How does it work to block ip in the firewall currently?

Have had great success with .NET Framework but completely blocked when trying to use with .NET Core. Adding nuget package appears to work but DLL obviously doesn't get added, using WindowsFirewallHelper doesn't resolve. Pulling the source inexplicably has INetFwRule3 undefined in master and v1.3.6543.29360 tag. Any suggestions on getting this to work with .NET Core and/or resolving missing INetFwRule3 in source so I can attempt to build from source under .NET Core?

This condition throws an exception if the protocol is not TCP and is UDP.

I believe the right condition is not TCP and not UDP.

Can you make this work on remote machines also? Or just local? I have searched and cannot figure out how to use on remote.

It is unclear to me how to modify the RemoteAddresses property (or other addresses) for a rule.
For example, I want to add and/or remove remote addresses for an existing rule.

I am able to get a reference to the existing rule I want to modify, however there is no constructor for IAddress, nor any methods that let one modify the address and subsequently assign the array of IAddress to the rule's RemoteAddresses property.

Ultimately my goal is to simply get a reference to the rule and then apply the new list of RemoteAddresses for the rule.

Your help would be most appreciated.

How to block all ports and all programs for a IP?
The options I have or have to select a program or port

I just tried the sample and got the exceptions.
Looks like the same issue as described here stackoverflow

var rule = FirewallManager.Instance.CreateApplicationRule(
FirewallManager.Instance.GetProfile().Type, @"MyApp Rule", 
FirewallAction.Allow, @"C:\MyApp.exe");

I'm getting the following exceptions being thrown whenever I call any of the Firewall functions

Exception thrown: 'System.Runtime.InteropServices.COMException' in System.Private.CoreLib.dll
Exception thrown: 'System.Runtime.InteropServices.COMException' in WindowsFirewallHelper.dll
Exception thrown: 'System.NotSupportedException' in WindowsFirewallHelper.dll

So in this example:

            if (FirewallManager.IsServiceRunning)
            {
                try
                {
                    var activeProfile = FirewallManager.Instance.GetActiveProfile();
                    var rules = FirewallManager.Instance.Rules.ToList();

I'll get 3 sets of these exceptions thrown (one for each reference to FirewallManager

The strange thing is that it's all working fine, no other errors or issues.

I'd prefer to not have any exceptions being thrown... Is there a way to prevent it?

Thanks.

Hi,

at first a big thanks for wrapping nicer code around the windows firewall!
I tried to use WindowsFirewallHelper to add a rule at program start to my computers firewall. After a while and with your example code I found that IsServiceRunning returns false and Version returns None. I tried on two machines running Windows 11 with same results.
On both machines "Domain Networks" is disabled, private and public networks are enabled.
Do the results refer to the disabled "Domain Networks" firewall or does it mean something different?

Thanks,
Christian

Hi,

I'm using FirewallHelper in a .NET Framework 4.8 project and have just updated from 1.6xx to 2.1.4.81. I can't use the FirewallWAS.Rules method because it tells me that I need C# 8.0 or later and Framework 4.8 is limited to 7.3. CS8370 is raised saying that recursive patterns are not available in C#7.3. See embedded image.

I had to look through the change log to get some essential migration information; a useful addition to your documentation would be a basic migration guide saying things such as "profiles are now specified in the GetProfile constructor in FirewallManager.Instance.GetProfile()" and "change all FirewallAPIV2 references to FirewallWAS etc.

Many thanks, Peter

I get a warning like this in the immediate window when FirewallManager.Instance.Rules.SingleOrDefault is executed.

I use VS2022 with C# Desktop with Framework 7.0.
The program works fine but a warning appears like that. Can it be ignored?

Thanks.

Exception thrown: 'System.Runtime.InteropServices.COMException' in System.Private.CoreLib.dll
Exception thrown: 'System.Runtime.InteropServices.COMException' in WindowsFirewallHelper.dll
Exception thrown: 'System.NotSupportedException' in WindowsFirewallHelper.dll
Exception thrown: 'System.Runtime.InteropServices.COMException' in System.Private.CoreLib.dll
Exception thrown: 'System.Runtime.InteropServices.COMException' in WindowsFirewallHelper.dll
Exception thrown: 'System.NotSupportedException' in WindowsFirewallHelper.dll

