Anybody know how to programmatically add an IP address to a Server 2008 Windows Firewall with Advanced Security rule?
i.e. I've setup a Block Action firewall rule which has some IP addresses listed under the "Remote IP address" section of the Scope. I want to be able to programmatically add (or perhaps remove) IP addresses from this list. Are there .NET objects available to do this?
The Windows Firewall with Advanced Security Start Page can be found at:
http://msdn.microsoft.com/en-us/library/ff956124(v=VS.85).aspx
Specifically, it seems you need the INetFwRule Interface which is described at:
http://msdn.microsoft.com/en-us/library/aa365344(v=VS.85).aspx
Check the get_RemoteAddresses and put_RemoteAddresses
You can also try the netsh environment.
I used it once for changing the MTU of my interface
I just made this work in vb.NET. Add a refrence to "c:\windows\system32\firewallapi.dll"
Make a class called Firewall - like so:
Imports NetFwTypeLib
Imports System.Net
Public Class Firewall
Implements IDisposable
Private _policy As INetFwPolicy2 = Nothing
Private ReadOnly Property Policy As INetFwPolicy2
Get
If _policy Is Nothing Then
_policy = DirectCast(Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2")), INetFwPolicy2)
End If
Return _policy
End Get
End Property
Public Sub Add(ipAddress As IPAddress, ruleName As String)
Dim firewallRule As NetFwTypeLib.INetFwRule = Policy.Rules.Item(ruleName)
Dim NewAddress As String = ipAddress.ToString & "/255.255.255.255"
If Not firewallRule.RemoteAddresses.Contains(NewAddress) Then
firewallRule.RemoteAddresses += "," & NewAddress
End If
End Sub
Public Sub Remove(ipAddress As IPAddress, ruleName As String)
Dim firewallRule As NetFwTypeLib.INetFwRule = Policy.Rules.Item(ruleName)
Dim NewAddress As String = ipAddress.ToString & "/255.255.255.255"
If firewallRule.RemoteAddresses.Contains(NewAddress) Then
Dim ipList As String = firewallRule.RemoteAddresses
ipList = ipList.Replace(NewAddress, "")
ipList = ipList.Replace(",,", ",")
firewallRule.RemoteAddresses = ipList
End If
End Sub
Public Function Exists(ipAddress As IPAddress, ruleName As String) As Boolean
Dim firewallRule As NetFwTypeLib.INetFwRule = Policy.Rules.Item(ruleName)
Dim NewAddress As String = ipAddress.ToString & "/255.255.255.255"
If firewallRule.RemoteAddresses.Contains(NewAddress) Then
Return True
Else
Return False
End If
End Function
Private disposedValue As Boolean
Protected Overridable Sub Dispose(disposing As Boolean)
If Not Me.disposedValue Then
If disposing Then
End If
If Not _policy Is Nothing Then
_policy = Nothing
End If
End If
Me.disposedValue = True
End Sub
Public Sub Dispose() Implements IDisposable.Dispose
Dispose(True)
GC.SuppressFinalize(Me)
End Sub
End Class
I think that the information you're looking for is available here:
Adding to @NoOne's Answer in case someone wants to deal with ipv6 addresses too this worked for me
Imports NetFwTypeLib
Imports System.Net
Public Class Firewall
Implements IDisposable
Private _policy As INetFwPolicy2 = Nothing
Private ReadOnly Property Policy As INetFwPolicy2
Get
If _policy Is Nothing Then
_policy = DirectCast(Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2")), INetFwPolicy2)
End If
Return _policy
End Get
End Property
Public Sub Add(ipAddress As IPAddress, ruleName As String)
Dim firewallRule As NetFwTypeLib.INetFwRule = Policy.Rules.Item(ruleName)
Dim NewAddress As String
If IpClass(ipAddress).Equals("ipv4") Then
NewAddress = ipAddress.ToString & "/255.255.255.255"
Else
NewAddress = ipAddress.ToString & "/128"
End If
If Not firewallRule.RemoteAddresses.Contains(NewAddress) Then
firewallRule.RemoteAddresses += "," & NewAddress
End If
End Sub
Public Sub Remove(ipAddress As IPAddress, ruleName As String)
Dim firewallRule As NetFwTypeLib.INetFwRule = Policy.Rules.Item(ruleName)
Dim NewAddress As String
If IpClass(ipAddress).Equals("ipv4") Then
NewAddress = ipAddress.ToString & "/255.255.255.255"
Else
NewAddress = ipAddress.ToString & "/128"
End If
If firewallRule.RemoteAddresses.Contains(NewAddress) Then
Dim ipList As String = firewallRule.RemoteAddresses
ipList = ipList.Replace(NewAddress, "")
ipList = ipList.Replace(",,", ",")
firewallRule.RemoteAddresses = ipList
End If
End Sub
Public Function Exists(ipAddress As IPAddress, ruleName As String) As Boolean
Dim firewallRule As NetFwTypeLib.INetFwRule = Policy.Rules.Item(ruleName)
Dim NewAddress4 As String = ipAddress.ToString & "/255.255.255.255"
Dim NewAddress6 As String = ipAddress.ToString & "/128"
If firewallRule.RemoteAddresses.Contains(NewAddress4) Or firewallRule.RemoteAddresses.Contains(NewAddress6) Then
Return True
Else
Return False
End If
End Function
Public Function IpClass(ipAddress As String) As String
If ipAddress.Contains(".") Then
Return "ipv4"
Else
Return "ipv6"
End If
End Function
Private disposedValue As Boolean
Protected Overridable Sub Dispose(disposing As Boolean)
If Not Me.disposedValue Then
If disposing Then
End If
If Not _policy Is Nothing Then
_policy = Nothing
End If
End If
Me.disposedValue = True
End Sub
Public Sub Dispose() Implements IDisposable.Dispose
Dispose(True)
GC.SuppressFinalize(Me)
End Sub
End Class
© 2022 - 2024 — McMap. All rights reserved.