c++ 操作防火墙 firewall

C++Window防火墙操作(添加例外端口,例外程序,关闭,开启)

lyz 2010-07-28 23:50

//转载文章,方便大家使用,如需JAVA通过JNI调用的DLL文件,请回复时加上你的邮件地址

/*
Copyright (c) Microsoft Corporation

SYNOPSIS

Sample code for the Windows Firewall COM interface.
*/

#include <windows.h>
#include <crtdbg.h>
#include <netfw.h>
#include <objbase.h>
#include <oleauto.h>
#include <stdio.h>


#pragma comment( lib, "ole32.lib" )
#pragma comment( lib, "oleaut32.lib" )


HRESULT WindowsFirewallInitialize(OUT INetFwProfile** fwProfile)
{
 HRESULT hr = S_OK;
 INetFwMgr* fwMgr = NULL;
 INetFwPolicy* fwPolicy = NULL;

 _ASSERT(fwProfile != NULL);

 *fwProfile = NULL;

 // Create an instance of the firewall settings manager.
 hr = CoCreateInstance(
  __uuidof(NetFwMgr),
  NULL,
  CLSCTX_INPROC_SERVER,
  __uuidof(INetFwMgr),
  (void**)&fwMgr
  );
 if (FAILED(hr))
 {
  printf("CoCreateInstance failed: 0x%08lx/n", hr);
  goto error;
 }

 // Retrieve the local firewall policy.
 hr = fwMgr->get_LocalPolicy(&fwPolicy);
 if (FAILED(hr))
 {
  printf("get_LocalPolicy failed: 0x%08lx/n", hr);
  goto error;
 }

 // Retrieve the firewall profile currently in effect.
 hr = fwPolicy->get_CurrentProfile(fwProfile);
 if (FAILED(hr))
 {
  printf("get_CurrentProfile failed: 0x%08lx/n", hr);
  goto error;
 }

error:

 // Release the local firewall policy.
 if (fwPolicy != NULL)
 {
  fwPolicy->Release();
 }

 // Release the firewall settings manager.
 if (fwMgr != NULL)
 {
  fwMgr->Release();
 }

 return hr;
}


void WindowsFirewallCleanup(IN INetFwProfile* fwProfile)
{
 // Release the firewall profile.
 if (fwProfile != NULL)
 {
  fwProfile->Release();
 }
}


HRESULT WindowsFirewallIsOn(IN INetFwProfile* fwProfile, OUT BOOL* fwOn)
{
 HRESULT hr = S_OK;
 VARIANT_BOOL fwEnabled;

 _ASSERT(fwProfile != NULL);
 _ASSERT(fwOn != NULL);

 *fwOn = FALSE;

 // Get the current state of the firewall.
 hr = fwProfile->get_FirewallEnabled(&fwEnabled);
 if (FAILED(hr))
 {
  printf("get_FirewallEnabled failed: 0x%08lx/n", hr);
  goto error;
 }

 // Check to see if the firewall is on.
 if (fwEnabled != VARIANT_FALSE)
 {
  *fwOn = TRUE;
  printf("The firewall is on./n");
 }
 else
 {
  printf("The firewall is off./n");
 }

error:

 return hr;
}


HRESULT WindowsFirewallTurnOn(IN INetFwProfile* fwProfile)
{
 HRESULT hr = S_OK;
 BOOL fwOn;

 _ASSERT(fwProfile != NULL);

 // Check to see if the firewall is off.
 hr = WindowsFirewallIsOn(fwProfile, &fwOn);
 if (FAILED(hr))
 {
  printf("WindowsFirewallIsOn failed: 0x%08lx/n", hr);
  goto error;
 }

 // If it is, turn it on.
 if (!fwOn)
 {
  // Turn the firewall on.
  hr = fwProfile->put_FirewallEnabled(VARIANT_TRUE);
  if (FAILED(hr))
  {
   printf("put_FirewallEnabled failed: 0x%08lx/n", hr);
   goto error;
  }

  printf("The firewall is now on./n");
 }

error:

 return hr;
}


HRESULT WindowsFirewallTurnOff(IN INetFwProfile* fwProfile)
{
 HRESULT hr = S_OK;
 BOOL fwOn;

 _ASSERT(fwProfile != NULL);

 // Check to see if the firewall is on.
 hr = WindowsFirewallIsOn(fwProfile, &fwOn);
 if (FAILED(hr))
 {
  printf("WindowsFirewallIsOn failed: 0x%08lx/n", hr);
  goto error;
 }

