Articles
Contact us |
|
Windows Firewall API (XP SP2) in VB.NETWith the advent of Windows XP SP2, every time an application makes an outgoing request to the internet, the user is prompted with a dialog box asking them to permit the access. Also, if your application attempts to listen to connections from the internet, the windows firewall will prompt the user.This can be irratating to users, and may "scare them off" from using your application. There is however an API available to programmatically access the Windows firewall, and as long as the application is running with administrator priviliges. The API is COM based, and is contained in C:\WINDOWS\system32\hnetcfg.dll I developed a VB.NET application, (ported from an example in the Windows SDK), which uses the Firewall API to list all the properties of the windows firewall. Note that this code will only work in Windows XP SP2. You will need to add a COM reference to C:\WINDOWS\system32\hnetcfg.dll, and a multiline textbox called TextBox.
Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
Const NET_FW_SCOPE_ALL = 0
Const NET_FW_SCOPE_ALL_NAME = "All subnets"
Const NET_FW_SCOPE_LOCAL_SUBNET = 1
Const NET_FW_SCOPE_LOCAL_SUBNET_NAME = "Local subnet only"
Const NET_FW_SCOPE_CUSTOM = 2
Const NET_FW_SCOPE_CUSTOM_NAME = "Custom Scope (see RemoteAddresses)"
' Profile Type
Const NET_FW_PROFILE_DOMAIN = 0
Const NET_FW_PROFILE_DOMAIN_NAME = "Domain"
Const NET_FW_PROFILE_STANDARD = 1
Const NET_FW_PROFILE_STANDARD_NAME = "Standard"
' IP Version
Const NET_FW_IP_VERSION_V4 = 0
Const NET_FW_IP_VERSION_V4_NAME = "IPv4"
Const NET_FW_IP_VERSION_V6 = 1
Const NET_FW_IP_VERSION_V6_NAME = "IPv6"
Const NET_FW_IP_VERSION_ANY = 2
Const NET_FW_IP_VERSION_ANY_NAME = "ANY"
' Protocol
Const NET_FW_IP_PROTOCOL_TCP = 6
Const NET_FW_IP_PROTOCOL_TCP_NAME = "TCP"
Const NET_FW_IP_PROTOCOL_UDP = 17
Const NET_FW_IP_PROTOCOL_UDP_NAME = "UDP"
' Create the firewall manager object.
Dim fwMgr As NetFwTypeLib.INetFwMgr
' Create an object from this interface
fwMgr = GetFwMgr()
' Get the current profile for the local firewall policy.
Dim profile
profile = fwMgr.LocalPolicy.CurrentProfile
TextBox.Text += vbCrLf + (vbCrLf & "Dumping local firewall profile ...")
' Print the Profile information
Select Case profile.Type
Case NET_FW_PROFILE_DOMAIN
TextBox.Text += vbCrLf + ("Type: " & NET_FW_PROFILE_DOMAIN_NAME)
Case NET_FW_PROFILE_STANDARD
TextBox.Text += vbCrLf + ("Type: " & _
NET_FW_PROFILE_STANDARD_NAME)
End Select
TextBox.Text += vbCrLf + ("Firewall Enabled: " & profile.FirewallEnabled)
TextBox.Text += vbCrLf + ("Exceptions Not Allowed: " & profile.ExceptionsNotAllowed)
TextBox.Text += vbCrLf + ("Notifications Disabled: " & profile.NotificationsDisabled)
TextBox.Text += vbCrLf + ("UnicastResponsestoMulticastBroadcastDisabled: " & _
profile.UnicastResponsestoMulticastBroadcastDisabled & vbCrLf)
' Print the Remote Admin settings.