                var wcfHttpRuleInName = String.Format("DiscountCard - WcfHttpRuleIn: Port {0} - Protocol {1}", Settings.Default.ServiceHttpPort, FirewallProtocol.Any);
                var wcfHttpRuleAction = FirewallAction.Allow;
                var wcfHttpRulePort = (ushort)Settings.Default.ServiceHttpPort;
                var wcfHttpRuleProtocol = FirewallProtocol.Any;
                //
                var isWcfHttpRuleInNameFounded = FirewallManager.Instance.Rules.SingleOrDefault(r => r.Name.Equals(wcfHttpRuleInName));
                if (isWcfHttpRuleInNameFounded == null)
                {
                    var ruleIn = FirewallManager.Instance.CreatePortRule(
                        wcfHttpRuleInName,
                        wcfHttpRuleAction,
                        wcfHttpRulePort,
                        wcfHttpRuleProtocol
                    );
                    ruleIn.Direction = FirewallDirection.Inbound;
                    FirewallManager.Instance.Rules.Add(ruleIn);
                }

The source code on GitHub for version 1.6.3.40 includes the bug fix for port range "Must include last element of the range" (4d81786) for "PortHelper.cs" (https://github.com/falahati/WindowsFirewallHelper/blob/1.6.3.40/WindowsFirewallHelper/Helpers/PortHelper.cs). However, the exact same version on NuGet.org still has this bug and a look at the code in the package confirms this.

It looks like something failed in the pipeline for the PR, but I can´t find the details.

Would it be possible to make a new release that includes the port range fix?

Hello,

I want to add a port range to a rule but it allows me o add just as short/int; I need to add a port range like "5000-7000" as a string. I can't add 2000 different rules for it.

How can I handle this?

Thank you.

Hello,
with this code :

IFirewallRule firewallRule = FirewallManager.Instance.CreatePortRule (@" "+ ruleName +" ", FirewallAction.Allow, port, FirewallProtocol.UDP);

the protocol is always in TCP.

See screenshot

Thanks

I tried to build this library using visual studio 2015 and 2017 but in booth cases i get an error it seams INetFwRule3 is unknown.
How can I fix the issue?

When parsing CIDR address notation to generate a NetworkAddress type, the Address and SubnetMask properties store the intended values. However, the logic for StartAddress and EndAddress attempt to exclude the lowest (original network) IP and the highest (broadcast) IP. This works for large subnet masks, but is improperly executed when using a small mask to request a small number of IP addresses per this sample program:

var addresses = new string[] {
	"1.1.1.1/8",
	"1.1.1.1/16",
	"1.1.1.1/30",
	"1.1.1.1/31",
	"1.1.1.1/32"
};

foreach(string a in addresses)
{
    NetworkAddress na = NetworkAddress.Parse(a);
    Console.WriteLine($"CIDR: {a}\nAddress: {na.Address}\nSubnetMask: {na.SubnetMask}\nStartAddress: {na.StartAddress}\nEndAddress: {na.EndAddress}\n");
}

CIDR: 1.1.1.1/8
Address: 1.1.1.1
SubnetMask: 255.0.0.0
StartAddress: 1.0.0.1
EndAddress: 1.255.255.254

CIDR: 1.1.1.1/16
Address: 1.1.1.1
SubnetMask: 255.255.0.0
StartAddress: 1.1.0.1
EndAddress: 1.1.255.254

CIDR: 1.1.1.1/30
Address: 1.1.1.1
SubnetMask: 255.255.255.252
StartAddress: 1.1.1.1
EndAddress: 1.1.1.2

CIDR: 1.1.1.1/31
Address: 1.1.1.1
SubnetMask: 255.255.255.254
StartAddress: 1.1.1.1
EndAddress: 1.1.1.0

CIDR: 1.1.1.1/32
Address: 1.1.1.1
SubnetMask: 255.255.255.255
StartAddress: 1.1.1.1
EndAddress: 1.1.1.1

Note that StartAddress and EndAddress are reversed for the /31 case.

At a high level, these results are counter-intuitive to begin with as when requesting a /30, one would expect 4 IP addresses when only 2 are provided. When requesting a /31, intuitively 2 IP addresses would be provided. Seemingly returning the full range without truncation would be a better behavior than having both '/31' and '/30' returning 2 IP addresses.

at WindowsFirewallHelper.COMInterop.INetFwRules.GetEnumeratorVariant() at WindowsFirewallHelper.FirewallAPIv2.Firewall.SyncRules() at offset 0 at WindowsFirewallHelper.FirewallAPIv2.Firewall.get_Rules() at offset 6

In version 1.6.2.36 this is happening on some systems.

