Controlling Windows Firewall from .Net

  • Thread starter Thread starter Stuart Parker
  • Start date Start date
S

Stuart Parker

Hi,

I have written a service which listens on a particular port (using
remoting). The service runs under a user account with local admin rights.
This service will run on XP/Server 2003/Vista.

I need to either open the required port, or register my app with the Windows
Firewall so it can receive requests. How can I do this from my code? I'd
like to code a method to make the changes to the firewall when the servce is
running, and then undo the changes when the service stops.

I'm using VB.NET 2005

Cheers for any help

Stu
 
When you think it through, the last thing you actually want is an API that
allows external applications to open ports. It would be a virus writers
dream!
 
Hello Stuart,

See my post there http://groups.google.com/group/micr...read/thread/28dbadee99ff7e3c/8f1ae788620df7c2

SP> Hi,
SP>
SP> I have written a service which listens on a particular port (using
SP> remoting). The service runs under a user account with local admin
SP> rights. This service will run on XP/Server 2003/Vista.
SP>
SP> I need to either open the required port, or register my app with the
SP> Windows Firewall so it can receive requests. How can I do this from
SP> my code? I'd like to code a method to make the changes to the
SP> firewall when the servce is running, and then undo the changes when
SP> the service stops.
SP>
SP> I'm using VB.NET 2005
SP>
SP> Cheers for any help
SP>
SP> Stu
SP>
---
WBR, Michael Nemtsev [C# MVP]. Blog: http://spaces.live.com/laflour
team blog: http://devkids.blogspot.com/

"The greatest danger for most of us is not that our aim is too high and we
miss it, but that it is too low and we reach it" (c) Michelangel
 
Hmmmm... ok, so I just installed a copy of ftp voyager on my laptop, and it
told me I had windows firewall running and asked if I wanted to open the
required ports.

How does it do that? osmosis ?
 
Don't most firewalls just report when an application is trying to do
something, you then get the chance to allow it / deny it through the
firewall.

I'd hate to think that there was a chance that the application could speak
directly to the firewall to do this - all it would need was to find a way of
surpressing any dialog popup (buffer overruns?) and the application gets the
ability to do what it wants to the firewall.
 
Nothing Windows Firewall related popped up during the installation or
operation of FTP Voyager.
 
OK. Ive added a reference to Firewall.DLL in my VB project (Vista has all
the firewall stuff in Firewall.DLL and not HNetCfg.DLL like previous
versions)

So now I have an interop assembly presenting me with a bunch of interfaces.
I may be being completely dumb here, but I can't NEW any of the objects.

dim fwmgr as NetFwTypeLib.INetFwMgr = new ...... doesnt work.

Using Object Browser, I see there are no New() constructors.

What am I doing wrong ?

Cheers
Stu

Stuart Parker said:
You star. Much appreciated

Michael Nemtsev said:
Hello Stuart,

See my post there
http://groups.google.com/group/micr...read/thread/28dbadee99ff7e3c/8f1ae788620df7c2

SP> Hi,
SP> SP> I have written a service which listens on a particular port
(using
SP> remoting). The service runs under a user account with local admin
SP> rights. This service will run on XP/Server 2003/Vista.
SP> SP> I need to either open the required port, or register my app with
the
SP> Windows Firewall so it can receive requests. How can I do this from
SP> my code? I'd like to code a method to make the changes to the
SP> firewall when the servce is running, and then undo the changes when
SP> the service stops.
SP> SP> I'm using VB.NET 2005
SP> SP> Cheers for any help
SP> SP> Stu
SP> ---
WBR, Michael Nemtsev [C# MVP]. Blog: http://spaces.live.com/laflour
team blog: http://devkids.blogspot.com/

"The greatest danger for most of us is not that our aim is too high and
we miss it, but that it is too low and we reach it" (c) Michelangelo
Click to expand...
Click to expand...
 
Paul Hadfield said:
Don't most firewalls just report when an application is trying to do
something, you then get the chance to allow it / deny it through the
firewall.

I'd hate to think that there was a chance that the application could speak
directly to the firewall to do this - all it would need was to find a way of
surpressing any dialog popup (buffer overruns?) and the application gets the
ability to do what it wants to the firewall.
Click to expand...
....

Windows firewall can be easily bypassed, given the administrative
priveleges. There are already viruses that do that:
http://www.sophos.com/virusinfo/analyses/trojagentco.html

Anyway, windows firewall cannot stop any decent virus, as many use code
injection into IE, for example (thus traffic originates from authorized
application). But this is off-topic here.

Regards,
Goran
 
OK. Ive added a reference to Firewall.DLL in my VB project (Vista has
all the firewall stuff in Firewall.DLL and not HNetCfg.DLL like previous
versions)

So now I have an interop assembly presenting me with a bunch of
interfaces. I may be being completely dumb here, but I can't NEW any of
the objects.

dim fwmgr as NetFwTypeLib.INetFwMgr = new ...... doesnt work.
Click to expand...

You're using VB? The sample code I took a quick peek at all uses
"CreateObject()" to instantiate the objects. I haven't done .NET in VB
(only C#) so I don't know the significance of that, but maybe that's the
problem. Have you tried just copying and pasting some of the sample code
included in the MSDN documentation Michael referred you to?

Pete
 
The examples use VBScript, which creates the native COM objects. I'm trying
to use VB.NET with interop. Adding a reference to the required .dll file in
VB.NET produces an interop assembly. That interop assembly is what I'm
coding against and it will not allow me to create new objects as they are
presented as interfaces.

Stu

OK. Ive added a reference to Firewall.DLL in my VB project (Vista has all
the firewall stuff in Firewall.DLL and not HNetCfg.DLL like previous
versions)

So now I have an interop assembly presenting me with a bunch of
interfaces. I may be being completely dumb here, but I can't NEW any of
the objects.

dim fwmgr as NetFwTypeLib.INetFwMgr = new ...... doesnt work.
Click to expand...

You're using VB? The sample code I took a quick peek at all uses
"CreateObject()" to instantiate the objects. I haven't done .NET in VB
(only C#) so I don't know the significance of that, but maybe that's the
problem. Have you tried just copying and pasting some of the sample code
included in the MSDN documentation Michael referred you to?

Pete
 
Back
Top