Dim RASettings
RASettings = profile.RemoteAdminSettings
TextBox.Text += vbCrLf + ("Remote Administration Enabled: " & RASettings.Enabled)
Select Case RASettings.IpVersion
Case NET_FW_IP_VERSION_V4
TextBox.Text += vbCrLf + ("Remote Administration IP Version: " & _
NET_FW_IP_VERSION_V4_NAME)
Case NET_FW_IP_VERSION_V6
TextBox.Text += vbCrLf + ("Remote Administration IP Version: " & _
NET_FW_IP_VERSION_V6_NAME)
Case NET_FW_IP_VERSION_ANY
TextBox.Text += vbCrLf + ("Remote Administration IP Version: " & _
NET_FW_IP_VERSION_ANY_NAME)
End Select
Select Case RASettings.Scope
Case NET_FW_SCOPE_ALL
TextBox.Text += vbCrLf + ("Remote Administration Scope: " & _
NET_FW_SCOPE_ALL_NAME)
Case NET_FW_SCOPE_LOCAL_SUBNET
TextBox.Text += vbCrLf + ("Remote Administration Scope: " & _
NET_FW_SCOPE_LOCAL_SUBNET_NAME)
Case NET_FW_SCOPE_CUSTOM
TextBox.Text += vbCrLf + ("Remote Administration Scope: " & _
NET_FW_SCOPE_CUSTOM_NAME)
End Select
TextBox.Text += vbCrLf + ("Remote Administration RemoteAddresses: " & _
RASettings.RemoteAddresses)
TextBox.Text += vbCrLf + (vbCrLf)
' Print the ICMP Settings.
Dim icmpSettings
icmpSettings = profile.IcmpSettings
TextBox.Text += vbCrLf + ("ICMP Settings:")
TextBox.Text += vbCrLf + (" AllowOutboundDestinationUnreachable: " & _
icmpSettings.AllowOutboundDestinationUnreachable)
TextBox.Text += vbCrLf + (" AllowOutboundSourceQuench: " & _
icmpSettings.AllowOutboundSourceQuench)
TextBox.Text += vbCrLf + (" AllowRedirect: " & _
icmpSettings.AllowRedirect)
TextBox.Text += vbCrLf + (" AllowInboundEchoRequest: " & _
icmpSettings.AllowInboundEchoRequest)
TextBox.Text += vbCrLf + (" AllowInboundRouterRequest: " & _
icmpSettings.AllowInboundRouterRequest)
TextBox.Text += vbCrLf + (" AllowOutboundTimeExceeded: " & _
icmpSettings.AllowOutboundTimeExceeded)
TextBox.Text += vbCrLf + (" AllowOutboundParameterProblem: " & _
icmpSettings.AllowOutboundParameterProblem)
TextBox.Text += vbCrLf + (" AllowInboundTimestampRequest: " & _
icmpSettings.AllowInboundTimestampRequest)
TextBox.Text += vbCrLf + (" AllowInboundMaskRequest: " & _
icmpSettings.AllowInboundMaskRequest)
TextBox.Text += vbCrLf + (vbCrLf)
' Print all the globally open ports.
TextBox.Text += vbCrLf + ("Globally Open Ports: " & profile.GloballyOpenPorts.Count)
Dim port
For Each port In profile.GloballyOpenPorts
TextBox.Text += vbCrLf + (" Name: " & port.Name)
TextBox.Text += vbCrLf + (" Port Number: " & port.Port)
Select Case port.Protocol
Case NET_FW_IP_PROTOCOL_TCP
TextBox.Text += vbCrLf + (" IP Protocol: " & _
NET_FW_IP_PROTOCOL_TCP_NAME)
