int CheckFirewallPortState(long number, NET_FW_IP_PROTOCOL protocol) { INetFwMgr *imgr = NULL; INetFwPolicy *ipol = NULL; INetFwProfile *iprof = NULL; HRESULT hr = S_OK; VARIANT_BOOL portenabled = 0; // false int result = 0; // error hr = CoCreateInstance(__uuidof(NetFwMgr), NULL, CLSCTX_INPROC_SERVER, __uuidof(INetFwMgr), (void**)&imgr); if(FAILED(hr)) return 0; hr = S_FALSE; if(imgr->get_LocalPolicy(&ipol) == S_OK) { if(ipol->get_CurrentProfile(&iprof) == S_OK) { INetFwOpenPorts *iports = NULL; if(iprof->get_GloballyOpenPorts(&iports) == S_OK) { INetFwOpenPort *iport = NULL; hr = iports->Item(number, protocol, &iport); if(SUCCEEDED(hr)) { hr = iport->get_Enabled(&portenabled); iport->Release(); } iports->Release(); } iprof->Release(); } ipol->Release(); } imgr->Release(); if(hr == S_OK) { if(portenabled) result = 1; else result = -1; } return result; }
FW_ERROR_CODE WinXPSP2FireWall::IsPortEnabled( LONG lPortNumber, NET_FW_IP_PROTOCOL ipProtocol, BOOL& bEnable ) { FW_ERROR_CODE ret = FW_NOERROR; VARIANT_BOOL bFWEnabled; INetFwOpenPort* pFWOpenPort = nullptr; INetFwOpenPorts* pFWOpenPorts = nullptr; HRESULT hr; bEnable = FALSE; try { if( m_pFireWallProfile == nullptr ) throw FW_ERR_INITIALIZED; // Retrieve the open ports collection hr = m_pFireWallProfile->get_GloballyOpenPorts( &pFWOpenPorts ); if( FAILED( hr )) throw FW_ERR_GLOBAL_OPEN_PORTS; // Get the open port hr = pFWOpenPorts->Item( lPortNumber, ipProtocol, &pFWOpenPort ); if( SUCCEEDED( hr )) { hr = pFWOpenPort->get_Enabled( &bFWEnabled ); if( FAILED( hr )) throw FW_ERR_PORT_IS_ENABLED; if( bFWEnabled == VARIANT_TRUE ) bEnable = TRUE; } } catch( FW_ERROR_CODE nError) { ret = nError; } if( pFWOpenPort ) pFWOpenPort->Release(); if( pFWOpenPorts ) pFWOpenPorts->Release(); return ret; }
FW_ERROR_CODE WinXPSP2FireWall::AddPort( LONG lPortNumber, NET_FW_IP_PROTOCOL ipProtocol, const wchar_t* lpszRegisterName ) { FW_ERROR_CODE ret = FW_NOERROR; INetFwOpenPort* pFWOpenPort = nullptr; INetFwOpenPorts* pFWOpenPorts = nullptr; BSTR bstrRegisterName = nullptr; HRESULT hr; try { if( m_pFireWallProfile == nullptr ) throw FW_ERR_INITIALIZED; BOOL bEnablePort; FW_ERROR_CODE nError = IsPortEnabled( lPortNumber, ipProtocol, bEnablePort); if( nError != FW_NOERROR) throw nError; // Only add the port, if it isn't added to the collection if( bEnablePort == FALSE ) { // Retrieve the collection of globally open ports hr = m_pFireWallProfile->get_GloballyOpenPorts( &pFWOpenPorts ); if( FAILED( hr )) throw FW_ERR_GLOBAL_OPEN_PORTS; // Create an instance of an open port hr = CoCreateInstance( CLSID_NetFwOpenPort, nullptr, CLSCTX_INPROC_SERVER, IID_INetFwOpenPort, (void**)&pFWOpenPort); if( FAILED( hr )) throw FW_ERR_CREATE_PORT_INSTANCE; // Set the port number hr = pFWOpenPort->put_Port( lPortNumber ); if( FAILED( hr )) throw FW_ERR_SET_PORT_NUMBER; // Set the IP Protocol hr = pFWOpenPort->put_Protocol( ipProtocol ); if( FAILED( hr )) throw FW_ERR_SET_IP_PROTOCOL; bstrRegisterName = SysAllocString( lpszRegisterName ); if( SysStringLen( bstrRegisterName ) == 0) throw FW_ERR_SYS_ALLOC_STRING; // Set the registered name hr = pFWOpenPort->put_Name( bstrRegisterName ); if( FAILED( hr )) throw FW_ERR_PUT_REGISTER_NAME; hr = pFWOpenPorts->Add( pFWOpenPort ); if( FAILED( hr )) throw FW_ERR_ADD_TO_COLLECTION; } } catch( FW_ERROR_CODE nError) { ret = nError; } SysFreeString( bstrRegisterName ); if( pFWOpenPort ) pFWOpenPort->Release(); if( pFWOpenPorts ) pFWOpenPorts->Release(); return ret; }
