OpenFirewall
1、写一份json文件:将要添加防火墙例外的应用程序和端口写入到json文件中
2、打开防火墙,读取json文件添加例外
/// <summary> /// Firewall.xaml 的交互逻辑 /// </summary> public partial class Firewall : Window { private string udpPort = ""; private string tcpPort = ""; public Firewall() { //this.Hide(); InitializeComponent(); string filePath = System.IO.Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "FirewallPort.json"); if (File.Exists(filePath)) { //打开防火墙 try { string setStr = System.IO.File.ReadAllText(filePath);//获取json 内容 JObject joset = (JObject)JsonConvert.DeserializeObject(setStr); if (!string.IsNullOrEmpty(joset["Udp"].ToString()) && !string.IsNullOrEmpty(joset["Tcp"].ToString()) && !string.IsNullOrEmpty(joset["ProcessName"].ToString())) { udpPort = joset["Udp"].ToString(); tcpPort = joset["Tcp"].ToString(); JArray proces = (JArray)joset["ProcessName"]; string vFWStatueStr = string.Empty; vFWStatueStr = INetFireWallManger.FWIsOpen; if (vFWStatueStr == "error") { RegistryKey rsg = null; try { rsg = Registry.LocalMachine.OpenSubKey("System\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\StandardProfile"); string vKeyValue = rsg.GetValue("EnableFirewall").ToString(); if (vKeyValue == "0")//0表示关闭 , 1表示打开 { vFWStatueStr = "False"; } else if (vKeyValue == "1") { vFWStatueStr = "True"; } INetFireWallManger.OpenFireWall(); AddFirewall(vFWStatueStr, tcpPort, udpPort, proces); } catch (Exception) { vFWStatueStr = "error"; } finally { rsg.Close(); } } else { AddFirewall(vFWStatueStr, tcpPort, udpPort, proces); } } } catch { } } } private void AddFirewall(string statusStr, string tcpPort, string udpPort, JArray process) { RegistryKey key; string ServicerName= "MpsSvc"; key = Registry.LocalMachine.OpenSubKey(@"SYSTEM\\CurrentControlSet\\Services\\MpsSvc", true); var StartIndex = key.GetValue("Start").ToString(); if (StartIndex == "4") { ProcessStartInfo objProInfo = new ProcessStartInfo(); objProInfo.FileName = "cmd.exe"; objProInfo.CreateNoWindow = false; objProInfo.WindowStyle = ProcessWindowStyle.Hidden; objProInfo.Arguments = "/c sc config " + ServicerName + " start= " + "auto"; Process.Start(objProInfo); //挂起线程1s后启动服务 System.Threading.Thread.Sleep(1000); } ServiceController serviceController1 = new ServiceController(); serviceController1.ServiceName = "MpsSvc"; serviceController1.MachineName = "."; if (serviceController1.Status != ServiceControllerStatus.Running) { serviceController1.Start(); } if (statusStr.ToLower() == "false") { INetFireWallManger.OpenFireWall(); } string[] udpMess = udpPort.Split(','); for (int u = 0; u < udpMess.Length; u++) { INetFireWallManger.NetFwAddPorts("Udp", Convert.ToInt32(udpMess[u]), "UDP"); } string[] tdpMess = tcpPort.Split(','); for (int t = 0; t < tdpMess.Length; t++) { INetFireWallManger.NetFwAddPorts("Tcp", Convert.ToInt32(tdpMess[t]), "TCP"); } for (int i = 0; i < process.Count; i++) { System.Diagnostics.Process[] tProcess = System.Diagnostics.Process.GetProcessesByName(process[i]["process_name"].ToString()); if (tProcess.Count() != 0) { INetFireWallManger.NetFwAddApps(process[i]["process_name"].ToString(), tProcess[0].MainModule.FileName.ToString()); } } } }
3、具体的一下实现方法
public static void OpenFireWall() { string cmdStr = "netsh advfirewall set currentprofile state on"; //打开防火墙 List<string> upCmd = new List<string>(); upCmd.Add(("cd " + System.AppDomain.CurrentDomain.BaseDirectory)); upCmd.Add(cmdStr); INetFireWallManger.Execute(upCmd); } /// <summary> /// 添加防火墙例外端口 /// </summary> /// <param name="name">名称</param> /// <param name="port">端口</param> /// <param name="protocol">协议(TCP、UDP)</param> public static void NetFwAddPorts(string name, int port, string protocol) { //创建firewall管理类的实例 INetFwMgr netFwMgr = (INetFwMgr)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwMgr")); INetFwOpenPort objPort = (INetFwOpenPort)Activator.CreateInstance( Type.GetTypeFromProgID("HNetCfg.FwOpenPort")); objPort.Name = name; objPort.Port = port; if (protocol.ToUpper() == "TCP") { objPort.Protocol = NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_TCP; } else { objPort.Protocol = NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_UDP; } objPort.Scope = NET_FW_SCOPE_.NET_FW_SCOPE_ALL; objPort.Enabled = true; bool exist = false; //加入到防火墙的管理策略 foreach (INetFwOpenPort mPort in netFwMgr.LocalPolicy.CurrentProfile.GloballyOpenPorts) { if (objPort == mPort) { exist = true; break; } } if (!exist) netFwMgr.LocalPolicy.CurrentProfile.GloballyOpenPorts.Add(objPort); } /// <summary> /// 防火墙是否打开 /// </summary> static public string FWIsOpen { get { try { Type NetFwMgrType = Type.GetTypeFromProgID("HNetCfg.FwMgr", false); INetFwMgr mgr = (INetFwMgr)Activator.CreateInstance(NetFwMgrType); return mgr.LocalPolicy.CurrentProfile.FirewallEnabled.ToString(); } catch (Exception) { return "error"; } } } /// <summary> /// 将应用程序添加到防火墙例外 /// </summary> /// <param name="name">应用程序名称</param> /// <param name="executablePath">应用程序可执行文件全路径</param> public static void NetFwAddApps(string name, string executablePath) { //创建firewall管理类的实例 INetFwMgr netFwMgr = (INetFwMgr)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwMgr")); INetFwAuthorizedApplication app = (INetFwAuthorizedApplication)Activator.CreateInstance( Type.GetTypeFromProgID("HNetCfg.FwAuthorizedApplication")); //在例外列表里,程序显示的名称 app.Name = name; //程序的路径及文件名 app.ProcessImageFileName = executablePath; //是否启用该规则 app.Enabled = true; //加入到防火墙的管理策略 netFwMgr.LocalPolicy.CurrentProfile.AuthorizedApplications.Add(app); }
欢迎评论,提出意见和建议,谢谢!