Diese Beispiele erlauben das Arbeiten mit der Windows Firewall. Da gilt es insbesondere um die ausgehenden und eingehenden Regeln, die der Firewall hinzugefügt werden können.
Wer sich mit diesem Thema noch nicht befasst hat, sollte vorerst sich mit den In- und Outbound Regeln der Firewall kundig machen, bevor er diese Codes anwendet.
Wichtig für alle funktionen : uses ActiveX, ComObj
uses ActiveX, ComObj
Procedure AddLANRule;
Const
NET_FW_IP_PROTOCOL_TCP = 6;
NET_FW_ACTION_ALLOW = 1;
var
CurrentProfiles : OleVariant;
fwPolicy2 : OleVariant;
RulesObject : OleVariant;
NewRule : OleVariant;
begin
fwPolicy2 := CreateOleObject('HNetCfg.FwPolicy2');
RulesObject := fwPolicy2.Rules;
CurrentProfiles := fwPolicy2.CurrentProfileTypes;
NewRule := CreateOleObject('HNetCfg.FWRule');
NewRule.Name := 'InterfaceType_Rule';
NewRule.Description := 'Allow incoming network traffic over port 2400 coming from LAN interface type';
NewRule.Protocol := NET_FW_IP_PROTOCOL_TCP;
NewRule.LocalPorts := 2300;
NewRule.Interfacetypes := 'LAN';
NewRule.Enabled := True;
NewRule.Grouping := 'Group';
NewRule.Profiles := CurrentProfiles;
NewRule.Action := NET_FW_ACTION_ALLOW;
RulesObject.Add(NewRule);
end;
procedure TForm1.Button1Click(Sender: TObject);
begin
try
CoInitialize(nil);
try
AddLANRule;
finally
CoUninitialize;
end;
except
on E:EOleException do
ShowMessage(Format('EOleException %s %x', [E.Message,E.ErrorCode]));
end;
Beep;
ShowMessage('Finish');
end;
Regel über das Interface hinzufügen :
uses ActiveX, ComObj
Procedure AddPerInterfaceRule;
Const
NET_FW_IP_PROTOCOL_TCP = 6;
NET_FW_IP_PROTOCOL_UDP = 17;
NET_FW_ACTION_ALLOW = 1;
var
CurrentProfiles : OleVariant;
fwPolicy2 : OleVariant;
RulesObject : OleVariant;
NewRule : OleVariant;
begin
fwPolicy2 := CreateOleObject('HNetCfg.FwPolicy2');
RulesObject := fwPolicy2.Rules;
CurrentProfiles := fwPolicy2.CurrentProfileTypes;
NewRule := CreateOleObject('HNetCfg.FWRule');
NewRule.Name := 'Interface_Rule';
NewRule.Description := 'Add a Per Interface Rule';
NewRule.Protocol := NET_FW_IP_PROTOCOL_TCP;
NewRule.LocalPorts := 2300;
NewRule.Interfacetypes := 'LAN';
NewRule.Enabled := True;
NewRule.Grouping := 'My Group';
NewRule.Profiles := CurrentProfiles;
NewRule.Interfaces := VarArrayOf(['Local Area Connection']);
NewRule.Action := NET_FW_ACTION_ALLOW;
RulesObject.Add(NewRule);
end;
procedure TForm1.Button1Click(Sender: TObject);
begin
try
CoInitialize(nil);
try
AddPerInterfaceRule;
finally
CoUninitialize;
end;
except
on E:EOleException do
ShowMessage(Format('EOleException %s %x', [E.Message,E.ErrorCode]));
end;
Beep;
ShowMessage('Finish');
end;
Regel über Das Protocol GRE hinzufügen :
uses ActiveX, ComObj
Procedure AddProtocolRule;
Const
NET_FW_ACTION_ALLOW = 1;
var
CurrentProfiles : OleVariant;
fwPolicy2 : OleVariant;
RulesObject : OleVariant;
NewRule : OleVariant;
begin
fwPolicy2 := CreateOleObject('HNetCfg.FwPolicy2');
RulesObject := fwPolicy2.Rules;
CurrentProfiles := fwPolicy2.CurrentProfileTypes;
NewRule := CreateOleObject('HNetCfg.FWRule');
NewRule.Name := 'GRE_RULE';
NewRule.Description := 'Allow GRE Traffic';
