使用API​​更新現有的防火牆規則

Question

我能夠在文法上將單獨的規則添加到Windows防火牆（Server 2008 R2），但是我試圖避免每個IP地址有多個規則，並且只想更新現有規則RemoteAddresses 。以下是我用來添加規則的代碼，我正在盡力研究如何更新現有規則遠程地址，但沒有運氣。

任何幫助表示讚賞！

string ip = "x.x.x.x"; 

INetFwRule2 firewallRule = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule")); 

firewallRule.Name = "Block Bad IP Addresses"; 
firewallRule.Description = "Block Nasty Incoming Connections from IP Address."; 
firewallRule.Action = NET_FW_ACTION_.NET_FW_ACTION_BLOCK; 
firewallRule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN; 
firewallRule.Enabled = true; 
firewallRule.InterfaceTypes = "All"; 
firewallRule.RemoteAddresses = ip; 

INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2")); 
firewallPolicy.Rules.Add(firewallRule); 

Answer 1

下面的代碼爲我工作：

INetFwPolicy2 firewallPolicy = (INetFwPolicy2) Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2")); 

var rule = firewallPolicy.Rules.Item("Block Bad IP Addresses"); // Name of your rule here 
rule.Name = "Block Block Block"; // Update the rule here. Nothing else needed to persist the changes 

Answer 2

除了amdmax的答案（抱歉，我不能添加評論），我發現，有沒有簡單的方法調用檢查是否一個規則存在，所以我想出了這個以確保一個規則是否存在或不存在：

INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(
     Type.GetTypeFromProgID("HNetCfg.FwPolicy2")); 

    INetFwRule firewallRule = firewallPolicy.Rules.OfType<INetFwRule>().Where(x => x.Name == RULE_NAME).FirstOrDefault(); 

    if (firewallRule == null) 
    { 
    firewallRule = (INetFwRule)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule")); 
    firewallRule.Name = RULE_NAME; 
    firewallPolicy.Rules.Add(firewallRule); 
    }