 // If it is, turn it off.
 if (fwOn)
 {
  // Turn the firewall off.
  hr = fwProfile->put_FirewallEnabled(VARIANT_FALSE);
  if (FAILED(hr))
  {
   printf("put_FirewallEnabled failed: 0x%08lx/n", hr);
   goto error;
  }

  printf("The firewall is now off./n");
 }

error:

 return hr;
}


HRESULT WindowsFirewallAppIsEnabled(
         IN INetFwProfile* fwProfile,
         IN const wchar_t* fwProcessImageFileName,
         OUT BOOL* fwAppEnabled
         )
{
 HRESULT hr = S_OK;
 BSTR fwBstrProcessImageFileName = NULL;
 VARIANT_BOOL fwEnabled;
 INetFwAuthorizedApplication* fwApp = NULL;
 INetFwAuthorizedApplications* fwApps = NULL;

 _ASSERT(fwProfile != NULL);
 _ASSERT(fwProcessImageFileName != NULL);
 _ASSERT(fwAppEnabled != NULL);

 *fwAppEnabled = FALSE;

 // Retrieve the authorized application collection.
 hr = fwProfile->get_AuthorizedApplications(&fwApps);
 if (FAILED(hr))
 {
  printf("get_AuthorizedApplications failed: 0x%08lx/n", hr);
  goto error;
 }

 // Allocate a BSTR for the process image file name.
 fwBstrProcessImageFileName = SysAllocString(fwProcessImageFileName);
 if (fwBstrProcessImageFileName == NULL)
 {
  hr = E_OUTOFMEMORY;
  printf("SysAllocString failed: 0x%08lx/n", hr);
  goto error;
 }

 // Attempt to retrieve the authorized application.
 hr = fwApps->Item(fwBstrProcessImageFileName, &fwApp);
 if (SUCCEEDED(hr))
 {
  // Find out if the authorized application is enabled.
  hr = fwApp->get_Enabled(&fwEnabled);
  if (FAILED(hr))
  {
   printf("get_Enabled failed: 0x%08lx/n", hr);
   goto error;
  }

  if (fwEnabled != VARIANT_FALSE)
  {
   // The authorized application is enabled.
   *fwAppEnabled = TRUE;

   printf(
    "Authorized application %lS is enabled in the firewall./n",
    fwProcessImageFileName
    );
  }
  else
  {
   printf(
    "Authorized application %lS is disabled in the firewall./n",
    fwProcessImageFileName
    );
  }
 }
 else
 {
  // The authorized application was not in the collection.
  hr = S_OK;

  printf(
   "Authorized application %lS is disabled in the firewall./n",
   fwProcessImageFileName
   );
 }

error:

 // Free the BSTR.
 SysFreeString(fwBstrProcessImageFileName);

 // Release the authorized application instance.
 if (fwApp != NULL)
 {
  fwApp->Release();
 }

 // Release the authorized application collection.
 if (fwApps != NULL)
 {
  fwApps->Release();
 }

 return hr;
}


HRESULT WindowsFirewallAddApp(
         IN INetFwProfile* fwProfile,
         IN const wchar_t* fwProcessImageFileName,
         IN const wchar_t* fwName
         )
{
 HRESULT hr = S_OK;
 BOOL fwAppEnabled;
 BSTR fwBstrName = NULL;
 BSTR fwBstrProcessImageFileName = NULL;
 INetFwAuthorizedApplication* fwApp = NULL;
 INetFwAuthorizedApplications* fwApps = NULL;

 _ASSERT(fwProfile != NULL);
 _ASSERT(fwProcessImageFileName != NULL);
 _ASSERT(fwName != NULL);

 // First check to see if the application is already authorized.
 hr = WindowsFirewallAppIsEnabled(
  fwProfile,
  fwProcessImageFileName,
  &fwAppEnabled
  );
 if (FAILED(hr))
 {
  printf("WindowsFirewallAppIsEnabled failed: 0x%08lx/n", hr);
  goto error;
 }

 // Only add the application if it isn't already authorized.
 if (!fwAppEnabled)
 {
  // Retrieve the authorized application collection.
  hr = fwProfile->get_AuthorizedApplications(&fwApps);
  if (FAILED(hr))
  {
   printf("get_AuthorizedApplications failed: 0x%08lx/n", hr);
   goto error;
  }

  // Create an instance of an authorized application.
  hr = CoCreateInstance(
   __uuidof(NetFwAuthorizedApplication),
   NULL,
   CLSCTX_INPROC_SERVER,
   __uuidof(INetFwAuthorizedApplication),
   (void**)&fwApp
   );
  if (FAILED(hr))
  {
   printf("CoCreateInstance failed: 0x%08lx/n", hr);
   goto error;
  }