NewRule.Protocol := 47;
NewRule.Enabled := True;
NewRule.Profiles := CurrentProfiles;
NewRule.Action := NET_FW_ACTION_ALLOW;
RulesObject.Add(NewRule);
end;
procedure TForm1.Button1Click(Sender: TObject);
begin
try
CoInitialize(nil);
try
AddProtocolRule;
finally
CoUninitialize;
end;
except
on E:EOleException do
ShowMessage(Format('EOleException %s %x', [E.Message,E.ErrorCode]));
end;
Beep;
ShowMessage('Finish');
end;
Regel einer Application über Edge Traversal hinzufügen
uses ActiveX, ComObj
Procedure AddRuleEdgeTraversal;
Const
NET_FW_ACTION_ALLOW = 1;
NET_FW_IP_PROTOCOL_TCP = 6;
var
CurrentProfiles : OleVariant;
fwPolicy2 : OleVariant;
RulesObject : OleVariant;
NewRule : OleVariant;
begin
fwPolicy2 := CreateOleObject('HNetCfg.FwPolicy2');
RulesObject := fwPolicy2.Rules;
CurrentProfiles := fwPolicy2.CurrentProfileTypes;
NewRule := CreateOleObject('HNetCfg.FWRule');
NewRule.Name := 'Application Name Edge Traversal';
NewRule.Description := 'Allow GRE TrafficAllow my application network traffic with Edge Traversal';
NewRule.Applicationname := 'Application.exe';
NewRule.Protocol := NET_FW_IP_PROTOCOL_TCP;
NewRule.LocalPorts := 5000;
NewRule.Enabled := True;
NewRule.Grouping := 'Group';
NewRule.Profiles := CurrentProfiles;
NewRule.Action := NET_FW_ACTION_ALLOW;
NewRule.EdgeTraversal := True;
RulesObject.Add(NewRule);
end;
procedure TForm1.Button1Click(Sender: TObject);
begin
try
CoInitialize(nil);
try
AddRuleEdgeTraversal;
finally
CoUninitialize;
end;
except
on E:EOleException do
ShowMessage(Format('EOleException %s %x', [E.Message,E.ErrorCode]));
end;
Beep;
ShowMessage('Finish');
end;
Eine Dienstregel über den Speicher hinzufügen :
uses ActiveX, ComObj
Procedure AddServiceRule;
Const
NET_FW_ACTION_ALLOW = 1;
NET_FW_IP_PROTOCOL_TCP = 6;
var
CurrentProfiles : OleVariant;
fwPolicy2 : OleVariant;
RulesObject : OleVariant;
NewRule : OleVariant;
begin
fwPolicy2 := CreateOleObject('HNetCfg.FwPolicy2');
RulesObject := fwPolicy2.Rules;
CurrentProfiles := fwPolicy2.CurrentProfileTypes;
NewRule := CreateOleObject('HNetCfg.FWRule');
NewRule.Name := 'Service_Rule';
NewRule.Description := 'Allow incoming network traffic to myservice';
NewRule.Applicationname := 'Service.exe';
NewRule.ServiceName := 'servicename';
NewRule.Protocol := NET_FW_IP_PROTOCOL_TCP;
NewRule.LocalPorts := 135;
NewRule.Enabled := True;
NewRule.Grouping := 'Group';
NewRule.Profiles := CurrentProfiles;
NewRule.Action := NET_FW_ACTION_ALLOW;
RulesObject.Add(NewRule);
end;
procedure TForm1.Button1Click(Sender: TObject);
begin
try
CoInitialize(nil);
try
AddServiceRule;
finally
CoUninitialize;
end;
except
on E:EOleException do
ShowMessage(Format('EOleException %s %x', [E.Message,E.ErrorCode]));
end;
Beep;
ShowMessage('Finish');
end;
Eine ICMP Regel über den Speicher hinzufügen :
uses ActiveX, ComObj
Procedure AddICMPRule;
Const
NET_FW_ACTION_ALLOW = 1;
NET_FW_IP_PROTOCOL_ICMPv4 = 1;
NET_FW_IP_PROTOCOL_ICMPv6 = 58;
var
CurrentProfiles : OleVariant;
fwPolicy2 : OleVariant;
RulesObject : OleVariant;
NewRule : OleVariant;
begin
