programming4us
programming4us
ENTERPRISE

Windows 7 : WORKING WITH THE FIREWALL (part 6) - Using the GPO Technique - Adding a New Application Rule, Removing an Application Rule

- How To Install Windows Server 2012 On VirtualBox
- How To Bypass Torrent Connection Blocking By Your ISP
- How To Install Actual Facebook App On Kindle Fire
2/12/2014 2:35:51 AM
6.3. Adding a New Application Rule

This section describes how to create a new application rule. The approach works equally well for a port or service with a little tweaking of the example code. Rules generally provide a basis for creating an exception to the baseline rules. A rule is inbound or outbound and it either allows or blocks an action. The rule is focused on a specific port and could include addresses and specific application information. Listing 11 shows the code used to perform this task.

Example 11. Adding a new application rule to the public profile
private void btnAdd_Click(object sender, EventArgs e)
{
    // Define a GPO policy type.
    Type PolicyType = Type.GetTypeFromProgID("HNetCfg.FwPolicy2");

    // Create the policy object.
    dynamic Policy = Activator.CreateInstance(PolicyType);

    // Define a rule type for the policy.
    Type RuleType = Type.GetTypeFromProgID("HNetCfg.FwRule");

    // Create the rule object.


dynamic Rule = Activator.CreateInstance(RuleType);

    // Define the rule specifics.
    Rule.Name = Application.ProductName;
    Rule.ApplicationName = Application.ExecutablePath;
    Rule.Description = "This is a sample GPO entry.";
    Rule.Profiles = NET_FW_PROFILE2_PUBLIC;
    Rule.Direction = NET_FW_RULE_DIR_IN;
    Rule.Action = NET_FW_ACTION_ALLOW;
    Rule.Protocol = NET_FW_IP_PROTOCOL_TCP;
    Rule.RemoteAddresses = "10.1.1.1/255.255.255.255";
    Rule.RemotePorts = "*";
    Rule.LocalAddresses = "*";
    Rule.LocalPorts = "*";
    Rule.Enabled = true;
    Rule.InterfaceTypes = "All";

    try
    {
        // Add the rule to the list.
        Policy.Rules.Add(Rule);

        // Display a success message.
        MessageBox.Show("Application successfully added!");
    }
    catch (Exception err)
    {
        // Display an error message.
        MessageBox.Show("Couldn't add the Application!\n" +
            err.Message);
    }
}

It then creates a RuleType object using the Type.GetTypeFromProgID() method with HNetCfg.FwRule as an argument. The next step is to create the Rule object using Activator.CreateInstance() with RuleType as the argument.

This example shows typical entries for an application exception. Notice that you must define the rule's direction, the action it performs, and which profile it appears in. As with any other Windows Firewall entry, you must provide a protocol for the rule and any addresses it requires. A rule has both local and remote addresses and ports, so you need to define both. After the code defines the rule, it calls Policy.Rules.Add() to perform the task within a try...catch statement. If you make a mistake in defining the rule, the system will still accept it in many cases without any error (the errors will come later when you try to use the faulty rule to perform useful work). Figure 11 shows the result of this example.

Figure 11. Using rules lets you add a single application entry in the public profile.

Notice that the output is a single rule. If you want an application exception for both TCP and UDP, then you must create two separate rules to do it. Unlike older Windows Firewall techniques, the rule technique doesn't assume that you want both protocols, which actually makes this approach a little safer, albeit more time-consuming and code-intensive. 

Figure 12. Rules make it possible to access all the application exception entries.

6.4. Removing an Application Rule

However, there are some subtle differences that could get you into trouble, as shown in Listing 12.

Example 12. Removing an application rule from the public profile
private void btnRemove_Click(object sender, EventArgs e)
{
    // Define a GPO policy type.

Type PolicyType = Type.GetTypeFromProgID("HNetCfg.FwPolicy2");

    // Create the policy object.
    dynamic Policy = Activator.CreateInstance(PolicyType);

    try
    {

        // Delete the application based on the application path.
        Policy.Rules.Remove(Application.ProductName);

        // Display a success message.
        MessageBox.Show("Application successfully removed!");
    }
    catch (Exception err)
    {
        // Display an error message.
        MessageBox.Show("Couldn't remove the application!\n" +
            err.Message);
    }
}

The first difference is that you create a policy; the Windows Firewall Manager doesn't do it. You still use the Remove() method to perform the task, but notice that you use the rule name — not the application path. Some developers confuse the two techniques and later find that the rules they thought were gone are still entered in the Windows Firewall listing.
Other  
  •  Windows 7 : Developing Applications with Enhanced Security - DEVISING AND IMPLEMENTING A SECURITY POLICY
    •
  •  Windows 7 : Developing Applications with Enhanced Security - CREATING AN APPLICATION WITH ENHANCED SECURITY (part 3) - Developing for Permissions
    •
  •  Windows 7 : Developing Applications with Enhanced Security - CREATING AN APPLICATION WITH ENHANCED SECURITY (part 2) - Developing for Security Roles
    •
  •  Windows 7 : Developing Applications with Enhanced Security - CREATING AN APPLICATION WITH ENHANCED SECURITY (part 1)
    •
  •  Windows 7 : Developing Applications with Enhanced Security - CONSIDERING MODERN APPLICATION SECURITY REQUIREMENTS (part 3) - Working with Security Policies
    •
  •  Windows 7 : Developing Applications with Enhanced Security - CONSIDERING MODERN APPLICATION SECURITY REQUIREMENTS (part 2) - Adding Permissions
  •  Windows 7 : Developing Applications with Enhanced Security - CONSIDERING MODERN APPLICATION SECURITY REQUIREMENTS (part 1)
    •
  •  Microsoft Exchange Server 2010 : Indexing Exchange Public Folders
    •
  •  Microsoft Exchange Server 2010 : Email Integration (part 3) - Configuring Incoming Email - Directory Management Service, Troubleshooting Incoming Email
  •  Microsoft Exchange Server 2010 : Email Integration (part 2) - Configuring Incoming Email
    •
     
    Top 10
    - Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
    - Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
    - Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
    - Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
    - Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
    - Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
    - Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
    - Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
    - Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
    - Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
    REVIEW
    - First look: Apple Watch

    - 3 Tips for Maintaining Your Cell Phone Battery (part 1)

    - 3 Tips for Maintaining Your Cell Phone Battery (part 2)
    programming4us programming4us
    programming4us
     
    		 
    		programming4us