Add 2 items to sample Winforms app

• An option to list 3rd party registered firewalls
• Ability to set the rule name and associated profiles in the Add Port dialog

Hi,

I can check if firewall profiles are enabled. I would like to check if firewall is enabled too. Is that possible? How can I check it?

Thanks in advance!

The readme contains examples of adding and removing entries, but not of modifying existing entries.

Let's say I get an instance of a rule like var rule = FirewallManager.Instance.Rules.First(x => x.Name == "Foo" && x.Direction == FirewallDirection.Inbound). If I use a setter on that rule instance, is that sufficient? Or do I need to pass it to FirewallManager.Instance.Rules.Add? Or would that create a duplicate of the rule? Do I need to delete the old one, create a new one, copy the properties over, and add the new one?

User will have this dialog if my project is run for the first time:

How to make my project communicating in private networks without the user's request?
I only have tried to code as in an example:
var rule = FirewallManager.Instance.CreateApplicationRule( @"MyApp Rule", FirewallAction.Allow, @"C:\MyApp.exe" ); rule.Direction = FirewallDirection.Outbound; FirewallManager.Instance.Rules.Add(rule);
But I get an exception UnauthorizedAccessException in the last row:
System.UnauthorizedAccessException: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))
at WindowsFirewallHelper.COMInterop.INetFwRules.Add(INetFwRule rule)
at WindowsFirewallHelper.Collections.FirewallWASRulesCollection'1.InternalAdd(INetFwRule native)
at WindowsFirewallHelper.InternalHelpers.Collections.ComCollectionBase'4.Add(TManaged item)

I am attempting to add this to a .net core 2.1 project, but it will not add and just has the yellow hazard sign. I've tried multiple versions with no luck. any ideas?

WindowsFirewallHelper caches the underlying COM object and since Windows Firewall COM API does no reflects updates fast enough you can, in theory, get a result that is outdated. How rarely this happens depends on the underlying Firewall API and therefore it might be hard to reproduce.

#32 might be used to detect such changes in the future.

Workaround
Since with version 2 of this library, it is possible to create multiple instances of any IFirewall implemented class, creating a new instance should, in theory, solve this problem by creating a new COM object.

Vista+:
var rules = new FirewallWAS().Rules.ToArray()

XP+:
var rules = new FirewallLegacy().Rules.ToArray()

Doing so leaves the COM object lifetime management to the user of the library.
There is no way to do this with version 1 of this library since these constructors are marked as internal.

Solution
Should add a new IFirewall.Refresh() or IFirewall.Reload() method to clear the COM cache of an instance. This is especially handy when using the FirewallManager class.

Is it possible (or could it be possible) to directly get/set the underlying Rule's RemoteAddresses and LocalAddresses properties through WIndowFirewallHelper?

I understand the entire objective is to safely wrap these properties using arrays of IAddress, but it would be nice to be able to get/set the raw string properties if for no other reason than debugging issues like my previously posted issue trying to assign a single IPV6 address.

EG:
var mystring=objRule.RemoteAddressesString;
and
objRule.RemoteAddresses=mystring;

How can I block all connections but those that match an Allow rule? Seems likeprofile.DefaultInboundAction = FirewallAction.Block sets the firewall to block all connections, ignoring any allow rules. I'm looking for the option that matches Block (default) - the choice available in Windows Firewall With Advanced Security which blocks all connections except those that match an Allow rule?

Not really an issue, just an offer. I have forked the code and changed out the underlying COM classes for those in Vanara.PInvoke.FirewallApi. This lib supports .NET 2-4.x, .NET Core 2.0-3.1, and .NET Std 2.0. I then added those same supported options to the WindowsFirewallHelper assembly. If you're interested, I'm happy to help add in and support in your master.

I'm writing a little application to read my security event logs and then block any IP address from a range outside my own country i.e. it will read 149.12.0.132 from the event then I want to add the address 149.0.0.0/8 to my blocking rule, SingeIP.parse() does not support this so how can I add an address like this?

I had try this, but very slow.

public void ClearRules() {
    for (int i = 0; i < FirewallManager.Instance.Rules.Count;) {
        var rule = (StandardRule)FirewallManager.Instance.Rules[i];
        if (rule.Grouping == "xxx")
            FirewallManager.Instance.Rules.RemoveAt(i);
        else
            i++;
    }
}

Hi falahati, your class library appears to be quite sophisticated for managing the windows firewall rules - nice work!