fwPolicy2 := CreateOleObject('HNetCfg.FwPolicy2');
RulesObject := fwPolicy2.Rules;
CurrentProfiles := fwPolicy2.CurrentProfileTypes;
NewRule := CreateOleObject('HNetCfg.FWRule');
NewRule.Name := 'ICMP_Rule';
NewRule.Description := 'Allow ICMP network traffic';
NewRule.Protocol := NET_FW_IP_PROTOCOL_ICMPv4;
NewRule.IcmpTypesAndCodes := '1:1';
NewRule.Enabled := True;
NewRule.Grouping := 'Group';
NewRule.Profiles := CurrentProfiles;
NewRule.Action := NET_FW_ACTION_ALLOW;
RulesObject.Add(NewRule);
end;
procedure TForm1.Button1Click(Sender: TObject);
begin
try
CoInitialize(nil);
try
AddICMPRule;
finally
CoUninitialize;
end;
except
on E:EOleException do
ShowMessage(Format('EOleException %s %x', [E.Message,E.ErrorCode]));
end;
Beep;
ShowMessage('Finish');
end;
Regel für ein Lokales Programm hinzufügen :
uses ActiveX, ComObj
Procedure AddApplicationRule;
Const
NET_FW_ACTION_ALLOW = 1;
NET_FW_IP_PROTOCOL_TCP = 6;
var
CurrentProfiles : OleVariant;
fwPolicy2 : OleVariant;
RulesObject : OleVariant;
NewRule : OleVariant;
begin
fwPolicy2 := CreateOleObject('HNetCfg.FwPolicy2');
RulesObject := fwPolicy2.Rules;
CurrentProfiles := fwPolicy2.CurrentProfileTypes;
NewRule := CreateOleObject('HNetCfg.FWRule');
NewRule.Name := 'Application Name';
NewRule.Description := 'Allow my application network traffic';
NewRule.Applicationname := 'C:\Application.exe';
NewRule.Protocol := NET_FW_IP_PROTOCOL_TCP;
NewRule.LocalPorts := 4000;
NewRule.Enabled := True;
NewRule.Grouping := 'Group';
NewRule.Profiles := CurrentProfiles;
NewRule.Action := NET_FW_ACTION_ALLOW;
RulesObject.Add(NewRule);
end;
procedure TForm1.Button1Click(Sender: TObject);
begin
try
CoInitialize(nil);
try
AddApplicationRule;
finally
CoUninitialize;
end;
except
on E:EOleException do
ShowMessage(Format('EOleException %s %x', [E.Message,E.ErrorCode]));
end;
Beep;
ShowMessage('Finish');
end;
Eine Outbound Regel der Firewall hinzufügen :
uses ActiveX, ComObj
Procedure AddOutboundRule;
Const
NET_FW_ACTION_ALLOW = 1;
NET_FW_IP_PROTOCOL_TCP = 6;
NET_FW_RULE_DIR_OUT = 2;
var
CurrentProfiles : OleVariant;
fwPolicy2 : OleVariant;
RulesObject : OleVariant;
NewRule : OleVariant;
begin
fwPolicy2 := CreateOleObject('HNetCfg.FwPolicy2');
RulesObject := fwPolicy2.Rules;
CurrentProfiles := fwPolicy2.CurrentProfileTypes;
NewRule := CreateOleObject('HNetCfg.FWRule');
NewRule.Name := 'Outbound_Rule';
NewRule.Description := 'Allow outbound network traffic from my Application over TCP port 4000';
NewRule.Applicationname := 'C:\Application.exe';
NewRule.Protocol := NET_FW_IP_PROTOCOL_TCP;
NewRule.LocalPorts := 4000;
NewRule.Direction := NET_FW_RULE_DIR_OUT;
NewRule.Enabled := True;
NewRule.Grouping := 'Group';
NewRule.Profiles := CurrentProfiles;
NewRule.Action := NET_FW_ACTION_ALLOW;
RulesObject.Add(NewRule);
end;
procedure TForm1.Button1Click(Sender: TObject);
begin
try
CoInitialize(nil);
try
AddOutboundRule;
finally
CoUninitialize;
end;
except
on E:EOleException do
ShowMessage(Format('EOleException %s %x', [E.Message,E.ErrorCode]));
end;
Beep;
ShowMessage('Finish');
end;
Keine Kommentare:
Kommentar veröffentlichen