programming4us
programming4us
ENTERPRISE

Windows 7 : WORKING WITH THE FIREWALL (part 4) - Using the GPO Technique - Configuring the Rule Technique Example

- How To Install Windows Server 2012 On VirtualBox
- How To Bypass Torrent Connection Blocking By Your ISP
- How To Install Actual Facebook App On Kindle Fire
2/12/2014 2:33:18 AM

6. Using the GPO Technique

Microsoft has created a new Windows Firewall for Windows 7 that has features you can't access using the older techniques shown in the previous sections. When you need to access these new features, you need to use an entirely different access technique that relies on GPO and a series of rules in place of the techniques used in the past. The following sections provide an overview of how to use these newer techniques.

6.1. Configuring the Rule Technique Example

The Rule Technique example performs three tasks. First, it shows how to enumerate the rules used to configure the Windows Firewall exceptions and services. You need to be able to enumerate these rules to find entries that may be helpful to your application. The same rule configuration applies to ports, applications, and services, so you don't need to worry about any special objects when working with the various Windows Firewall elements. Second, the Rule Technique example shows how to add an application exception. The same technique works for adding ports or services as needed. Third, the Rule Technique example shows how to remove the application exception.

The example begins with a Windows Forms application. You add three buttons: Get Rules (btnGetRules), Add (btnAdd), and Remove (btnRemove). The application also requires use of a list box control, lstRuleList. There isn't any need for special references or using statements. However, the application does require the following constants:

// Entries from ICFTypes.H
// Alternative Profile Type
const Int32 NET_FW_PROFILE2_DOMAIN = 1;
const Int32 NET_FW_PROFILE2_PRIVATE = 2;
const Int32 NET_FW_PROFILE2_PUBLIC = 4;
const Int32 NET_FW_PROFILE2_ALL = 2147483647;

// Protocol
const Int32 NET_FW_IP_PROTOCOL_TCP = 6;
const Int32 NET_FW_IP_PROTOCOL_UDP = 17;
const Int32 NET_FW_IP_PROTOCOL_ICMPv4 = 1;
const Int32 NET_FW_IP_PROTOCOL_ICMPv6 = 58;

// Direction
const Int32 NET_FW_RULE_DIR_IN = 1;
const Int32 NET_FW_RULE_DIR_OUT = 2;

// Action
const Int32 NET_FW_ACTION_BLOCK = 0;
const Int32 NET_FW_ACTION_ALLOW = 1;

Figure 9. Rules can use a number of protocols.

Notice that these constants come from the ICFTypes.H file. Reviewing this file is helpful when you need other ideas for working with rules in the Windows Firewall. In this case, you see the constants for all three profiles and a special constant used when all three profiles are required by the rule. The list of protocols is a little short. A rule can employ any of the protocols shown in Figure 9. The problem is that the ICFTypes.H file only documents the TCP and UDP protocols — NET_FW_IP_PROTOCOL_ICMPv4 and NET_FW_IP_PROTOCOL_ICMPv6 are the result of experimentation. All the other constants do appear in the ICFTypes.H file.
Other  
  •  Windows 7 : Developing Applications with Enhanced Security - DEVISING AND IMPLEMENTING A SECURITY POLICY
    •
  •  Windows 7 : Developing Applications with Enhanced Security - CREATING AN APPLICATION WITH ENHANCED SECURITY (part 3) - Developing for Permissions
    •
  •  Windows 7 : Developing Applications with Enhanced Security - CREATING AN APPLICATION WITH ENHANCED SECURITY (part 2) - Developing for Security Roles
    •
  •  Windows 7 : Developing Applications with Enhanced Security - CREATING AN APPLICATION WITH ENHANCED SECURITY (part 1)
    •
  •  Windows 7 : Developing Applications with Enhanced Security - CONSIDERING MODERN APPLICATION SECURITY REQUIREMENTS (part 3) - Working with Security Policies
    •
  •  Windows 7 : Developing Applications with Enhanced Security - CONSIDERING MODERN APPLICATION SECURITY REQUIREMENTS (part 2) - Adding Permissions
  •  Windows 7 : Developing Applications with Enhanced Security - CONSIDERING MODERN APPLICATION SECURITY REQUIREMENTS (part 1)
    •
  •  Microsoft Exchange Server 2010 : Indexing Exchange Public Folders
    •
  •  Microsoft Exchange Server 2010 : Email Integration (part 3) - Configuring Incoming Email - Directory Management Service, Troubleshooting Incoming Email
  •  Microsoft Exchange Server 2010 : Email Integration (part 2) - Configuring Incoming Email
    •
     
    Top 10
    - Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
    - Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
    - Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
    - Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
    - Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
    - Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
    - Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
    - Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
    - Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
    - Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
    REVIEW
    - First look: Apple Watch

    - 3 Tips for Maintaining Your Cell Phone Battery (part 1)

    - 3 Tips for Maintaining Your Cell Phone Battery (part 2)
    programming4us programming4us
    programming4us
     
    		 
    		programming4us