  // Allocate a BSTR for the process image file name.
  fwBstrProcessImageFileName = SysAllocString(fwProcessImageFileName);
  if (fwBstrProcessImageFileName == NULL)
  {
   hr = E_OUTOFMEMORY;
   printf("SysAllocString failed: 0x%08lx/n", hr);
   goto error;
  }

  // Set the process image file name.
  hr = fwApp->put_ProcessImageFileName(fwBstrProcessImageFileName);
  if (FAILED(hr))
  {
   printf("put_ProcessImageFileName failed: 0x%08lx/n", hr);
   goto error;
  }

  // Allocate a BSTR for the application friendly name.
  fwBstrName = SysAllocString(fwName);
  if (SysStringLen(fwBstrName) == 0)
  {
   hr = E_OUTOFMEMORY;
   printf("SysAllocString failed: 0x%08lx/n", hr);
   goto error;
  }

  // Set the application friendly name.
  hr = fwApp->put_Name(fwBstrName);
  if (FAILED(hr))
  {
   printf("put_Name failed: 0x%08lx/n", hr);
   goto error;
  }

  // Add the application to the collection.
  hr = fwApps->Add(fwApp);
  if (FAILED(hr))
  {
   printf("Add failed: 0x%08lx/n", hr);
   goto error;
  }

  printf(
   "Authorized application %lS is now enabled in the firewall./n",
   fwProcessImageFileName
   );
 }

error:

 // Free the BSTRs.
 SysFreeString(fwBstrName);
 SysFreeString(fwBstrProcessImageFileName);

 // Release the authorized application instance.
 if (fwApp != NULL)
 {
  fwApp->Release();
 }

 // Release the authorized application collection.
 if (fwApps != NULL)
 {
  fwApps->Release();
 }

 return hr;
}


HRESULT WindowsFirewallPortIsEnabled(
          IN INetFwProfile* fwProfile,
          IN LONG portNumber,
          IN NET_FW_IP_PROTOCOL ipProtocol,
          OUT BOOL* fwPortEnabled
          )
{
 HRESULT hr = S_OK;
 VARIANT_BOOL fwEnabled;
 INetFwOpenPort* fwOpenPort = NULL;
 INetFwOpenPorts* fwOpenPorts = NULL;

 _ASSERT(fwProfile != NULL);
 _ASSERT(fwPortEnabled != NULL);

 *fwPortEnabled = FALSE;

 // Retrieve the globally open ports collection.
 hr = fwProfile->get_GloballyOpenPorts(&fwOpenPorts);
 if (FAILED(hr))
 {
  printf("get_GloballyOpenPorts failed: 0x%08lx/n", hr);
  goto error;
 }

 // Attempt to retrieve the globally open port.
 hr = fwOpenPorts->Item(portNumber, ipProtocol, &fwOpenPort);
 if (SUCCEEDED(hr))
 {
  // Find out if the globally open port is enabled.
  hr = fwOpenPort->get_Enabled(&fwEnabled);
  if (FAILED(hr))
  {
   printf("get_Enabled failed: 0x%08lx/n", hr);
   goto error;
  }

  if (fwEnabled != VARIANT_FALSE)
  {
   // The globally open port is enabled.
   *fwPortEnabled = TRUE;

   printf("Port %ld is open in the firewall./n", portNumber);
  }
  else
  {
   printf("Port %ld is not open in the firewall./n", portNumber);
  }
 }
 else
 {
  // The globally open port was not in the collection.
  hr = S_OK;

  printf("Port %ld is not open in the firewall./n", portNumber);
 }

error:

 // Release the globally open port.
 if (fwOpenPort != NULL)
 {
  fwOpenPort->Release();
 }

 // Release the globally open ports collection.
 if (fwOpenPorts != NULL)
 {
  fwOpenPorts->Release();
 }

 return hr;
}


HRESULT WindowsFirewallPortAdd(
          IN INetFwProfile* fwProfile,
          IN LONG portNumber,
          IN NET_FW_IP_PROTOCOL ipProtocol,
          IN const wchar_t* name
          )
{
 HRESULT hr = S_OK;
 BOOL fwPortEnabled;
 BSTR fwBstrName = NULL;
 INetFwOpenPort* fwOpenPort = NULL;
 INetFwOpenPorts* fwOpenPorts = NULL;

 _ASSERT(fwProfile != NULL);
 _ASSERT(name != NULL);

