调用的相关例程 private void buttonSetAllowProgram_Click(object sender, EventArgs e) { try { AllowedProgram allowedProgram = new AllowedProgram(); allowedProgram.Program = textBoxProgramFilePath.Text.Trim(); if (checkBoxEnable.Checked) { allowedProgram.Mode = TMode.ENABLE; } else { allowedProgram.Mode = TMode.DISABLE; } allowedProgram.Scope = (TScope)comboBoxScope.SelectedItem; allowedProgram.Address = textBoxAddress.Text.Trim(); allowedProgram.Set(); MessageBox.Show("OK", "Information", MessageBoxButtons.OK); } catch (Exception e1) { MessageBox.Show(e1.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error); } } private void buttonDelAllowProgram_Click(object sender, EventArgs e) { try { AllowedProgram allowedProgram = new AllowedProgram(); allowedProgram.Program = textBoxProgramFilePath.Text.Trim(); allowedProgram.Delete(); MessageBox.Show("OK", "Information", MessageBoxButtons.OK); } catch (Exception e1) { MessageBox.Show(e1.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error); } } |
