如何让你的程序安全通过windows防火墙
大家开发网络程序,经常要连接其他主机,如果在xp上运行,一定会提示你,只有选择解除阻止才能实现正常的网络连接.那么有没有办法在防火墙的例外列表里面通过编程的方式加入自己的程序呢?
当然有了,不然就不要介绍了
xp的系统目录下面有个hnetcfg.dll就是这个编程接口,头文件是netfw.h,初始化代码如下:
INetFwProfile* m_pFireWallProfile=NULL;
HRESULT hr
=
S_FALSE;
INetFwMgr * fwMgr = NULL;
INetFwPolicy * fwPolicy = NULL;
FW_ERROR_CODE ret = FW_NOERROR;
try
{
if ( m_pFireWallProfile )
throw FW_ERR_INITIALIZED;
// Create an instance of the firewall settings manager.
hr = CoCreateInstance( __uuidof(NetFwMgr), NULL, CLSCTX_INPROC_SERVER, __uuidof( INetFwMgr), ( void ** ) & fwMgr );
if ( FAILED( hr ))
throw FW_ERR_CREATE_SETTING_MANAGER;
// Retrieve the local firewall policy.
hr = fwMgr -> get_LocalPolicy( & fwPolicy );
if ( FAILED( hr ))
throw FW_ERR_LOCAL_POLICY;
// Retrieve the firewall profile currently in effect
hr = fwPolicy -> get_CurrentProfile( & m_pFireWallProfile );
if ( FAILED( hr ))
throw FW_ERR_PROFILE;
}
catch ( FW_ERROR_CODE nError)
{
ret = nError;
}
if ( fwPolicy )
fwPolicy -> Release();
if ( fwMgr )
fwMgr -> Release();
return ret;
将程序名称加入例外列表:
INetFwMgr * fwMgr = NULL;
INetFwPolicy * fwPolicy = NULL;
FW_ERROR_CODE ret = FW_NOERROR;
try
{
if ( m_pFireWallProfile )
throw FW_ERR_INITIALIZED;
// Create an instance of the firewall settings manager.
hr = CoCreateInstance( __uuidof(NetFwMgr), NULL, CLSCTX_INPROC_SERVER, __uuidof( INetFwMgr), ( void ** ) & fwMgr );
if ( FAILED( hr ))
throw FW_ERR_CREATE_SETTING_MANAGER;
// Retrieve the local firewall policy.
hr = fwMgr -> get_LocalPolicy( & fwPolicy );
if ( FAILED( hr ))
throw FW_ERR_LOCAL_POLICY;
// Retrieve the firewall profile currently in effect
hr = fwPolicy -> get_CurrentProfile( & m_pFireWallProfile );
if ( FAILED( hr ))
throw FW_ERR_PROFILE;
}
catch ( FW_ERROR_CODE nError)
{
ret = nError;
}
if ( fwPolicy )
fwPolicy -> Release();
if ( fwMgr )
fwMgr -> Release();
return ret;
WinXPSP2FireWall::AddApplication(
const
wchar_t
*
lpszProcessImageFileName,
const
wchar_t
*
lpszRegisterName )
{
FW_ERROR_CODE ret = FW_NOERROR;
HRESULT hr;
BOOL bAppEnable;
BSTR bstrProcessImageFileName = NULL;
BSTR bstrRegisterName = NULL;
INetFwAuthorizedApplication* pFWApp = NULL;
INetFwAuthorizedApplications* pFWApps = NULL;
try
{
if( m_pFireWallProfile == NULL )
throw FW_ERR_INITIALIZED;
if( lpszProcessImageFileName == NULL || lpszRegisterName == NULL )
throw FW_ERR_INVALID_ARG;
// First of all, check the application is already authorized;
FW_ERROR_CODE nError = this->IsAppEnabled( lpszProcessImageFileName, bAppEnable );
if( nError != FW_NOERROR )
throw nError;
// Only add the application if it isn't authorized
if( bAppEnable == FALSE )
{
// Retrieve the authorized application collection
hr = m_pFireWallProfile->get_AuthorizedApplications( &pFWApps );
if( FAILED( hr ))
throw FW_ERR_AUTH_APPLICATIONS;
// Create an instance of an authorized application
hr = CoCreateInstance( __uuidof(NetFwAuthorizedApplication), NULL, CLSCTX_INPROC_SERVER, __uuidof(INetFwAuthorizedApplication), (void**)&pFWApp);
if( FAILED( hr ))
throw FW_ERR_CREATE_APP_INSTANCE;
// Allocate a BSTR for the Process Image FileName