 // First check to see if the port is already added.
 hr = WindowsFirewallPortIsEnabled(
  fwProfile,
  portNumber,
  ipProtocol,
  &fwPortEnabled
  );
 if (FAILED(hr))
 {
  printf("WindowsFirewallPortIsEnabled failed: 0x%08lx/n", hr);
  goto error;
 }

 // Only add the port if it isn't already added.
 if (!fwPortEnabled)
 {
  // Retrieve the collection of globally open ports.
  hr = fwProfile->get_GloballyOpenPorts(&fwOpenPorts);
  if (FAILED(hr))
  {
   printf("get_GloballyOpenPorts failed: 0x%08lx/n", hr);
   goto error;
  }

  // Create an instance of an open port.
  hr = CoCreateInstance(
   __uuidof(NetFwOpenPort),
   NULL,
   CLSCTX_INPROC_SERVER,
   __uuidof(INetFwOpenPort),
   (void**)&fwOpenPort
   );
  if (FAILED(hr))
  {
   printf("CoCreateInstance failed: 0x%08lx/n", hr);
   goto error;
  }

  // Set the port number.
  hr = fwOpenPort->put_Port(portNumber);
  if (FAILED(hr))
  {
   printf("put_Port failed: 0x%08lx/n", hr);
   goto error;
  }

  // Set the IP protocol.
  hr = fwOpenPort->put_Protocol(ipProtocol);
  if (FAILED(hr))
  {
   printf("put_Protocol failed: 0x%08lx/n", hr);
   goto error;
  }

  // Allocate a BSTR for the friendly name of the port.
  fwBstrName = SysAllocString(name);
  if (SysStringLen(fwBstrName) == 0)
  {
   hr = E_OUTOFMEMORY;
   printf("SysAllocString failed: 0x%08lx/n", hr);
   goto error;
  }

  // Set the friendly name of the port.
  hr = fwOpenPort->put_Name(fwBstrName);
  if (FAILED(hr))
  {
   printf("put_Name failed: 0x%08lx/n", hr);
   goto error;
  }

  // Opens the port and adds it to the collection.
  hr = fwOpenPorts->Add(fwOpenPort);
  if (FAILED(hr))
  {
   printf("Add failed: 0x%08lx/n", hr);
   goto error;
  }

  printf("Port %ld is now open in the firewall./n", portNumber);
 }

error:

 // Free the BSTR.
 SysFreeString(fwBstrName);

 // Release the open port instance.
 if (fwOpenPort != NULL)
 {
  fwOpenPort->Release();
 }

 // Release the globally open ports collection.
 if (fwOpenPorts != NULL)
 {
  fwOpenPorts->Release();
 }

 return hr;
}


int __cdecl wmain(int argc, wchar_t* argv[])
{
 HRESULT hr = S_OK;
 HRESULT comInit = E_FAIL;
 INetFwProfile* fwProfile = NULL;

 // Initialize COM.
 comInit = CoInitializeEx(
  0,
  COINIT_APARTMENTTHREADED | COINIT_DISABLE_OLE1DDE
  );

 // Ignore RPC_E_CHANGED_MODE; this just means that COM has already been
 // initialized with a different mode. Since we don't care what the mode is,
 // we'll just use the existing mode.
 if (comInit != RPC_E_CHANGED_MODE)
 {
  hr = comInit;
  if (FAILED(hr))
  {
   printf("CoInitializeEx failed: 0x%08lx/n", hr);
   goto error;
  }
 }

 // Retrieve the firewall profile currently in effect.
 hr = WindowsFirewallInitialize(&fwProfile);
 if (FAILED(hr))
 {
  printf("WindowsFirewallInitialize failed: 0x%08lx/n", hr);
  goto error;
 }

 // Turn off the firewall.
 hr = WindowsFirewallTurnOff(fwProfile);
 if (FAILED(hr))
 {
  printf("WindowsFirewallTurnOff failed: 0x%08lx/n", hr);
  goto error;
 }

 // Turn on the firewall.
 hr = WindowsFirewallTurnOn(fwProfile);
 if (FAILED(hr))
 {
  printf("WindowsFirewallTurnOn failed: 0x%08lx/n", hr);
  goto error;
 }

 // Add Windows Messenger to the authorized application collection.
 hr = WindowsFirewallAddApp(
  fwProfile,
  L"%ProgramFiles%//Messenger//msmsgs.exe",
  L"Windows Messenger"
  );
 if (FAILED(hr))
 {
  printf("WindowsFirewallAddApp failed: 0x%08lx/n", hr);
  goto error;
 }