Case NET_FW_IP_PROTOCOL_UDP
TextBox.Text += vbCrLf + (" IP Protocol: " & _
NET_FW_IP_PROTOCOL_UDP_NAME)
End Select
TextBox.Text += vbCrLf + (" BuiltIn: " & port.BuiltIn)
Select Case port.IpVersion
Case NET_FW_IP_VERSION_V4
TextBox.Text += vbCrLf + (" IP Version: " & _
NET_FW_IP_VERSION_V4_NAME)
Case NET_FW_IP_VERSION_V6
TextBox.Text += vbCrLf + (" IP Version: " & _
NET_FW_IP_VERSION_V6_NAME)
Case NET_FW_IP_VERSION_ANY
TextBox.Text += vbCrLf + (" IP Version: " & _
NET_FW_IP_VERSION_ANY_NAME)
End Select
Select Case port.Scope
Case NET_FW_SCOPE_ALL
TextBox.Text += vbCrLf + (" Scope: " & _
NET_FW_SCOPE_ALL_NAME)
Case NET_FW_SCOPE_LOCAL_SUBNET
TextBox.Text += vbCrLf + (" Scope: " & _
NET_FW_SCOPE_LOCAL_SUBNET_NAME)
Case NET_FW_SCOPE_CUSTOM
TextBox.Text += vbCrLf + (" Scope: " & _
NET_FW_SCOPE_CUSTOM_NAME)
End Select
TextBox.Text += vbCrLf + (" RemoteAddresses: " & port.RemoteAddresses)
TextBox.Text += vbCrLf + (" Enabled: " & port.Enabled & vbCrLf)
Next
' Print all the services
TextBox.Text += vbCrLf + ("Services: " & profile.Services.Count)
Dim service
For Each service In profile.Services
TextBox.Text += vbCrLf + (" Name: " & service.Name)
TextBox.Text += vbCrLf + (" Type: " & service.Type)
TextBox.Text += vbCrLf + (" Customized: " & service.Customized)
Select Case service.IpVersion
Case NET_FW_IP_VERSION_V4
TextBox.Text += vbCrLf + (" IP Version: " & _
NET_FW_IP_VERSION_V4_NAME)
Case NET_FW_IP_VERSION_V6
TextBox.Text += vbCrLf + (" IP Version: " & _
NET_FW_IP_VERSION_V6_NAME)
Case NET_FW_IP_VERSION_ANY
TextBox.Text += vbCrLf + (" IP Version: " & _
NET_FW_IP_VERSION_ANY_NAME)
End Select
Select Case service.Scope
Case NET_FW_SCOPE_ALL
TextBox.Text += vbCrLf + (" Scope: " & _
NET_FW_SCOPE_ALL_NAME)
Case NET_FW_SCOPE_LOCAL_SUBNET
TextBox.Text += vbCrLf + (" Scope: " & _
NET_FW_SCOPE_LOCAL_SUBNET_NAME)
Case NET_FW_SCOPE_CUSTOM
TextBox.Text += vbCrLf + (" Scope: " & _
NET_FW_SCOPE_CUSTOM_NAME)
End Select
TextBox.Text += vbCrLf + (" RemoteAddresses: " & service.RemoteAddresses)
TextBox.Text += vbCrLf + (" Enabled: " & service.Enabled)
TextBox.Text += vbCrLf + (" Globally Open Ports: " & service.GloballyOpenPorts.Count)
For Each port In service.GloballyOpenPorts
TextBox.Text += vbCrLf + (" Name: " & port.Name)
TextBox.Text += vbCrLf + (" Port Number: " & port.Port)
Select Case port.Protocol
Case NET_FW_IP_PROTOCOL_TCP
TextBox.Text += vbCrLf + (" IP Protocol: " & _
NET_FW_IP_PROTOCOL_TCP_NAME)
Case NET_FW_IP_PROTOCOL_UDP
TextBox.Text += vbCrLf + (" IP Protocol: " & _
NET_FW_IP_PROTOCOL_UDP_NAME)