bstrProcessImageFileName = SysAllocString( lpszProcessImageFileName );
if( SysStringLen( bstrProcessImageFileName ) == 0)
throw FW_ERR_SYS_ALLOC_STRING;
// Set the process image file name
hr = pFWApp->put_ProcessImageFileName( bstrProcessImageFileName );
if( FAILED( hr ) )
throw FW_ERR_PUT_PROCESS_IMAGE_NAME;
// Allocate a BSTR for register name
bstrRegisterName = SysAllocString( lpszRegisterName );
if( SysStringLen( bstrRegisterName ) == 0)
throw FW_ERR_SYS_ALLOC_STRING;
// Set a registered name of the process
hr = pFWApp->put_Name( bstrRegisterName );
if( FAILED( hr ))
throw FW_ERR_PUT_REGISTER_NAME;
// Add the application to the collection
hr = pFWApps->Add( pFWApp );
if( FAILED( hr ))
throw FW_ERR_ADD_TO_COLLECTION;
}
}
catch( FW_ERROR_CODE nError )
{
ret = nError;
}
SysFreeString( bstrProcessImageFileName );
SysFreeString( bstrRegisterName );
if( pFWApp )
pFWApp->Release();
if( pFWApps )
pFWApps->Release();
return ret;
}
{
FW_ERROR_CODE ret = FW_NOERROR;
HRESULT hr;
BOOL bAppEnable;
BSTR bstrProcessImageFileName = NULL;
BSTR bstrRegisterName = NULL;
INetFwAuthorizedApplication* pFWApp = NULL;
INetFwAuthorizedApplications* pFWApps = NULL;
try
{
if( m_pFireWallProfile == NULL )
throw FW_ERR_INITIALIZED;
if( lpszProcessImageFileName == NULL || lpszRegisterName == NULL )
throw FW_ERR_INVALID_ARG;
// First of all, check the application is already authorized;
FW_ERROR_CODE nError = this->IsAppEnabled( lpszProcessImageFileName, bAppEnable );
if( nError != FW_NOERROR )
throw nError;
// Only add the application if it isn't authorized
if( bAppEnable == FALSE )
{
// Retrieve the authorized application collection
hr = m_pFireWallProfile->get_AuthorizedApplications( &pFWApps );
if( FAILED( hr ))
throw FW_ERR_AUTH_APPLICATIONS;
// Create an instance of an authorized application
hr = CoCreateInstance( __uuidof(NetFwAuthorizedApplication), NULL, CLSCTX_INPROC_SERVER, __uuidof(INetFwAuthorizedApplication), (void**)&pFWApp);
if( FAILED( hr ))
throw FW_ERR_CREATE_APP_INSTANCE;
// Allocate a BSTR for the Process Image FileName
bstrProcessImageFileName = SysAllocString( lpszProcessImageFileName );
if( SysStringLen( bstrProcessImageFileName ) == 0)
throw FW_ERR_SYS_ALLOC_STRING;
// Set the process image file name
hr = pFWApp->put_ProcessImageFileName( bstrProcessImageFileName );
if( FAILED( hr ) )
throw FW_ERR_PUT_PROCESS_IMAGE_NAME;
// Allocate a BSTR for register name
bstrRegisterName = SysAllocString( lpszRegisterName );
if( SysStringLen( bstrRegisterName ) == 0)
throw FW_ERR_SYS_ALLOC_STRING;
// Set a registered name of the process
hr = pFWApp->put_Name( bstrRegisterName );
if( FAILED( hr ))
throw FW_ERR_PUT_REGISTER_NAME;
// Add the application to the collection
hr = pFWApps->Add( pFWApp );
if( FAILED( hr ))
throw FW_ERR_ADD_TO_COLLECTION;
}
}
catch( FW_ERROR_CODE nError )
{
ret = nError;
}
SysFreeString( bstrProcessImageFileName );
SysFreeString( bstrRegisterName );
if( pFWApp )
pFWApp->Release();
if( pFWApps )
pFWApps->Release();
return ret;
}
posted on 2007-09-24 14:57 聂文龙 阅读(514) 评论(0) 编辑 收藏 引用 所属分类: Visual C++