通常,我們在初次執行某些網絡應用程序的時候,Windows防火牆會提示我們是否阻止該程序的網絡連接,如下圖:
本文主要介紹如何使用COM接口編程來操作Windows防火牆,使程序自動的解除阻止(即將本程序添加到防火牆的例外列表中),打開防火牆,關閉防火牆等。
1. 獲得防火牆接口 INetFwProfile
INetFwProfile * m_pIFirewall = NULL ;
INetFwMgr * pIFirewallMgr = NULL;
INetFwPolicy * pIFirewallPolicy = NULL;
CoCreateInstance(__uuidof(NetFwMgr),NULL,CLSCTX_INPROC_SERVER,
__uuidof(INetFwMgr),(void**)&pIFirewallMgr);
pIFirewallMgr->get_LocalPolicy(&pIFirewallPolicy);
pIFirewallPolicy->get_CurrentProfile(&m_pIFirewall);
INetFwMgr * pIFirewallMgr = NULL;
INetFwPolicy * pIFirewallPolicy = NULL;
CoCreateInstance(__uuidof(NetFwMgr),NULL,CLSCTX_INPROC_SERVER,
__uuidof(INetFwMgr),(void**)&pIFirewallMgr);
pIFirewallMgr->get_LocalPolicy(&pIFirewallPolicy);
pIFirewallPolicy->get_CurrentProfile(&m_pIFirewall);
2. 判斷是否已經打開防火牆
VARIANT_BOOL varbOpen = VARIANT_FALSE ;
m_pIFirewall->get_FirewallEnabled(&varbOpen)
m_pIFirewall->get_FirewallEnabled(&varbOpen)
3. 打開防火牆
m_pIFirewall->put_FirewallEnabled(VARIANT_TRUE);
4. 關閉防火牆
m_pIFirewall->put_FirewallEnabled(VARIANT_FALSE);
5. 判斷一個應用程序是否解除阻止
INetFwAuthorizedApplications* pIFirewallApps = NULL;
INetFwAuthorizedApplication * pIFirewallApp = NULL;
m_pIFirewall->get_AuthorizedApplications(&pIFirewallApps);
pIFirewallApps->Item(bstrAppPath,&pIFirewallApp);
VARIANT_BOOL varbEnabled ;
pIFirewallApp->get_Enabled(&varbEnabled);
INetFwAuthorizedApplication * pIFirewallApp = NULL;
m_pIFirewall->get_AuthorizedApplications(&pIFirewallApps);
pIFirewallApps->Item(bstrAppPath,&pIFirewallApp);
VARIANT_BOOL varbEnabled ;
pIFirewallApp->get_Enabled(&varbEnabled);
6. 解除一個應用程序的阻止
INetFwAuthorizedApplications* pIFirewallApps = NULL;
INetFwAuthorizedApplication * pIFirewallApp = NULL;
m_pIFirewall->get_AuthorizedApplications(&pIFirewallApps);
CoCreateInstance(__uuidof(NetFwAuthorizedApplication),NULL,CLSCTX_INPROC_SERVER,
__uuidof(INetFwAuthorizedApplication),(void**)&pIFirewallApp);
pIFirewallApp->put_ProcessImageFileName(bstrAppPath);
pIFirewallApp->put_Name(bstrName);
pIFirewallApps->Add(pIFirewallApp);
INetFwAuthorizedApplication * pIFirewallApp = NULL;
m_pIFirewall->get_AuthorizedApplications(&pIFirewallApps);
CoCreateInstance(__uuidof(NetFwAuthorizedApplication),NULL,CLSCTX_INPROC_SERVER,
__uuidof(INetFwAuthorizedApplication),(void**)&pIFirewallApp);
pIFirewallApp->put_ProcessImageFileName(bstrAppPath);
pIFirewallApp->put_Name(bstrName);
pIFirewallApps->Add(pIFirewallApp);
7.判斷一個端口是否被阻止
INetFwOpenPorts* pIFirewallOpenPorts = NULL;
INetFwOpenPort * pIFirewallOpenPort = NULL;
m_pIFirewall->get_GloballyOpenPorts(&pIFirewallOpenPorts);
pIFirewallOpenPorts->Item(lnPort,eProtocolType,&pIFirewallOpenPort);
VARIANT_BOOL varbEnabled ;
pIFirewallOpenPort->get_Enabled(&varbEnabled);
INetFwOpenPort * pIFirewallOpenPort = NULL;
m_pIFirewall->get_GloballyOpenPorts(&pIFirewallOpenPorts);
pIFirewallOpenPorts->Item(lnPort,eProtocolType,&pIFirewallOpenPort);
VARIANT_BOOL varbEnabled ;
pIFirewallOpenPort->get_Enabled(&varbEnabled);
8. 解除一個端口的阻止
INetFwOpenPorts* pIFirewallOpenPorts = NULL;
INetFwOpenPort * pIFirewallOpenPort = NULL;
m_pIFirewall->get_GloballyOpenPorts(&pIFirewallOpenPorts);
CoCreateInstance(__uuidof(NetFwOpenPort),NULL,CLSCTX_INPROC_SERVER,
__uuidof(INetFwOpenPort),(void**)&pIFirewallOpenPort);
pIFirewallOpenPort->put_Port(lnPort);
pIFirewallOpenPort->put_Protocol(eProtocolType);
pIFirewallOpenPort->put_Name(bstrShowName);
pIFirewallOpenPorts->Add(pIFirewallOpenPort);
INetFwOpenPort * pIFirewallOpenPort = NULL;
m_pIFirewall->get_GloballyOpenPorts(&pIFirewallOpenPorts);
CoCreateInstance(__uuidof(NetFwOpenPort),NULL,CLSCTX_INPROC_SERVER,
__uuidof(INetFwOpenPort),(void**)&pIFirewallOpenPort);
pIFirewallOpenPort->put_Port(lnPort);
pIFirewallOpenPort->put_Protocol(eProtocolType);
pIFirewallOpenPort->put_Name(bstrShowName);
pIFirewallOpenPorts->Add(pIFirewallOpenPort);
9. 詳細代碼見附件