programming4us
programming4us
ENTERPRISE

Windows 7 : WORKING WITH THE FIREWALL (part 3) - Adding and Deleting Ports

- How To Install Windows Server 2012 On VirtualBox
- How To Bypass Torrent Connection Blocking By Your ISP
- How To Install Actual Facebook App On Kindle Fire
2/12/2014 2:02:52 AM

4. Adding and Deleting Ports

Unless you want to engage in some fancy programming, you're a bit limited on ports you can add to the Windows Firewall. For example, you can't easily create a port that provides specific user configuration information. The technique shown in the Add Port example will create a private port using any of the supported protocols (the example shows two, but many others are available). You can create ports for a given scope or a specific address as needed. Even with the limitations of this technique, it will answer most application needs.

The Add Port example begins with a Windows Forms application. You add two buttons: Add (btnAdd) to add the port and Delete (btnDelete) to remove the port. The application doesn't require any special references or using statements. It does require that you add the following constants:

// Define Constants from the SDK
// Scope
const Int32 NET_FW_SCOPE_ALL = 0;
const Int32 NET_FW_SCOPE_LOCAL_SUBNET = 1;
const Int32 NET_FW_SCOPE_CUSTOM = 2;

// Protocol
const Int32 NET_FW_IP_PROTOCOL_TCP = 6;
const Int32 NET_FW_IP_PROTOCOL_UDP = 17;

Now that you have the basics in place, it's time to add the port. Listing 6 shows the code used to add a private port to the system.

Example 6. Adding a port to the Windows Firewall
private void btnAdd_Click(object sender, EventArgs e)
{
// Create the firewall type.
Type FWManagerType = Type.GetTypeFromProgID("HNetCfg.FwMgr");

// Use the firewall type to create a firewall manager object.
dynamic FWManager = Activator.CreateInstance(FWManagerType);

// Obtain the firewall profile information.
dynamic FWProfile = FWManager.LocalPolicy.CurrentProfile;

// Create the port type.
Type PortType = Type.GetTypeFromProgID("HNetCfg.FWOpenPort");

// Define a new port instance.
dynamic NewPort = Activator.CreateInstance(PortType);

// Specify the port parameters.
NewPort.Name = "MyPort";
NewPort.Protocol = NET_FW_IP_PROTOCOL_TCP;
NewPort.Port = 9999;

// The port entry must also include either a scope or a

// remote address entry, but not both.
//NewPort.Scope = NET_FW_SCOPE_LOCAL_SUBNET;
NewPort.RemoteAddresses = "10.1.1.1/255.255.255.255";

// Enable the port.
NewPort.Enabled = true;

try
{
// Try adding the port.
FWProfile.GloballyOpenPorts.Add(NewPort);

// Display a success message.
MessageBox.Show("Port successfully added!");
}
catch (Exception err)
{
// Display an error message.
MessageBox.Show("Couldn't add the port!\n" +
err.Message);
}
}

The code begins by creating the HNetCfg.FwMgr Type object and using it to create the Windows Firewall Manager object, FWManager. The code then gains access to the LocalPolicy.CurrentProfile property used to change the local policy (FWProfile). This part of the example is much like the other examples you've seen so far in the chapter.

This example creates another Type, HNetCfg.FWOpenPort, which is used to describe a Windows Firewall port. The code uses the PortType object to create a port object, NewPort, using the Activator.CreateInstance() method. At this point, the code begins defining the port characteristics. This port has a name of MyPort and it uses the TCP protocol on Port 9999. You also need to assign either a scope or a remote address, but not both. The example uses a remote address, so it assigns a value to the RemoteAddresses property. Finally, the code sets NewPort.Enabled to true so that the port is active after the system adds it.

A lot of examples on the Internet show that the GloballyOpenPorts.Add() method returns an error value. This isn't the case when working in a managed application. Make sure you place your call in a try block as shown. The GloballyOpenPorts.Add() method accepts just one argument, the NewPort object you created.