However one feature which seems to be missing (or would be nice to have) in the library is a way to get notified when packages are dropped (or connection blocked) together with the information about which rule blocked a connection. Essentially what is shown in EventViewer > security > event 5157.

This would be very useful for troubleshooting and when implementing a firewall UI.

Is this something you would consider or is it maybe available but I haven't seen it?

Thx. harry

Thanks for prior issue help.

I am trying to assign a SingleIP IPV6 address to Rule.RemoteAddresses.
Although it appears it may work, at some point when the joined string array is applied in StandardRule.cs to UnderlyingObject.RemoteAddresses something, presumably NetFwTypeLib, changes the single IPV6 address into a range.

For example:
2607:fea8:4260:31a::9
becomes
2607:fea8:4260:31a::9-2607:fea8:4260:31a::9

This creates a problem when you subsequently try to read and return Rule.RemoteAddresses later because IPRange.parse doesn't recognize the single IP range, and SingleIP also doesn't recognize what appears to be a range. As a result it simply doesn't get returned in the list of IPaddresses from Rule.RemoteAddresses.

Here's a small console app that should demo the problem more clearly (I hope). Note I am using the latest code you have here as of Nov 24 rather than the released Nuget version which also has some problems with IPV6 you already fixed yesterday.

`using System;
using System.Collections.Generic;
using System.Linq;
using WindowsFirewallHelper;

namespace AddressTest
{
class Program
{
static void Main(string[] args)
{
setRemoteAddresss();
Console.WriteLine("Press any key to end.");
var c = Console.ReadKey();
}

    static void setRemoteAddresss()
    {
        var RuleName = "Remote Desktop - User Mode (TCP-In)";
        var objRule = (from obj in FirewallManager.Instance.Rules where obj.Direction == FirewallDirection.Inbound && obj.Name == RuleName orderby obj.Name select obj).FirstOrDefault();

        List<IAddress> NewIPs = new List<IAddress>();
        List<string> iplist = new List<string> { "2607:fea8:4260:31a::9" };

        foreach (var iptext in iplist)
        {
            NewIPs.Add(WindowsFirewallHelper.Addresses.SingleIP.Parse(iptext));
        }

        Console.WriteLine("Assigning these RemoteAddresses:");
        foreach (var objIP in NewIPs)
        {
            Console.WriteLine(objIP.ToString());
        }
        objRule.RemoteAddresses = NewIPs.ToArray();

        Console.WriteLine("RemoteAddresses actually assigned:");
        var assignedIPs = objRule.RemoteAddresses;
        foreach (var objIP in assignedIPs)
        {
            Console.WriteLine(objIP.ToString());
        }

        return;
    }
}

}
`

This is my first approach to this library and not sure if I'm missing something else or it's a bug.
I get an UnauthorizedAccessException when adding a new rule.
I'm using version 2.2.0.86

// Create and add rules for this app
try {
string ruleRootName = @"Myapp ";
FirewallProfiles allProfiles = FirewallProfiles.Domain | FirewallProfiles.Private | FirewallProfiles.Public;
string thePath = Assembly.GetExecutingAssembly().Location;
var r1 = FirewallManager.Instance.CreateApplicationRule(allProfiles, ruleRootName + @"Rule (Outbound)", FirewallAction.Allow, thePath);
r1.Direction = FirewallDirection.Outbound;
FirewallManager.Instance.Rules.Add(r1);
}
catch (UnauthorizedAccessException e) {
Utils.LogV("Failed to set firewall rules");
}

I wish to create a firewall rule to allow ICMP pings from one particular ip address.

The following test code throws an exception on line 1 saying "Value does not fall within the expected range.". I've tried setting Port parameter to 0, 1, 123 and Nothing, regardless it throws an exception unless I change the protocol to TCP.

Dim RuleICMPTest1 As IRule = FirewallManager.Instance.CreatePortRule(FirewallManager.Instance.GetProfile().Type, "Name", FirewallAction.Allow, 0, FirewallProtocol.ICMPv4)
RuleICMPTest1.Direction = FirewallDirection.Inbound
RuleICMPTest1.RemoteAddresses = {WindowsFirewallHelper.Addresses.SingleIP.Parse("192.168.0.1")}
RuleICMPTest1.Protocol = FirewallProtocol.ICMPv4
FirewallManager.Instance.Rules.Add(RuleICMPTest1)

The following test code throws an exception on line 2 saying "Value does not fall within the expected range."