End Select
TextBox.Text += vbCrLf + (" BuiltIn: " & port.BuiltIn)
Select Case port.IpVersion
Case NET_FW_IP_VERSION_V4
TextBox.Text += vbCrLf + (" IP Version: " & _
NET_FW_IP_VERSION_V4_NAME)
Case NET_FW_IP_VERSION_V6
TextBox.Text += vbCrLf + (" IP Version: " & _
NET_FW_IP_VERSION_V6_NAME)
Case NET_FW_IP_VERSION_ANY
TextBox.Text += vbCrLf + (" IP Version: " & _
NET_FW_IP_VERSION_ANY_NAME)
End Select
Select Case port.Scope
Case NET_FW_SCOPE_ALL
TextBox.Text += vbCrLf + (" Scope: " & _
NET_FW_SCOPE_ALL_NAME)
Case NET_FW_SCOPE_LOCAL_SUBNET
TextBox.Text += vbCrLf + (" Scope: " & _
NET_FW_SCOPE_LOCAL_SUBNET_NAME)
Case NET_FW_SCOPE_CUSTOM
TextBox.Text += vbCrLf + (" Scope: " & _
NET_FW_SCOPE_CUSTOM_NAME)
End Select
TextBox.Text += vbCrLf + (" RemoteAddresses: " & port.RemoteAddresses)
TextBox.Text += vbCrLf + (" Enabled: " & port.Enabled & vbCrLf)
Next
Next
' Print all the authorized applications
TextBox.Text += vbCrLf + (vbCrLf & "Authorized Applications: " & _
profile.AuthorizedApplications.Count)
Dim app
For Each app In profile.AuthorizedApplications
TextBox.Text += vbCrLf + (" Name: " & app.Name)
TextBox.Text += vbCrLf + (" Image Filename " & app.ProcessImageFileName)
Select Case app.IpVersion
Case NET_FW_IP_VERSION_V4
TextBox.Text += vbCrLf + (" IP Version: " & _
NET_FW_IP_VERSION_V4_NAME)
Case NET_FW_IP_VERSION_V6
TextBox.Text += vbCrLf + (" IP Version: " & _
NET_FW_IP_VERSION_V6_NAME)
Case NET_FW_IP_VERSION_ANY
TextBox.Text += vbCrLf + (" IP Version: " & _
NET_FW_IP_VERSION_ANY_NAME)
End Select
Select Case app.Scope
Case NET_FW_SCOPE_ALL
TextBox.Text += vbCrLf + (" Scope: " & _
NET_FW_SCOPE_ALL_NAME)
Case NET_FW_SCOPE_LOCAL_SUBNET
TextBox.Text += vbCrLf + (" Scope: " & _
NET_FW_SCOPE_LOCAL_SUBNET_NAME)
Case NET_FW_SCOPE_CUSTOM
TextBox.Text += vbCrLf + (" Scope: " & _
NET_FW_SCOPE_CUSTOM_NAME)
End Select
TextBox.Text += vbCrLf + (" RemoteAddresses: " & app.RemoteAddresses)
TextBox.Text += vbCrLf + (" Enabled: " & app.Enabled)
Next
End Sub
Public Shared Function GetFwMgr() As NetFwTypeLib.INetFwMgr
Dim oINetFwMgr As NetFwTypeLib.INetFwMgr
Dim NetFwMgrObject As Object
Dim NetFwMgrType As Type
' Use the COM CLSID to get the associated .NET System.Type
NetFwMgrType = Type.GetTypeFromCLSID( _
New Guid("{304CE942-6E39-40D8-943A-B913C40C9CD4}"))
' Create an instance of the object
NetFwMgrObject = Activator.CreateInstance(NetFwMgrType)
oINetFwMgr = NetFwMgrObject
Return oINetFwMgr
End Function
This produces the following output (on my machine):
Dumping local firewall profile ...