To see the port that the system has just added, you need to open the Windows Firewall with Advanced Security window and select the Inbound Rules folder. Figure 5 shows typical results for this example.

Figure 5. The port appears in the Inbound Rules folder.

Double-click the entry to display the port's Properties dialog box shown in Figure 6. The Properties dialog box displays everything you've configured for the port. It also displays information that you can't change programmatically using this technique, such as adding a port description. It's helpful to review the various properties on the tabs shown in Figure 6 to see if you need to change any options using some other method. Normally this requires that you create a Group Policy Object (GPO) or resort to some other means. Normally, you'll find the results of this technique satisfactory, and the coding is straightforward.

Figure 6. Opening the port Properties dialog box shows all the settings you've made.

Removing the port is easier than adding it. In this case, you supply the port and protocol to uniquely identify the port. Listing 7 shows the code used to delete a port.

Example 7. Removing a port from the Windows Firewall
private void btnDelete_Click(object sender, EventArgs e)
{
// Create the firewall type.
Type FWManagerType = Type.GetTypeFromProgID("HNetCfg.FwMgr");

// Use the firewall type to create a firewall manager object.
dynamic FWManager = Activator.CreateInstance(FWManagerType);

// Obtain the firewall profile information.
dynamic FWProfile = FWManager.LocalPolicy.CurrentProfile;

try
{

// Delete the port based on the port name.
FWProfile.GloballyOpenPorts.Remove(9999,NET_FW_IP_PROTOCOL_TCP);

// Display a success message.
MessageBox.Show("Port successfully deleted!");
}
catch (Exception err)
{
// Display an error message.
MessageBox.Show("Couldn't delete the port!\n" +
err.Message);
}
}


In this case, you don't need to create a HNetCfg.FWOpenPort object. The code begins by accessing the profile, FWProfile, as normal. It then calls the GloballyOpenPorts.Remove() method to remove the port. You must supply the port number and protocol type as inputs. As with adding a port, make sure you place the removal code within a try block to catch any errors.

Other  
  •  Windows 7 : Developing Applications with Enhanced Security - DEVISING AND IMPLEMENTING A SECURITY POLICY
  •  Windows 7 : Developing Applications with Enhanced Security - CREATING AN APPLICATION WITH ENHANCED SECURITY (part 3) - Developing for Permissions
  •  Windows 7 : Developing Applications with Enhanced Security - CREATING AN APPLICATION WITH ENHANCED SECURITY (part 2) - Developing for Security Roles
  •  Windows 7 : Developing Applications with Enhanced Security - CREATING AN APPLICATION WITH ENHANCED SECURITY (part 1)
  •  Windows 7 : Developing Applications with Enhanced Security - CONSIDERING MODERN APPLICATION SECURITY REQUIREMENTS (part 3) - Working with Security Policies
  •  Windows 7 : Developing Applications with Enhanced Security - CONSIDERING MODERN APPLICATION SECURITY REQUIREMENTS (part 2) - Adding Permissions
  •  Windows 7 : Developing Applications with Enhanced Security - CONSIDERING MODERN APPLICATION SECURITY REQUIREMENTS (part 1)
  •  Microsoft Exchange Server 2010 : Indexing Exchange Public Folders
  •  Microsoft Exchange Server 2010 : Email Integration (part 3) - Configuring Incoming Email - Directory Management Service, Troubleshooting Incoming Email
  •  Microsoft Exchange Server 2010 : Email Integration (part 2) - Configuring Incoming Email
  •  
    Top 10
    - Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
    - Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
    - Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
    - Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
    - Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
    - Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
    - Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
    - Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
    - Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
    - Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
    REVIEW
    - First look: Apple Watch

    - 3 Tips for Maintaining Your Cell Phone Battery (part 1)

    - 3 Tips for Maintaining Your Cell Phone Battery (part 2)
    programming4us programming4us
    programming4us
     
     
    programming4us