开发者

Windows 7 Firewall: Modify group items from command line

I am creating an interface that allows the user to manage (among other things) the Windows Firewall. The GUI that comes with Windows looks like this

Windows 7 Firewall: Modify group items from command line

My GUI is written in Java and uses the netsh advfirewall firewall commands to read the current settings and to save changes.

Some of the items are single records in the firewall. The "Windows Remote Management" item however, is one of the "grouped" items. This is a combination of multiple items. Here is one of those items in the combination.

Rule Name:                            Windows Remote Management - Compatibility
Mode (HTTP-In)
----------------------------------------------------------------------
Enabled:                              No
Direction:                            In
Profiles:                             Private,Public
Grouping:                             Windows Remote Management
LocalIP:                              Any
RemoteIP:                             LocalSubnet
Protocol:                             TCP
LocalPort:                            80
RemotePort:                           Any
Edge traversal:                       No
Action:                               Allow

In this case the whole group is disabled, but it can be enabled for the type public or private or both. (not to mention domain)

When you enable this group using the Windows GUI, if you only enable one of the types, it has to duplicate all the items in the group. One copy for disabled type, one for the enabled type.

The problem arises when I try to create the second copy. The netsh advfirewall firewall add rule command does not allow me to set a grouping on new items. S开发者_JAVA百科o that means I can't create the second copy! Which means, unless the item has already been duplicated by Windows, I can only enable or disable both types together (public and private) which is not what I want.

How can I create this second copy? Any ideas on how to do it with Java or the command line? I found that a netsh export creates a byte file. It looks like it is a registry byte file. Is there a way to edit the firewall using reg query? Where would firewall settings be stored int the registry? I am hoping to avoid writing my own .exe.


The place in the registry where Windows Firewall rules are stored is:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules

The data in this registry key has the same variables that are editable through netsh advfirewall firewall. Most of the actual names and descriptions are references that look like this @FirewallAPI.dll,-31293. Firewall entries do not have a unique ID and are identified by their name. Because of this and because I was not able to find out what the reference was pointing to I deleted the Firewall entries using netsh advfirewall firewall and adding them back using reg query.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