Dim RuleICMPTest2 = New WindowsFirewallHelper.FirewallAPIv2.Rules.StandardRule("NAME2", CUShort(0), FirewallAction.Allow, FirewallDirection.Inbound, FirewallProfiles.Domain)
RuleICMPTest2.Protocol = FirewallProtocol.ICMPv4
RuleICMPTest2.RemoteAddresses = {WindowsFirewallHelper.Addresses.SingleIP.Parse("192.168.0.1")}
FirewallManager.Instance.Rules.Add(RuleICMPTest2)

I'm sure I'm doing something wrong but not sure what. Any help gratefully received.

Hello, been using this library for a while now with great success, but recently had a user get this error. We've tried a number of steps to resolve the issue to no avail, does anyone have any clues as to what might be wrong with his machine?

Trace:

System.IO.FileNotFoundException: The system cannot find the file specified. (Exception from HRESULT: 0x80070002)
--
at WindowsFirewallHelper.COMInterop.INetFwRules.Remove(String name)
at WindowsFirewallHelper.FirewallAPIv2.Firewall.RulesOnItemsModified(Object sender, ActiveCollectionChangedEventArgs`1 e)
at System.Collections.ObjectModel.Collection`1.Remove(T item)

ActiveCollection<T>.Sync is very inefficient and causes significant slowdowns. Getting rules takes tens of seconds when there are about 1000 firewall rules.

I implemented my own replacement using LINQ, but it seems like this library targets .NET 2.0, so I can't upstream the change. Is there any particular reason for that?

Adding a port rule in the sample Winforms application fails, and I believe would with any call to FirewallManager.Instance.CreatePortRule that includes the protocol. The problem occurs when the Protocol is set to {Any} with the port set. The error received is:

"Port number can only be specified for the UDP and TCP protocols."

However, the protocol isn't set to UDP or TCP before it is set to {Any} by the constructor tree for FirewallWASRuleWin8. The issue is on FirewallWASRule.cs:76, where the protocol is set to {Any} before the Property Initializer in the original constructor call back at FirewallWAS.cs:166 is executed.

For the following code

rule.RemoteAddresses = remoteAddresses;

when assigning an array of remoteAddresses which includes an IPv6 address range eg
1234:1030:20e:3::6f/127
start IP 1234:1030:20e:3::6e
last IP 1234:1030:20e:3::6f

it fails to set the remoteAddresses property and throws an exception

Exception Stack Trace
" at WindowsFirewallHelper.COMInterop.INetFwRule.set_RemoteAddresses(String value)\r\n at WindowsFirewallHelper.FirewallRules.FirewallWASRule.set_RemoteAddresses(IAddress[] value) in C:\Users\s_fal\Documents\Personal\Open-Source Projects\WindowsFirewallHelper\WindowsFirewallHelper\FirewallRules\FirewallWASRule.cs:line 584\r\n at FirewallService.CreateFirewallRule(String name, FirewallAction action, FirewallDirection direction, FirewallProtocol protocol, UInt16[] destinationPortsList, IAddress[] remoteAddresses, IAddress[] localAddresses) in ...

This works fine when the IPv6 CIDR is /128 eg 1234:1030:20e:3::6f/128

Images for context

Attempting to create new WindowsFirewallHelper.Addresses.NetworkAddress from a System.Net.IPAddress object that is using an IPV6 address of: 2a04:4e42:400::323
(this is one of the DNS entries for CNN.COM incidentally).

Example:
var systemIP = IPAddress.Parse("2a04:4e42:400::323"); var fwhelperIP = new WindowsFirewallHelper.Addresses.NetworkAddress(systemIP);

This throws an error "Addresses of different family can not be used."

I also notice the System.Net.IPAddress object throws a SocketException error when trying to access the .Address property which may be related.

Seems like this should work. Thoughts?

You wrote

var rule = FirewallManager.Instance.CreateApplicationRule(
    @"MyApp Rule",
    FirewallAction.Allow,
    @"C:\MyApp.exe"
);
rule.Direction = FirewallDirection.Outbound;
FirewallManager.Instance.Rules.Add(rule);

is the basic example for adding a new rule, I get the Error that the FireWallProfiles profiles is missing.
So I added before the rule name

FirewallManager.Instance.GetProfile().Type
But I get exception that E_ACCESSDENIED for creating a new rule.