bool ControlUPnPPorts(bool open) { INetFwMgr *imgr = NULL; INetFwPolicy *ipol = NULL; INetFwProfile *iprof = NULL; HRESULT hr = S_OK; bool port2869 = false; bool port1900 = false; hr = CoCreateInstance(__uuidof(NetFwMgr), NULL, CLSCTX_INPROC_SERVER, __uuidof(INetFwMgr), (void**)&imgr); if(FAILED(hr)) return false; if(imgr->get_LocalPolicy(&ipol) == S_OK) { if(ipol->get_CurrentProfile(&iprof) == S_OK) { INetFwOpenPorts *iports = NULL; if(iprof->get_GloballyOpenPorts(&iports) == S_OK) { INetFwOpenPort *iport = NULL; VARIANT_BOOL portenabled = open ? -1 : 0; hr = iports->Item(2869L, NET_FW_IP_PROTOCOL_TCP, &iport); if(FAILED(hr)) { hr = CoCreateInstance(__uuidof(NetFwOpenPort), NULL, CLSCTX_INPROC_SERVER, __uuidof(INetFwOpenPort), (void**)&iport); if(SUCCEEDED(hr)) { iport->put_Name(L"UPnP TCP 2869"); iport->put_Port(2869L); iport->put_Protocol(NET_FW_IP_PROTOCOL_TCP); iport->put_Scope(NET_FW_SCOPE_LOCAL_SUBNET); hr = iports->Add(iport); } } if(hr == S_OK && iport->put_Enabled(portenabled) == S_OK) { debug("TCP 2869 enabled"); port2869 = true; } if(iport) iport->Release(); hr = iports->Item(1900L, NET_FW_IP_PROTOCOL_UDP, &iport); if(FAILED(hr)) { hr = CoCreateInstance(__uuidof(NetFwOpenPort), NULL, CLSCTX_INPROC_SERVER, __uuidof(INetFwOpenPort), (void**)&iport); if(SUCCEEDED(hr)) { iport->put_Name(L"UPnP UDP 1900"); iport->put_Port(1900L); iport->put_Protocol(NET_FW_IP_PROTOCOL_UDP); iport->put_Scope(NET_FW_SCOPE_LOCAL_SUBNET); hr = iports->Add(iport); } } if(hr == S_OK && iport->put_Enabled(portenabled) == S_OK) { debug("UDP 1900 enabled"); port1900 = true; } if(iport) iport->Release(); iports->Release(); } iprof->Release(); } ipol->Release(); } imgr->Release(); return port2869 & port1900; }
HRESULT WindowsFirewallPortAdd( IN INetFwProfile* fwProfile, IN LONG portNumber, IN NET_FW_IP_PROTOCOL ipProtocol, IN const wchar_t* name ) { HRESULT hr = S_OK; BOOL fwPortEnabled; BSTR fwBstrName = NULL; INetFwOpenPort* fwOpenPort = NULL; INetFwOpenPorts* fwOpenPorts = NULL; _ASSERT(fwProfile != NULL); _ASSERT(name != NULL); // First check to see if the port is already added. hr = WindowsFirewallPortIsEnabled( fwProfile, portNumber, ipProtocol, &fwPortEnabled ); if (FAILED(hr)) { goto error; } // Only add the port if it isn't already added. if (!fwPortEnabled) { // Retrieve the collection of globally open ports. hr = fwProfile->get_GloballyOpenPorts(&fwOpenPorts); if (FAILED(hr)) { goto error; } // Create an instance of an open port. hr = CoCreateInstance( __uuidof(NetFwOpenPort), NULL, CLSCTX_INPROC_SERVER, __uuidof(INetFwOpenPort), (void**)&fwOpenPort ); if (FAILED(hr)) { goto error; } // Set the port number. hr = fwOpenPort->put_Port(portNumber); if (FAILED(hr)) { goto error; } // Set the IP protocol. hr = fwOpenPort->put_Protocol(ipProtocol); if (FAILED(hr)) { goto error; } // Allocate a BSTR for the friendly name of the port. fwBstrName = SysAllocString(name); if (SysStringLen(fwBstrName) == 0) { hr = E_OUTOFMEMORY; goto error; } // Set the friendly name of the port. hr = fwOpenPort->put_Name(fwBstrName); if (FAILED(hr)) { goto error; } // Opens the port and adds it to the collection. hr = fwOpenPorts->Add(fwOpenPort); if (FAILED(hr)) { goto error; } } error: // Free the BSTR. SysFreeString(fwBstrName); // Release the open port instance. if (fwOpenPort != NULL) { fwOpenPort->Release(); } // Release the globally open ports collection. if (fwOpenPorts != NULL) { fwOpenPorts->Release(); } return hr; }
HRESULT WindowsFirewallPortIsEnabled( IN INetFwProfile* fwProfile, IN LONG portNumber, IN NET_FW_IP_PROTOCOL ipProtocol, OUT BOOL* fwPortEnabled ) { HRESULT hr = S_OK; VARIANT_BOOL fwEnabled; INetFwOpenPort* fwOpenPort = NULL; INetFwOpenPorts* fwOpenPorts = NULL; _ASSERT(fwProfile != NULL); _ASSERT(fwPortEnabled != NULL); *fwPortEnabled = FALSE; // Retrieve the globally open ports collection. hr = fwProfile->get_GloballyOpenPorts(&fwOpenPorts); if (FAILED(hr)) { goto error; } // Attempt to retrieve the globally open port. hr = fwOpenPorts->Item(portNumber, ipProtocol, &fwOpenPort); if (SUCCEEDED(hr)) { // Find out if the globally open port is enabled. hr = fwOpenPort->get_Enabled(&fwEnabled); if (FAILED(hr)) { goto error; } if (fwEnabled != VARIANT_FALSE) { // The globally open port is enabled. *fwPortEnabled = TRUE; } else { } } else { // The globally open port was not in the collection. hr = S_OK; } error: // Release the globally open port. if (fwOpenPort != NULL) { fwOpenPort->Release(); } // Release the globally open ports collection. if (fwOpenPorts != NULL) { fwOpenPorts->Release(); } return hr; }