windows防火墙添加规则
#include <windows.h>
#include <crtdbg.h>
#include <netfw.h>
#include <objbase.h>
#include <oleauto.h>
#include <stdio.h> #pragma comment( lib, "ole32.lib" )
#pragma comment( lib, "oleaut32.lib" ) HRESULT WindowsFirewallInitialize(OUT INetFwProfile** fwProfile)
{
HRESULT hr = S_OK;
INetFwMgr* fwMgr = NULL;
INetFwPolicy* fwPolicy = NULL; _ASSERT(fwProfile != NULL); *fwProfile = NULL; // Create an instance of the firewall settings manager.
hr = CoCreateInstance(
__uuidof(NetFwMgr),
NULL,
CLSCTX_INPROC_SERVER,
__uuidof(INetFwMgr),
(void**)&fwMgr
);
if (FAILED(hr))
{
printf("CoCreateInstance failed: 0x%08lx\n", hr);
goto error;
} // Retrieve the local firewall policy.
hr = fwMgr->get_LocalPolicy(&fwPolicy);
if (FAILED(hr))
{
printf("get_LocalPolicy failed: 0x%08lx\n", hr);
goto error;
} // Retrieve the firewall profile currently in effect.
hr = fwPolicy->get_CurrentProfile(fwProfile);
if (FAILED(hr))
{
printf("get_CurrentProfile failed: 0x%08lx\n", hr);
goto error;
} error: // Release the local firewall policy.
if (fwPolicy != NULL)
{
fwPolicy->Release();
} // Release the firewall settings manager.
if (fwMgr != NULL)
{
fwMgr->Release();
} return hr;
} void WindowsFirewallCleanup(IN INetFwProfile* fwProfile)
{
// Release the firewall profile.
if (fwProfile != NULL)
{
fwProfile->Release();
}
} HRESULT WindowsFirewallIsOn(IN INetFwProfile* fwProfile, OUT BOOL* fwOn)
{
HRESULT hr = S_OK;
VARIANT_BOOL fwEnabled; _ASSERT(fwProfile != NULL);
_ASSERT(fwOn != NULL); *fwOn = FALSE; // Get the current state of the firewall.
hr = fwProfile->get_FirewallEnabled(&fwEnabled);
if (FAILED(hr))
{
printf("get_FirewallEnabled failed: 0x%08lx\n", hr);
goto error;
} // Check to see if the firewall is on.
if (fwEnabled != VARIANT_FALSE)
{
*fwOn = TRUE;
printf("The firewall is on.\n");
}
else
{
printf("The firewall is off.\n");
} error: return hr;
} HRESULT WindowsFirewallTurnOn(IN INetFwProfile* fwProfile)
{
HRESULT hr = S_OK;
BOOL fwOn; _ASSERT(fwProfile != NULL); // Check to see if the firewall is off.
hr = WindowsFirewallIsOn(fwProfile, &fwOn);
if (FAILED(hr))
{
printf("WindowsFirewallIsOn failed: 0x%08lx\n", hr);
goto error;
} // If it is, turn it on.
if (!fwOn)
{
// Turn the firewall on.
hr = fwProfile->put_FirewallEnabled(VARIANT_TRUE);
if (FAILED(hr))
{
printf("put_FirewallEnabled failed: 0x%08lx\n", hr);
goto error;
} printf("The firewall is now on.\n");
} error: return hr;
} HRESULT WindowsFirewallTurnOff(IN INetFwProfile* fwProfile)
{
HRESULT hr = S_OK;
BOOL fwOn; _ASSERT(fwProfile != NULL); // Check to see if the firewall is on.
hr = WindowsFirewallIsOn(fwProfile, &fwOn);
if (FAILED(hr))
{
printf("WindowsFirewallIsOn failed: 0x%08lx\n", hr);
goto error;
} // If it is, turn it off.
if (fwOn)
{
// Turn the firewall off.
hr = fwProfile->put_FirewallEnabled(VARIANT_FALSE);
if (FAILED(hr))
{
printf("put_FirewallEnabled failed: 0x%08lx\n", hr);
goto error;
} printf("The firewall is now off.\n");
} error: return hr;
} HRESULT WindowsFirewallAppIsEnabled(
IN INetFwProfile* fwProfile,
IN const wchar_t* fwProcessImageFileName,
OUT BOOL* fwAppEnabled
)
{
HRESULT hr = S_OK;
BSTR fwBstrProcessImageFileName = NULL;
VARIANT_BOOL fwEnabled;
INetFwAuthorizedApplication* fwApp = NULL;
INetFwAuthorizedApplications* fwApps = NULL; _ASSERT(fwProfile != NULL);
_ASSERT(fwProcessImageFileName != NULL);
_ASSERT(fwAppEnabled != NULL); *fwAppEnabled = FALSE; // Retrieve the authorized application collection.
