通過代碼操作防火牆的方式有兩種:一是代碼操作修改注冊表啟用或關閉防火牆;二是直接操作防火牆對象來啟用或關閉防火牆。不論哪一種方式,都需要使用管理員權限,所以操作前需要判斷程序是否具有管理員權限。
1、判斷程序是否擁有管理員權限
需要引用命名空間:System.Security.Principal
/// <summary> /// 判斷程序是否擁有管理員權限 /// </summary> /// <returns>true:是管理員;false:不是管理員</returns> public static bool IsAdministrator() { WindowsIdentity current = WindowsIdentity.GetCurrent(); WindowsPrincipal windowsPrincipal = new WindowsPrincipal(current); return windowsPrincipal.IsInRole(WindowsBuiltInRole.Administrator); }
2、注冊表修改防火牆
需要引用命名空間:Microsoft.Win32
/// <summary> /// 通過注冊表操作防火牆 /// </summary> /// <param name="domainState">域網絡防火牆(禁用:0;啟用(默認):1)</param> /// <param name="publicState">公共網絡防火牆(禁用:0;啟用(默認):1)</param> /// <param name="standardState">專用網絡防火牆(禁用:0;啟用(默認):1)</param> /// <returns></returns> public static bool FirewallOperateByRegistryKey(int domainState=1, int publicState = 1, int standardState = 1) { RegistryKey key = Registry.LocalMachine; try { string path = "HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Services\\SharedAccess\\Defaults\\FirewallPolicy"; RegistryKey firewall = key.OpenSubKey(path, true); RegistryKey domainProfile = firewall.OpenSubKey("DomainProfile", true); RegistryKey publicProfile = firewall.OpenSubKey("PublicProfile", true); RegistryKey standardProfile = firewall.OpenSubKey("StandardProfile", true); domainProfile.SetValue("EnableFirewall", domainState, RegistryValueKind.DWord); publicProfile.SetValue("EnableFirewall", publicState, RegistryValueKind.DWord); standardProfile.SetValue("EnableFirewall", standardState, RegistryValueKind.DWord); } catch (Exception e) { string error = $"注冊表修改出錯:{e.Message}"; throw new Exception(error); } return true; }
3、直接操作防火牆對象
需要在項目引用中添加對NetFwTypeLib的引用,並引用命名空間NetFwTypeLib
/// <summary> /// 通過對象防火牆操作 /// </summary> /// <param name="isOpenDomain">域網絡防火牆(禁用:false;啟用(默認):true)</param> /// <param name="isOpenPublicState">公共網絡防火牆(禁用:false;啟用(默認):true)</param> /// <param name="isOpenStandard">專用網絡防火牆(禁用: false;啟用(默認):true)</param> /// <returns></returns> public static bool FirewallOperateByObject(bool isOpenDomain = true, bool isOpenPublicState = true, bool isOpenStandard = true) { try { INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2")); // 啟用<高級安全Windows防火牆> - 專有配置文件的防火牆 firewallPolicy.set_FirewallEnabled(NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_PRIVATE, isOpenStandard); // 啟用<高級安全Windows防火牆> - 公用配置文件的防火牆 firewallPolicy.set_FirewallEnabled(NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_PUBLIC, isOpenPublicState); // 啟用<高級安全Windows防火牆> - 域配置文件的防火牆 firewallPolicy.set_FirewallEnabled(NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_DOMAIN, isOpenDomain); } catch (Exception e) { string error = $"防火牆修改出錯:{e.Message}"; throw new Exception(error); } return true; }