Type: Standard
Firewall Enabled: True
Exceptions Not Allowed: False
Notifications Disabled: False
UnicastResponsestoMulticastBroadcastDisabled: False
Remote Administration Enabled: False
Remote Administration IP Version: ANY
Remote Administration Scope: All subnets
Remote Administration RemoteAddresses: *
ICMP Settings:
AllowOutboundDestinationUnreachable: False
AllowOutboundSourceQuench: False
AllowRedirect: False
AllowInboundEchoRequest: False
AllowInboundRouterRequest: False
AllowOutboundTimeExceeded: False
AllowOutboundParameterProblem: False
AllowInboundTimestampRequest: False
AllowInboundMaskRequest: False
Globally Open Ports: 0
Services: 3
Name: File and Printer Sharing
Type: 0
Customized: False
IP Version: ANY
Scope: Local subnet only
RemoteAddresses: LocalSubNet
Enabled: True
Globally Open Ports: 4
Name: NetBIOS Session Service
Port Number: 139
IP Protocol: TCP
BuiltIn: True
IP Version: ANY
Scope: Local subnet only
RemoteAddresses: LocalSubNet
Enabled: True
Name: SMB over TCP
Port Number: 445
IP Protocol: TCP
BuiltIn: True
IP Version: ANY
Scope: Local subnet only
RemoteAddresses: LocalSubNet
Enabled: True
Name: NetBIOS Name Service
Port Number: 137
IP Protocol: UDP
BuiltIn: True
IP Version: ANY
Scope: Local subnet only
RemoteAddresses: LocalSubNet
Enabled: True
Name: NetBIOS Datagram Service
Port Number: 138
IP Protocol: UDP
BuiltIn: True
IP Version: ANY
Scope: Local subnet only
RemoteAddresses: LocalSubNet
Enabled: True
Name: UPnP Framework
Type: 1
Customized: False
IP Version: ANY
Scope: Local subnet only
RemoteAddresses: LocalSubNet
Enabled: False
Globally Open Ports: 2
Name: SSDP Component of UPnP Framework
Port Number: 1900
IP Protocol: UDP
BuiltIn: True
IP Version: ANY
Scope: Local subnet only
RemoteAddresses: LocalSubNet
Enabled: False
Name: UPnP Framework over TCP
Port Number: 2869
IP Protocol: TCP
BuiltIn: True
IP Version: ANY
Scope: Local subnet only
RemoteAddresses: LocalSubNet
Enabled: False
Name: Remote Desktop
Type: 2
Customized: False
IP Version: ANY
Scope: All subnets
RemoteAddresses: *
Enabled: False
Globally Open Ports: 1
Name: Remote Desktop
Port Number: 3389
IP Protocol: TCP
BuiltIn: True
IP Version: ANY
Scope: All subnets
RemoteAddresses: *
Enabled: False
Authorized Applications: 12
Name: Remote Assistance
Image Filename C:\WINDOWS\system32\sessmgr.exe
IP Version: ANY
Scope: All subnets
RemoteAddresses: *
Enabled: True
Name: MSN Messenger 6.2
Image Filename C:\Program Files\MSN Messenger\msnmsgr.exe
IP Version: ANY
Scope: All subnets
RemoteAddresses: *
Enabled: True
Name: SmartFTP
Image Filename C:\Program Files\SmartFTP\SmartFTP.exe
IP Version: ANY
Scope: All subnets
RemoteAddresses: *
Enabled: True
Name: Internet Explorer
Image Filename C:\Program Files\Internet Explorer\iexplore.exe
IP Version: ANY
Scope: All subnets
RemoteAddresses: *
Enabled: True
Name: ICQ Lite
Image Filename C:\Program Files\ICQLite\ICQLite.exe
IP Version: ANY
Scope: All subnets
RemoteAddresses: *
Enabled: True
Name: EditPlus
Image Filename C:\Program Files\EditPlus 2\editplus.exe
IP Version: ANY
Scope: All subnets
RemoteAddresses: *
Enabled: True
Name: WebDev.WebServer.exe
Image Filename D:\Visual Web Developer 2005\Common7\IDE\WebDev.WebServer.EXE
IP Version: ANY
Scope: All subnets
RemoteAddresses: *
Enabled: True
Name: Visual Basic
Image Filename C:\Program Files\Microsoft Visual Studio\VB98\VB6.EXE
IP Version: ANY
Scope: All subnets
RemoteAddresses: *
Enabled: True
Name: Webcognition
Image Filename C:\Program Files\Webcognition\Webcognition.exe
IP Version: ANY
Scope: All subnets
RemoteAddresses: *
Enabled: True
Name: mono
Image Filename C:\research\mono\Mono-1.0.4\lib\mono.exe
IP Version: ANY
Scope: All subnets
RemoteAddresses: *
Enabled: True
Name: javaw
Image Filename C:\Documents and Settings\admin\Local
Settings\Temp\j2eesdk-1_4_2004Q4-beta-windows.exe2\package\jre\bin\javaw.exe
IP Version: ANY
Scope: All subnets
RemoteAddresses: *
Enabled: True
Name: btdownloadgui
Image Filename C:\Program Files\BitTorrent\btdownloadgui.exe
IP Version: ANY
Scope: All subnets
RemoteAddresses: *
Enabled: True
|