hr = fwProfile->get_AuthorizedApplications(&fwApps);
if (FAILED(hr))
{
printf("get_AuthorizedApplications failed: 0x%08lx\n", hr);
goto error;
} // Allocate a BSTR for the process image file name.
fwBstrProcessImageFileName = SysAllocString(fwProcessImageFileName);
if (fwBstrProcessImageFileName == NULL)
{
hr = E_OUTOFMEMORY;
printf("SysAllocString failed: 0x%08lx\n", hr);
goto error;
} // Attempt to retrieve the authorized application.
hr = fwApps->Item(fwBstrProcessImageFileName, &fwApp);
if (SUCCEEDED(hr))
{
// Find out if the authorized application is enabled.
hr = fwApp->get_Enabled(&fwEnabled);
if (FAILED(hr))
{
printf("get_Enabled failed: 0x%08lx\n", hr);
goto error;
} if (fwEnabled != VARIANT_FALSE)
{
// The authorized application is enabled.
*fwAppEnabled = TRUE; printf(
"Authorized application %lS is enabled in the firewall.\n",
fwProcessImageFileName
);
}
else
{
printf(
"Authorized application %lS is disabled in the firewall.\n",
fwProcessImageFileName
);
}
}
else
{
// The authorized application was not in the collection.
hr = S_OK; printf(
"Authorized application %lS is disabled in the firewall.\n",
fwProcessImageFileName
);
} error: // Free the BSTR.
SysFreeString(fwBstrProcessImageFileName); // Release the authorized application instance.
if (fwApp != NULL)
{
fwApp->Release();
} // Release the authorized application collection.
if (fwApps != NULL)
{
fwApps->Release();
} return hr;
} HRESULT WindowsFirewallAddApp(
IN INetFwProfile* fwProfile,
IN const wchar_t* fwProcessImageFileName,
IN const wchar_t* fwName
)
{
HRESULT hr = S_OK;
BOOL fwAppEnabled;
BSTR fwBstrName = NULL;
BSTR fwBstrProcessImageFileName = NULL;
INetFwAuthorizedApplication* fwApp = NULL;
INetFwAuthorizedApplications* fwApps = NULL; _ASSERT(fwProfile != NULL);
_ASSERT(fwProcessImageFileName != NULL);
_ASSERT(fwName != NULL); // First check to see if the application is already authorized.
hr = WindowsFirewallAppIsEnabled(
fwProfile,
fwProcessImageFileName,
&fwAppEnabled
);
if (FAILED(hr))
{
printf("WindowsFirewallAppIsEnabled failed: 0x%08lx\n", hr);
goto error;
} // Only add the application if it isn't already authorized.
if (!fwAppEnabled)
{
// Retrieve the authorized application collection.
hr = fwProfile->get_AuthorizedApplications(&fwApps);
if (FAILED(hr))
{
printf("get_AuthorizedApplications failed: 0x%08lx\n", hr);
goto error;
} // Create an instance of an authorized application.
hr = CoCreateInstance(
__uuidof(NetFwAuthorizedApplication),
NULL,
CLSCTX_INPROC_SERVER,
__uuidof(INetFwAuthorizedApplication),
(void**)&fwApp
);
if (FAILED(hr))
{
printf("CoCreateInstance failed: 0x%08lx\n", hr);
goto error;
} // Allocate a BSTR for the process image file name.
fwBstrProcessImageFileName = SysAllocString(fwProcessImageFileName);
if (fwBstrProcessImageFileName == NULL)
{
hr = E_OUTOFMEMORY;
printf("SysAllocString failed: 0x%08lx\n", hr);
goto error;
} // Set the process image file name.
hr = fwApp->put_ProcessImageFileName(fwBstrProcessImageFileName);
if (FAILED(hr))
{
printf("put_ProcessImageFileName failed: 0x%08lx\n", hr);
goto error;
} // Allocate a BSTR for the application friendly name.
fwBstrName = SysAllocString(fwName);
if (SysStringLen(fwBstrName) == )
{
hr = E_OUTOFMEMORY;
printf("SysAllocString failed: 0x%08lx\n", hr);
goto error;
} // Set the application friendly name.
hr = fwApp->put_Name(fwBstrName);
if (FAILED(hr))
{
printf("put_Name failed: 0x%08lx\n", hr);
goto error;
} // Add the application to the collection.
hr = fwApps->Add(fwApp);
if (FAILED(hr))
{
printf("Add failed: 0x%08lx\n", hr);
goto error;
} printf(
"Authorized application %lS is now enabled in the firewall.\n",
fwProcessImageFileName
);
} error: // Free the BSTRs.
