7

I need to open specific port for my application.

I have tried using INetFwAuthorizedApplication rule per application for all ports.

fwMgr.LocalPolicy.CurrentProfile.AuthorizedApplications.Add(app)

Alternatively open one port for all appllications using INetFwOpenPort.

firewallManager.LocalPolicy.CurrentProfile.GloballyOpenPorts.Add(port)

Is there any way to programmatically open only single port per application programmatically? I can do it manually through firewall settings.

makerofthings7
  • 60,103
  • 53
  • 215
  • 448
Marek
  • 2,419
  • 6
  • 34
  • 38
  • 1
    I hope this isn't possible otherwise my investment in a security software was a waste of money. Are you 100% sure you even need to open the port, most applications don't even require this, even though they provide instructions on how to do it to their users. What do you mean by "I won't need to open UDP either if that is possible" the statement makes no sense. – Security Hound Dec 14 '11 at 12:15
  • Instead of opening too much I am trying to be more restrictive. By adding my application to AuthorizedApplications application is able to listen/communicate on all local and remote ports. I really need to open my application for one single port only. When you manually create firewall rule you can specify application and specific port only. UDP vs TCP is not so important and it only means I do not have to have two inbound rules on my firewall. I will remove it from my question since it is second question really. – Marek Dec 14 '11 at 13:02

2 Answers2

7

You could also just use PowerShell.

using System.Management.Automation;
...
private void OpenPort(int port)
{
    var powershell = PowerShell.Create();
    var psCommand = $"New-NetFirewallRule -DisplayName \"<rule description>\" -Direction Inbound -LocalPort {port} -Protocol TCP -Action Allow";
    powershell.Commands.AddScript(psCommand);
    powershell.Invoke();
}
IngoB
  • 2,552
  • 1
  • 20
  • 35
7

There's a question about blocking connections with an answer with instructions for creating firewall rules in C#. You should be able to adapt this for any kind of firewall rule I imagine.

https://stackoverflow.com/a/1243026/12744

The following code creates a firewall rule that blocks any outgoing connections on all of your network adapters:

using NetFwTypeLib; // Located in FirewallAPI.dll
...
INetFwRule firewallRule = (INetFwRule)Activator.CreateInstance(
    Type.GetTypeFromProgID("HNetCfg.FWRule"));
firewallRule.Action = NET_FW_ACTION_.NET_FW_ACTION_BLOCK;
firewallRule.Description = "Used to block all internet access.";
firewallRule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_OUT;
firewallRule.Enabled = true;
firewallRule.InterfaceTypes = "All";
firewallRule.Name = "Block Internet";

INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(
    Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));
firewallPolicy.Rules.Add(firewallRule);
Community
  • 1
  • 1
Colin Pickard
  • 45,724
  • 13
  • 98
  • 148