1

The INetFwPolicy2 interface allows an application or service to access the firewall policy.

I am using visual studio 2017.

Question is related to this https://stackoverflow.com/a/33700472/2451446

Code is little different and I have problem to disable fire wall.

Logic before disable fire wall is ok.

        public Task<StatusCodeResult> ResetFirewallStatus()
        {
            Type netFwPolicy2Type = Type.GetTypeFromProgID("HNetCfg.FwPolicy2");
            dynamic mgr = Activator.CreateInstance(netFwPolicy2Type);

            var fwCurrentProfileTypes = mgr.CurrentProfileTypes;

            // Get current status
            bool firewallEnabled = mgr.FirewallEnabled(fwCurrentProfileTypes); // return true

            // Disables Firewall
            mgr.FirewallEnabled(false); //breaks here !!!!


            return Task.FromResult<StatusCodeResult>(Ok());
        }

error message is:

System.ArgumentException: 'Value does not fall within the expected range.'

I tried to use set_FirewallEnabled(fwCurrentProfileTypes,false);

and also put_FirewallEnabled(fwCurrentProfileTypes,false)

In this case error is:

Microsoft.CSharp.RuntimeBinder.RuntimeBinderException: ''System.__ComObject' does not contain a definition for 'set_FirewallEnabled'' ('put_FirewallEnabled'')

Edit

MY SOLUTION:

const int domainProfile = 1;
const int privateProfile = 2;
const int publicProfile = 4;

public bool EnableDisableFirewall(bool enableFirewall)
{
    dynamic mgr = getFwPolicy2();

    mgr.FirewallEnabled[domainProfile] = enableFirewall;
    mgr.FirewallEnabled[privateProfile] = enableFirewall;
    mgr.FirewallEnabled[publicProfile] = enableFirewall;

    return enableFirewall;
}

public bool IsFirewallOn()
{
    dynamic mgr = getFwPolicy2();

    // Get current status
    var isDomainProfileEnabled = mgr.FirewallEnabled(domainProfile);
    var isPrivateProfileEnabled = mgr.FirewallEnabled(privateProfile);
    var isPublicProfileEnabled = mgr.FirewallEnabled(publicProfile);

    return isDomainProfileEnabled && isPrivateProfileEnabled && isPublicProfileEnabled;
}

private object getFwPolicy2()
{
    Type netFwPolicy2Type = Type.GetTypeFromProgID("HNetCfg.FwPolicy2");
    dynamic mgr = Activator.CreateInstance(netFwPolicy2Type);
    return mgr;
}
Raskolnikov
  • 3,791
  • 9
  • 43
  • 88

1 Answers1

3

You have two problems, writing this code late-bound does not exactly help to get this right. Adding a reference to c:\windows\system32\firewallapi.dll so you can use the INetFwPolicy2 interface directly helps you get it right. One quirk you are battling is that the FirewallEnabled property is an indexed property. There is no equivalent in the C# language. Anyhoo, doing it late-bound requires:

bool firewallEnabled = mgr.FirewallEnabled(fwCurrentProfileTypes);

The MSDN documentation specifically warns about this, you cannot use the value returned by CurrentProfileTypes. It requires specifying a specific profile. I recommend you use:

  int profile = 2;   // 1=domain, 2=private, 4=public
  bool firewallEnabled = mgr.FirewallEnabled[profile];

Note the use of the [angle brackets], allowed for indexed properties in the specific case of COM-implemented properties.

mgr.FirewallEnabled(false); //breaks here !!!!

You have to select the specific profile that you want to disable. Proper syntax looks like:

  mgr.FirewallEnabled[profile] = false;

Beware that you can only tinker with the firewall when your programs runs elevated with admin privileges. Add the required manifest if you haven't done so yet.

Hans Passant
  • 922,412
  • 146
  • 1,693
  • 2,536