 // Add TCP::80 to list of globally open ports.
 hr = WindowsFirewallPortAdd(fwProfile, 80, NET_FW_IP_PROTOCOL_TCP, L"WWW");
 if (FAILED(hr))
 {
  printf("WindowsFirewallPortAdd failed: 0x%08lx/n", hr);
  goto error;
 }

error:

 // Release the firewall profile.
 WindowsFirewallCleanup(fwProfile);

 // Uninitialize COM.
 if (SUCCEEDED(comInit))
 {
  CoUninitialize();
 }

 return 0;
}

Xfilter 源代码完整的文件列表 ------------------------------------------------------ .\Common .\Lib .\Property .\Release .\TcpIpDog .\Xfilter.dsw .\readme.txt .\filelist.txt .\Common\XLogFile.h .\Common\XLogFile.cpp .\Common\XInstall.cpp .\Common\XFile.h .\Common\XInstall.h .\Common\XFile.cpp .\Common\Debug.h .\Common\XFileRes.h .\Lib\htmlhelp.h .\Lib\htmlhelp.lib .\Property\Property.opt .\Property\Property.aps .\Property\Property.dsp .\Property\Property.rc .\Property\Property.clw .\Property\ReadMe.txt .\Property\resource.h .\Property\NetIPAria.h .\Property\GuiRes.h .\Property\AclSet.cpp .\Property\SetTime.h .\Property\Acl.cpp .\Property\SetNet.h .\Property\MainSheet.h .\Property\AclSet.h .\Property\Register.h .\Property\SystemSet.cpp .\Property\Splash.h .\Property\Property.dsw .\Property\Acl.h .\Property\Property.ncb .\Property\Splash.cpp .\Property\Property.h .\Property\LogQuery.h .\Property\SetTime.cpp .\Property\MainSheet.cpp .\Property\SetNet.cpp .\Property\NetIPAria.cpp .\Property\About.cpp .\Property\StdAfx.h .\Property\StdAfx.cpp .\Property\SystemSet.h .\Property\Register.cpp .\Property\About.h .\Property\LogQuery.cpp .\Property\Property.cpp .\Property\NetTimeSheet.h .\Property\PacketMonitor.h .\Property\Property.plg .\Property\NetTimeSheet.cpp .\Property\PacketMonitor.cpp .\Property\Internet .\Property\MainFrame .\Property\SystemTray .\Property\res .\Property\HyperLink .\Property\Internet\Internet.cpp .\Property\Internet\Internet.h .\Property\MainFrame\MainFrame.cpp .\Property\MainFrame\mainframe.h .\Property\SystemTray\SystemTray.cpp .\Property\SystemTray\SystemTray.h .\Property\res\Property.rc2 .\Property\res\NULL.ico .\Property\res\Property.ico .\Property\res\about.bmp .\Property\res\Alert.ico .\Property\res\DenyEx1.ico .\Property\res\PassEx1.ico .\Property\res\QueryEx1.ico .\Property\res\splash.bmp .\Property\res\MEMO.ICO .\Property\res\ALERTSET.ICO .\Property\res\APPSET.ICO .\Property\res\BASESET.ICO .\Property\res\COMMONSET.ICO .\Property\res\Monitor.ico .\Property\res\NETSET.ICO .\Property\res\SUPERSET.ICO .\Property\res\TIMESET.ICO .\Property\res\Xfilter.ico .\Property\res\IPSET.ICO .\Property\res\Email.ico .\Property\res\QueryResult.ico .\Property\res\QuerySet.ICO .\Property\res\UserInfo.ico .\Property\res\ACLSET.ICO .\Property\res\Message.ico .\Property\HyperLink\HyperLink.cpp .\Property\HyperLink\HyperLink.h .\Release\xacl.cfg .\Release\Xfilter.chm .\Release\Xfilter.exe .\Release\Xfilter.dll .\Release\xlog.dat .\TcpIpDog\StdAfx.cpp .\TcpIpDog\TcpIpDog.dsp .\TcpIpDog\LspServ.def .\TcpIpDog\ReadMe.txt .\TcpIpDog\CheckAcl.cpp .\TcpIpDog\TcpIpdog.cpp .\TcpIpDog\Codes.h .\TcpIpDog\TcpIpDog.h .\TcpIpDog\ProtocolInfo.h .\TcpIpDog\CheckAcl.h .\TcpIpDog\StdAfx.h .\TcpIpDog\ProtocolInfo.cpp .\TcpIpDog\TcpIpDog.plg
评论 3
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值