SysFreeString(fwBstrName);
SysFreeString(fwBstrProcessImageFileName); // Release the authorized application instance.
if (fwApp != NULL)
{
fwApp->Release();
} // Release the authorized application collection.
if (fwApps != NULL)
{
fwApps->Release();
} return hr;
} HRESULT WindowsFirewallPortIsEnabled(
IN INetFwProfile* fwProfile,
IN LONG portNumber,
IN NET_FW_IP_PROTOCOL ipProtocol,
OUT BOOL* fwPortEnabled
)
{
HRESULT hr = S_OK;
VARIANT_BOOL fwEnabled;
INetFwOpenPort* fwOpenPort = NULL;
INetFwOpenPorts* fwOpenPorts = NULL; _ASSERT(fwProfile != NULL);
_ASSERT(fwPortEnabled != NULL); *fwPortEnabled = FALSE; // Retrieve the globally open ports collection.
hr = fwProfile->get_GloballyOpenPorts(&fwOpenPorts);
if (FAILED(hr))
{
printf("get_GloballyOpenPorts failed: 0x%08lx\n", hr);
goto error;
} // Attempt to retrieve the globally open port.
hr = fwOpenPorts->Item(portNumber, ipProtocol, &fwOpenPort);
if (SUCCEEDED(hr))
{
// Find out if the globally open port is enabled.
hr = fwOpenPort->get_Enabled(&fwEnabled);
if (FAILED(hr))
{
printf("get_Enabled failed: 0x%08lx\n", hr);
goto error;
} if (fwEnabled != VARIANT_FALSE)
{
// The globally open port is enabled.
*fwPortEnabled = TRUE; printf("Port %ld is open in the firewall.\n", portNumber);
}
else
{
printf("Port %ld is not open in the firewall.\n", portNumber);
}
}
else
{
// The globally open port was not in the collection.
hr = S_OK; printf("Port %ld is not open in the firewall.\n", portNumber);
} error: // Release the globally open port.
if (fwOpenPort != NULL)
{
fwOpenPort->Release();
} // Release the globally open ports collection.
if (fwOpenPorts != NULL)
{
fwOpenPorts->Release();
} return hr;
} HRESULT WindowsFirewallPortAdd(
IN INetFwProfile* fwProfile,
IN LONG portNumber,
IN NET_FW_IP_PROTOCOL ipProtocol,
IN const wchar_t* name
)
{
HRESULT hr = S_OK;
BOOL fwPortEnabled;
BSTR fwBstrName = NULL;
INetFwOpenPort* fwOpenPort = NULL;
INetFwOpenPorts* fwOpenPorts = NULL; _ASSERT(fwProfile != NULL);
_ASSERT(name != NULL); // First check to see if the port is already added.
hr = WindowsFirewallPortIsEnabled(
fwProfile,
portNumber,
ipProtocol,
&fwPortEnabled
);
if (FAILED(hr))
{
printf("WindowsFirewallPortIsEnabled failed: 0x%08lx\n", hr);
goto error;
} // Only add the port if it isn't already added.
if (!fwPortEnabled)
{
// Retrieve the collection of globally open ports.
hr = fwProfile->get_GloballyOpenPorts(&fwOpenPorts);
if (FAILED(hr))
{
printf("get_GloballyOpenPorts failed: 0x%08lx\n", hr);
goto error;
} // Create an instance of an open port.
hr = CoCreateInstance(
__uuidof(NetFwOpenPort),
NULL,
CLSCTX_INPROC_SERVER,
__uuidof(INetFwOpenPort),
(void**)&fwOpenPort
);
if (FAILED(hr))
{
printf("CoCreateInstance failed: 0x%08lx\n", hr);
goto error;
} // Set the port number.