It is caused by an underlying failure of the IAddress [] to properly serialize.

Here's a minimum viable demo of the broken behavior:

using System;
using System.Linq;
using Newtonsoft.Json;
using WindowsFirewallHelper;

namespace FirewallHelperTest
{
    class Program
    {
        static void Main(string[] args)
        {
            foreach (IFirewallRule rule in FirewallManager.Instance.Rules.ToArray())
            {
                Console.WriteLine(JsonConvert.SerializeObject(rule));
            }
        }
    }
}

Which results in:

Newtonsoft.Json.JsonSerializationException
  HResult=0x80131500
  Message=Error getting value from 'ScopeId' on 'WindowsFirewallHelper.Addresses.SingleIP'.
  Source=Newtonsoft.Json
  StackTrace:
   at Newtonsoft.Json.Serialization.ExpressionValueProvider.GetValue(Object target)

Inner Exception 1:
SocketException: The attempted operation is not supported for the type of object referenced

You don't need to serialize the whole Rule for this behavior. I isolated each field to determine it was the addresses. For example, this also will not work:
JsonConvert.SerializeObject(rule.LocalAddresses)

Hi,

Today I've updated a legacy project from v1.4.6592.8627 to v2.1.4.81

Most of my code continues to work, but I'm unable to suss how to create a rule to allow ICMP.

Back in 2019 in issue #12 you helped me and gave me the following example.

Dim Rule = New WindowsFirewallHelper.FirewallAPIv2.Rules.StandardRule("NAME2", FirewallAction.Allow, FirewallDirection.Inbound, FirewallProfiles.Domain)
Rule.Protocol = FirewallProtocol.ICMPv4
Rule.RemoteAddresses = {WindowsFirewallHelper.Addresses.SingleIP.Parse("192.168.0.1")}
FirewallManager.Instance.Rules.Add(Rule)

I've been unable to find how to replicate this functionality in v2 of your library. I'd be most grateful if you could assist me!

Cheers

Steve

I resolved my prior issue with respect to creating my array of Iaddress to assign to the rule's allowed remoteaddresses, however I do not see how I can set the RemoteAddresses property to "*" implying all addresses.

Can you elaborate on how to apply the non IP addresses that Windows Firewall supports?
EG: "*", "DNS" etc.?

' 1st Test Case
Dim Rule As IRule = FirewallManager.Instance.CreateApplicationRule(FirewallManager.Instance.GetProfile().Type, "Test Name", FirewallAction.Allow, "MyApp.exe")
Rule.Direction = FirewallDirection.Inbound
Rule.RemoteAddresses = {WindowsFirewallHelper.Addresses.SingleIP.Parse("192.168.0.1)}

Rule.LocalPorts = {CUShort(10050)} 'Test 1
Rule.RemotePorts = {CUShort(10050)} 'Test 2

' 2nd Test Case
Dim AllRulesTest = FirewallManager.Instance.Rules

For Each SingelRuleTest As IRule In AllRulesTest
If SingelRuleTest.LocalPorts.Length > 0 Then
Console.WriteLine("{0}, {1}, {2}", SingelRuleTest.Name, SingelRuleTest.LocalPorts, SingelRuleTest.Profiles.ToString(), SingelRuleTest.RemoteAddresses.ToString)
Rule.LocalPorts = SingelRuleTest.LocalPorts 'Test 3 - You'd think this would work as its taking a copy of LocalPorts from an existing rule.
End If

Next

All attempts to set LocalPorts or RemotePorts results in an exception "Value does not fall within the expected range."

Any advice gratefully received.

Assume a rule named: "Remote Desktop - User Mode (TCP-In)"

var objRule = (from obj in FirewallManager.Instance.Rules where obj.Direction == FirewallDirection.Inbound && obj.Name == Default.RuleName orderby obj.Name select obj).FirstOrDefault();

Before assignment:
objRule.Name == "Remote Desktop - User Mode (TCP-In)"

A list of IPs is assigned:
objRule.RemoteAddresses=List AddressList;

Unexpectedly - Immediately after the assignment :
objRule.Name== "@FirewallAPI.dll,-28775 "

Reloading the rule returns the expected name:
var objRuleRefreshed = (from obj in FirewallManager.Instance.Rules where obj.Direction == FirewallDirection.Inbound && obj.Name == Default.RuleName orderby obj.Name select obj).FirstOrDefault();
objRuleRefreshed.Name"Remote Desktop - User Mode (TCP-In)"

This may be an issue with Windows firewall API rather than WindowsFirewallHelper, but it concerns me that subsequent property assignments to the same rule object may fail if the rule's name property has changed for some reason. I think this bears further examination...

