C# 操作防火墙 个人类库

由最近软件需要控制windows 防火墙端口 

资料参考：

https://www.cnblogs.com/candyzhmm/p/8194600.html
https://docs.microsoft.com/zh-cn/previous-versions/visualstudio/visual-studio-2012/ff731708(v=vs.110)

 

点击此处下载类库：添加修改防火墙端口 （此类库没有进行大量测试，可能存在未知问题）

 

以下是控制防火墙“高级设置”核心代码：

  /// <summary>
        /// 为WindowsDefender防火墙添加一条通信端口规则
        /// </summary>
        /// <param name="direction">入站规则/出站规则</param>
        /// <param name="type">规则类型</param>
        /// <param name="action">设置规则是阻止还是允许</param>
        /// <param name="ruleName">规则名称</param>
        /// <param name="appPath">应用程序完整路径</param>
        /// <param name="profile">配置文件</param>
        /// <param name="localAddresses">本地地址</param>
        /// <param name="localPorts">本地端口</param>
        /// <param name="remoteAddresses">远端地址</param>
        /// <param name="remotePorts">远端端口</param>
        /// <param name="description">描述</param>
        /// <param name="grouping">组</param>
        /// <returns>添加成功 则:ture 如果规则名称存在返回:false </returns>
        public static bool FirewallRuleCreate(NET_FW_RULE_DIRECTION_ direction, NET_FW_IP_PROTOCOL_ type, NET_FW_ACTION_ action, string ruleName, string appPath, MyFirewallProfile profile = 0, string localAddresses = null, string localPorts = null, string remoteAddresses = null, string remotePorts = null, string description = null, string grouping = null)
        {
            //创建防火墙策略类的实例
            INetFwPolicy2 policy2 = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));

            //检查是否有同名规则
            foreach (INetFwRule item in policy2.Rules)
            {
                if (item.Name == ruleName)
                {
                    return false;
                }
            }

            //创建防火墙规则类的实例: 有关该接口的详细介绍：https://docs.microsoft.com/zh-cn/windows/win32/api/netfw/nn-netfw-inetfwrule
            INetFwRule rule = (INetFwRule)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwRule"));
            //为规则添加名称
            rule.Name = ruleName;
            //为规则添加描述
            rule.Description = description;
            //选择入站规则还是出站规则，IN为入站，OUT为出站
            rule.Direction = direction;
            //为规则添加协议类型
            rule.Protocol = (int)type;
            //为规则添加应用程序（注意这里是应用程序的绝对路径名）
            rule.ApplicationName = appPath;
            //为规则添加本地IP地址    
            if (!string.IsNullOrEmpty(localAddresses))
            {
                rule.LocalAddresses = localAddresses;
            }

            //为规则添加本地端口
            if (!string.IsNullOrEmpty(localPorts))
            {
                //需要移除空白字符（不能包含空白字符，下同）
                rule.LocalPorts = localPorts.Replace(" ", "");// "1-29999, 30003-33332, 33334-55554, 55556-60004, 60008-65535";
            }
            //为规则添加远程IP地址
            if (!string.IsNullOrEmpty(remoteAddresses))
            {
                rule.RemoteAddresses = remoteAddresses;
            }
            //为规则添加远程端口
            if (!string.IsNullOrEmpty(remotePorts))
            {
                rule.RemotePorts = remotePorts.Replace(" ", "");
            }
            //为规则设置配置文件范围
            if (MyFirewallProfile.Default != profile)
            {
                rule.Profiles = (int)profile; //2147483647 所有
            }
            //设置规则是阻止还是允许（ALLOW=允许，BLOCK=阻止）
            rule.Action = action;
            //分组 名
            rule.Grouping = grouping;
            rule.InterfaceTypes = "All";

            //是否启用规则
            rule.Enabled = true;
            try
            {
                //添加规则到防火墙策略
                policy2.Rules.Add(rule);
            }
            catch (Exception e)
            {
                string error = string.Format("防火墙添加规则出错：{0} {1}", ruleName, e.Message);
                throw new Exception(e.ToString());
            }
            return true;
        }

 

防火墙 配置文件 枚举

    public enum MyFirewallProfile
    {
        Default = 0,
        Domain = 1,
        Special = 2,
        DomainOrSpecial = 3,
        All = 2147483647
    }