hr = fwOpenPort->put_Port(portNumber);
if (FAILED(hr))
{
printf("put_Port failed: 0x%08lx\n", hr);
goto error;
} // Set the IP protocol.
hr = fwOpenPort->put_Protocol(ipProtocol);
if (FAILED(hr))
{
printf("put_Protocol failed: 0x%08lx\n", hr);
goto error;
} // Allocate a BSTR for the friendly name of the port.
fwBstrName = SysAllocString(name);
if (SysStringLen(fwBstrName) == )
{
hr = E_OUTOFMEMORY;
printf("SysAllocString failed: 0x%08lx\n", hr);
goto error;
} // Set the friendly name of the port.
hr = fwOpenPort->put_Name(fwBstrName);
if (FAILED(hr))
{
printf("put_Name failed: 0x%08lx\n", hr);
goto error;
} // Opens the port and adds it to the collection.
hr = fwOpenPorts->Add(fwOpenPort);
if (FAILED(hr))
{
printf("Add failed: 0x%08lx\n", hr);
goto error;
} printf("Port %ld is now open in the firewall.\n", portNumber);
} error: // Free the BSTR.
SysFreeString(fwBstrName); // Release the open port instance.
if (fwOpenPort != NULL)
{
fwOpenPort->Release();
} // Release the globally open ports collection.
if (fwOpenPorts != NULL)
{
fwOpenPorts->Release();
} return hr;
} int __cdecl wmain(int argc, wchar_t* argv[])
{
HRESULT hr = S_OK;
HRESULT comInit = E_FAIL;
INetFwProfile* fwProfile = NULL; // Initialize COM.
comInit = CoInitializeEx(
,
COINIT_APARTMENTTHREADED | COINIT_DISABLE_OLE1DDE
); // Ignore RPC_E_CHANGED_MODE; this just means that COM has already been
// initialized with a different mode. Since we don't care what the mode is,
// we'll just use the existing mode.
if (comInit != RPC_E_CHANGED_MODE)
{
hr = comInit;
if (FAILED(hr))
{
printf("CoInitializeEx failed: 0x%08lx\n", hr);
goto error;
}
} // Retrieve the firewall profile currently in effect.
hr = WindowsFirewallInitialize(&fwProfile);
if (FAILED(hr))
{
printf("WindowsFirewallInitialize failed: 0x%08lx\n", hr);
goto error;
} // Turn off the firewall.
hr = WindowsFirewallTurnOff(fwProfile);
if (FAILED(hr))
{
printf("WindowsFirewallTurnOff failed: 0x%08lx\n", hr);
goto error;
} // Turn on the firewall.
hr = WindowsFirewallTurnOn(fwProfile);
if (FAILED(hr))
{
printf("WindowsFirewallTurnOn failed: 0x%08lx\n", hr);
goto error;
} // Add Windows Messenger to the authorized application collection.
hr = WindowsFirewallAddApp(
fwProfile,
L"%ProgramFiles%\\Messenger\\msmsgs.exe",
L"Windows Messenger"
);
if (FAILED(hr))
{
printf("WindowsFirewallAddApp failed: 0x%08lx\n", hr);
goto error;
} // Add TCP::80 to list of globally open ports.
hr = WindowsFirewallPortAdd(fwProfile, , NET_FW_IP_PROTOCOL_TCP, L"WWW");
if (FAILED(hr))
{
printf("WindowsFirewallPortAdd failed: 0x%08lx\n", hr);
goto error;
} error: // Release the firewall profile.
WindowsFirewallCleanup(fwProfile); // Uninitialize COM.
if (SUCCEEDED(comInit))
{
CoUninitialize();
} return ;
}
原文参考:MSDN vc添加Windows防火墙例外
另外也可以使用 netsh firewall 或者 netsh advfirewall firewall命令添加防火墙规则
详细参考:MSDN
windows防火墙添加规则的更多相关文章
- Windows防火墙端口规则设置新建方法
from:https://jingyan.baidu.com/article/2a1383289fd094074a134ff0.html Windows防火墙有什么用呢?它是电脑的一道安全屏障,可以有 ...
- Windows Server 2008企业64位版防火墙添加端口的方法
原始地址:http://www.veryhuo.com/a/view/48280.html 什么是防火墙的入站规则和出站规则 简单的说 出站就是你访问外网 入站就是外网访问你 记得在两年前写过一篇教程 ...
