通过代码操作防火墙的方式有两种:一是代码操作修改注册表启用或关闭防火墙;二是直接操作防火墙对象来启用或关闭防火墙。不论哪一种方式,都需要使用管理员权限,所以操作前需要判断程序是否具有管理员权限。/ I# _; B2 S: H% S7 r' V
1、判断程序是否拥有管理员权限
3 c0 H/ O) I# c 需要引用命名空间:System.Security.Principal
" Y$ l+ d6 C; f/// <summary>
/// 判断程序是否拥有管理员权限
/// </summary>
/// <returns>true:是管理员;false:不是管理员</returns>
public static bool IsAdministrator()
{
WindowsIdentity current = WindowsIdentity.GetCurrent();
WindowsPrincipal windowsPrincipal = new WindowsPrincipal(current);
return windowsPrincipal.IsInRole(WindowsBuiltInRole.Administrator);
} 2、注册表修改防火墙5 F$ G1 T1 U* m
需要引用命名空间:Microsoft.Win328 Q! G2 E T+ ~* _' e: D$ j9 Q
/// <summary>
/// 通过注册表操作防火墙
/// </summary>
/// <param name="domainState">域网络防火墙(禁用:0;启用(默认):1)</param>
/// <param name="publicState">公共网络防火墙(禁用:0;启用(默认):1)</param>
/// <param name="standardState">专用网络防火墙(禁用:0;启用(默认):1)</param>
/// <returns></returns>
public static bool FirewallOperateByRegistryKey(int domainState=1, int publicState = 1, int standardState = 1)
{
RegistryKey key = Registry.LocalMachine;
try
{
string path = "HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Services\\SharedAccess\\Defaults\\FirewallPolicy";
RegistryKey firewall = key.OpenSubKey(path, true);
RegistryKey domainProfile = firewall.OpenSubKey("DomainProfile", true);
RegistryKey publicProfile = firewall.OpenSubKey("PublicProfile", true);
RegistryKey standardProfile = firewall.OpenSubKey("StandardProfile", true);
domainProfile.SetValue("EnableFirewall", domainState, RegistryValueKind.DWord);
publicProfile.SetValue("EnableFirewall", publicState, RegistryValueKind.DWord);
standardProfile.SetValue("EnableFirewall", standardState, RegistryValueKind.DWord);
}
catch (Exception e)
{
string error = $"注册表修改出错:{e.Message}";
throw new Exception(error);
}
return true;
} 3、直接操作防火墙对象! B6 L7 d S4 F/ Q5 Y9 E
需要在项目引用中添加对NetFwTypeLib的引用,并引用命名空间NetFwTypeLib
& X4 D" X) R7 |8 r6 L8 s" o* l% B% H' z5 P+ l6 d
/// <summary>
/// 通过对象防火墙操作
/// </summary>
/// <param name="isOpenDomain">域网络防火墙(禁用:false;启用(默认):true)</param>
/// <param name="isOpenPublicState">公共网络防火墙(禁用:false;启用(默认):true)</param>
/// <param name="isOpenStandard">专用网络防火墙(禁用: false;启用(默认):true)</param>
/// <returns></returns>
public static bool FirewallOperateByObject(bool isOpenDomain = true, bool isOpenPublicState = true, bool isOpenStandard = true)
{
try
{
INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));
// 启用<高级安全Windows防火墙> - 专有配置文件的防火墙
firewallPolicy.set_FirewallEnabled(NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_PRIVATE, isOpenStandard);
// 启用<高级安全Windows防火墙> - 公用配置文件的防火墙
firewallPolicy.set_FirewallEnabled(NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_PUBLIC, isOpenPublicState);
// 启用<高级安全Windows防火墙> - 域配置文件的防火墙
firewallPolicy.set_FirewallEnabled(NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_DOMAIN, isOpenDomain);
}
catch (Exception e)
{
string error = $"防火墙修改出错:{e.Message}";
throw new Exception(error);
}
return true;
}
|