I only know path to.exe, I do not know the name of Firewoll rule. How can I find a rule (to remove it) knowing only the path to the file?

How do you specify a remote IP address as part of the scope of an outbound rule? Example, I want to create a rule for an app that blocks outbound connections to a specific IP address.

When one of the addresses in the array of IAddress that is assigned to Rule.RemoteAddresses is ::1 an exception is thrown. ::1 is IPV6 for LocalHost.
IPV4 127.0.0.1 works fine.

Example assignment. NewIPs is an array of IAddress:
objRule.RemoteAddresses = NewIPs.ToArray();

Here's the list of IP addresses in NewIPs. Note the last one is ::1
IP addresses:173.35.205.201,99.248.70.97,66.96.146.81,::1

Here's the exception and stacktrace:

Exception from HRESULT: 0xD000000D at NetFwTypeLib.INetFwRule.set_RemoteAddresses(String remoteAddrs)
at WindowsFirewallHelper.FirewallAPIv2.Rules.StandardRule.set_RemoteAddresses(IAddress[] value)
at FWManagerService.FirewallJobProcessor.ApplyAuthorizedRemoteAddresses(List`1 lstAuthIPs) in D:\VBapps\FWmanager\FWManagerService\Code\FirewallJobProcessor.cs:line 291

Users can not see any doc of classes, methods, fields in your library if you don't check this option.
Also, you have to add the xmls into the nuget package folder that same to dlls.

Using: Windows 7 Embedded Standard SP1

Hey guys, I am trying to get RDP to work correctly. I have opened all the necessary firewall ports and predefined rules in the inbound rules list and enabled all the necessary GPO's and registry items.

For some reason, even though Windows Firewall is set to automatically start, and the service itself says "started," but for the rules to actually apply correctly, restarting the service works and I am able to RDP into the device.

I have checked msconfig to see if the service is enabled on startup, and it is.

Any help would be appreciated. Thanks!

What is the origin of the "Interop.NetFwTypeLib.dll" dll?

Hi.

Thank you for WindowsFirewallHelper.

An InvalidComObjectException is thrown when executing in a STA.

I expected to be able to call FirewallManager in a STA.

I've attached a reproducible Visual Studio 2015 project here:

WindowsFirewallHelperTests.zip

It contains a unit test with ClassInitialize and ClassCleanup methods that access FirewallManager.Instance.Rules.

It also contains a testsettings file which is configured to execute tests in a STA.

In Visual Studio, select Test > Test Settings > Select Test Settings File, and open the Local.testsettings file.

When run, the test will succeed, but the following is displayed in the Output window, under the Tests view:

------ Run test started ------
Class Cleanup method UnitTest1.ClassCleanup failed. Error Message: System.Runtime.InteropServices.InvalidComObjectException: COM object that has been separated from its underlying RCW cannot be used.. Stack Trace:     at System.StubHelpers.StubHelpers.GetCOMIPFromRCW(Object objSrc, IntPtr pCPCMD, IntPtr& ppTarget, Boolean& pfNeedsRelease)
   at NetFwTypeLib.INetFwPolicy2.get_Rules()
   at WindowsFirewallHelper.FirewallAPIv2.Firewall.SyncRules()
   at WindowsFirewallHelper.FirewallAPIv2.Firewall.get_Rules()
   at WindowsFirewallHelperTests.UnitTest1.ClassCleanup() in c:\users\rami.abughazaleh\documents\visual studio 2015\Projects\WindowsFirewallHelperTests\WindowsFirewallHelperTests\UnitTest1.cs:line 18

========== Run test finished: 1 run (0:00:03.0169385) ==========

The exception occurs in the ClassCleanup method.

If you manually edit Local.testsettings, change
<ExecutionThread apartmentState="STA"/> to <ExecutionThread apartmentState="MTA"/>, and then re-run the test, it will still succeed, but the exception is not thrown.

I expected the exception to not get thrown in the ClassCleanup method.

Thank you.