- windows server防火墙添加例外的步骤
Windows Server 2012 防火墙如何添加端口例外的方法 在Windows Server 2012系统中,如果用户想在防火墙中开通一个端口,您可以按以下步骤执行: 1. 首先点击桌面左 ...
- windows 2008、2012防火墙添加入站规则教程(端口例外)
windows2008.2012的设置方法基本一样,以下是以windows2008为例做添加80端口的步骤. 1.依次点“控制面板”→“系统和安全”→“windows防火墙”→“高级设置”,打开“高级 ...
- windows 系统防火墙 添加端口号方法
目前在大部分公司内使用的台式机和部分服务器都采用了Windows操作系统,而我么都知道相当一部分病毒.恶意程序.黑客都是利用扫描端口号,利用开放的端口进行入侵,此时大型企业都会将服务器的系统防火墙打开 ...
- 针对 SQL Server 2008 在Windows Server 2008上的访问配置 Windows 防火墙
现在Windows Server 2008 服务器用的越来越多,2008的防火墙比2003的有了很大的增强,安全性有了更大的提高. 甚至80端口的出站默认都是被关闭的.所以如果在2008Server上 ...
- 通过配置Windows 防火墙允许使用TCP/IP协议远程访问数据库
原文:通过配置Windows 防火墙允许使用TCP/IP协议远程访问数据库 本文适用于:2005.2008.2008R2所有版本 为了可以通过TCP/IP协议远程访问SQLServer数据库,需要做以 ...
- SQLServer2008开放windows防火墙配置
为了可以通过TCP/IP协议远程访问SQLServer数据库,需要做以下几点: 在SQLServer所运行的服务器上,我们必须找到SQLServer所侦听的端口然后添加到WIndows防火墙的[允许入 ...
- Windows Cluster 添加新节点--验证报错
今天给既有Windows Cluster 添加节点时,验证总是不通过.报错信息为 防火墙未正确配置为故障转移群集.现将处理步骤汇总如下. 1.错误具体信息 报错的位置 --[验证警告] 的步骤中发现错 ...
随机推荐
- wordpress内存不足问题“Fatal error:out of memoryin etc...”
2016年3月22日wordpress用户名及密码登录,出现: “ Fatal error: Out of memory (allocated 19136512) (tried to allocate ...
- 对Linux新手非常有用的 20个命令
你打算从Windows换到Linux上来,还是你刚好换到Linux上来?哎哟!!!我说什么呢,是什么原因你就出现我的世界里了.从我以往的经验来说,当我刚使用Linux,命令,终端啊什么的,吓了我一跳. ...
- 《Java程序设计》第五周学习总结
20145224 <Java程序设计>第五周学习总结 教材学习内容总结 第八章异常处理 8.1.1使用try.catch ·教材范例用户连续输入整数,输入0结束后显示输入数的平均值(代码如 ...
- Flask中mongodb实现flask_login保持登录
最近在学习Flask,使用flask-login时,一直无法完成保持登录的状态,网上的例子都是使用SQLAlchemy,但是我用的是mongodb. 网上的例子使用SQLAlchemy时,定义User ...
- 6/7 Sprint2 看板和燃尽图
- C#引用Office.word出错的解决办法-无法嵌入互操作类型“Microsoft.Office.Interop.Word.ApplicationClass” 【转】
本文章转自 suchso 1.系统找不到 Microsoft.Office.Interop.Word" "Could not load file or assembly 'Micr ...
- zoj 1204 Additive equations
ACCEPT acm作业 http://acm.zju.edu.cn/onlinejudge/showProblem.do?problemId=204 因为老师是在集合那里要我们做这道题.所以我很是天 ...
- hdu 1695 GCD(莫比乌斯反演)
GCD Time Limit: 6000/3000 MS (Java/Others) Memory Limit: 32768/32768 K (Java/Others)Total Submiss ...
- centos 运用ssh的rsa算法实现无密码登录
ssh 公钥和私钥原理 1.客户端机子生成私钥和公钥,将公钥放到服务器证书中,然后就可以实现免密码登录.(服务器认证文件要有该登录用户的读执行权限) 2.a登录b: a机子:test01账号(b也要建 ...
- NOIP2004 解题报告
第一题:津津的零花钱一直都是自己管理.每个月的月初妈妈给津津300元钱,津津会预算这个月的花销,并且总能做到实际花销和预算的相同. 为了让津津学习如何储蓄,妈妈提出,津津可以随时把整百的钱存在她那里, ...