以編程方式告訴Windows防火牆使用專用網絡

Question

當我運行我的C＃控制檯應用程序時，Windows防火牆彈出請求訪問vshost32（我的應用程序偵聽通過端口1234使用TCP和UDP傳入消息）。我接受提供的建議（專用網絡）。控制檯應用程序然後工作正常。

我不希望用戶處理這個問題，所以我添加了下面的代碼。但是，當我調查在控制面板>防火牆中完成的操作時，它似乎啓用了「公共網絡」而不是專用網絡。只要允許我的應用程序工作，這是沒有用的。

在下面的代碼中是否有調整來強制它到專用網絡？

INetFwOpenPorts ports3; 
INetFwOpenPort port3 = (INetFwOpenPort)Activator.CreateInstance(
    Type.GetTypeFromProgID("HNetCfg.FWOpenPort")); 
port3.Port = 1234; 
port3.Name = "vshost32.exe"; 
port3.Enabled = true; 

//**UPDATE** added for suggestion in answer below - still doesnt change anything though 
port3.Scope = NetFwTypeLib.NET_FW_SCOPE_.NET_FW_SCOPE_LOCAL_SUBNET; 

Type NetFwMgrType = Type.GetTypeFromProgID("HNetCfg.FwMgr", false); 
INetFwMgr mgr3 = (INetFwMgr)Activator.CreateInstance(NetFwMgrType); 
ports3 = (INetFwOpenPorts)mgr3.LocalPolicy.CurrentProfile.GloballyOpenPorts; 
ports3.Add(port3); 

Answer 1

INetFwRule firewallRule = (INetFwRule)Activator.CreateInstance(
     Type.GetTypeFromProgID("HNetCfg.FWRule")); 

    INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(
     Type.GetTypeFromProgID("HNetCfg.FwPolicy2")); 

    firewallRule.ApplicationName = "<path to your app>"; 

    firewallRule.Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW; 
    firewallRule.Description = " My Windows Firewall Rule"; 
    firewallRule.Enabled = true; 
    firewallRule.InterfaceTypes = "All"; 
    firewallRule.Name = "<your rule name>"; 

    // Should really check that rule is not already present before add in 
    firewallPolicy.Rules.Add(firewallRule);   

Answer 2

請參閱我的answer到您以前的question。

看一看下列行：

private static int Main (string [] args) 
{ 
    var application = new NetFwAuthorizedApplication() 
    { 
     Name = "MyService", 
     Enabled = true, 
     RemoteAddresses = "*", 
     Scope = NET_FW_SCOPE_.NET_FW_SCOPE_ALL, 
     IpVersion = NET_FW_IP_VERSION_.NET_FW_IP_VERSION_ANY, 
     ProcessImageFileName = "ServiceAssemblyName.dll", 
    }; 

    return (FirewallUtilities.AddApplication(application, out exception) ? 0 : -1); 
} 

的NET_FW_SCOPE_枚舉具有以下值：

• NET_FW_SCOPE_ALL = 0，
• NET_FW_SCOPE_LOCAL_SUBNET = 1，
• NET_FW_SCOPE_CUSTOM = 2 ，
• NET_FW_SCOPE_MAX = 3，

您可以進一步限制規則的端口，協議以及遠程地址。

UPDATE：

這裏是缺少ReleaseComObject功能。放置任何名稱空間並刪除對ComUtilities的引用。

public static void ReleaseComObject (object o) 
    { 
     try 
     { 
      if (o != null) 
      { 
       if (Marshal.IsComObject(o)) 
       { 
        Marshal.ReleaseComObject(o); 
       } 
      } 
     } 
     finally 
     { 
      o = null; 
     } 
    } 

這裏是NetFwAuthorizedApplication類：

命名空間MySolution.Configurator.Firewall { 使用系統;使用System.Linq的 ;使用NetFwTypeLib的 ;

public sealed class NetFwAuthorizedApplication: 
    INetFwAuthorizedApplication 
{ 
    public string Name { get; set; } 
    public bool Enabled { get; set; } 
    public NET_FW_SCOPE_ Scope { get; set; } 
    public string RemoteAddresses { get; set; } 
    public string ProcessImageFileName { get; set; } 
    public NET_FW_IP_VERSION_ IpVersion { get; set; } 

    public NetFwAuthorizedApplication() 
    { 
     this.Name = ""; 
     this.Enabled = false; 
     this.RemoteAddresses = ""; 
     this.ProcessImageFileName = ""; 
     this.Scope = NET_FW_SCOPE_.NET_FW_SCOPE_ALL; 
     this.IpVersion = NET_FW_IP_VERSION_.NET_FW_IP_VERSION_ANY; 
    } 

    public NetFwAuthorizedApplication (string name, bool enabled, string remoteAddresses, NET_FW_SCOPE_ scope, NET_FW_IP_VERSION_ ipVersion, string processImageFileName) 
    { 
     this.Name = name; 
     this.Scope = scope; 
     this.Enabled = enabled; 
     this.IpVersion = ipVersion; 
     this.RemoteAddresses = remoteAddresses; 
     this.ProcessImageFileName = processImageFileName; 
    } 

    public static NetFwAuthorizedApplication FromINetFwAuthorizedApplication (INetFwAuthorizedApplication application) 
    { 
     return (new NetFwAuthorizedApplication(application.Name, application.Enabled, application.RemoteAddresses, application.Scope, application.IpVersion, application.ProcessImageFileName)); 
    } 
} 

}