none
Problem in Firewall Exclude Interface RRS feed

  • Question

  • Hi All,

    I have configured 2 network adapters on Windows 7 64 bit system, both are enabled.

    I have VS2008 application built for x64 which uses INetFwPolicy2::ExcludedInterfaces property to disable both network adapters on system. Interface returns S_OK both times.

    When I disable last enabled adapter using above interface, default network adapter gets enabled.

    However when I manually disable both adapters from Ctrl Panel->Win Firewall-> Adavanced Settings->Properties, both gets disabled.

     

    Please suggest how do I disable all network adapters configured on system using INetFwPolicy2::ExcludedInterfaces().

    Or is it an OS constraint.

     

    I have used following code to implement this functionality :

    bool RegisterNetworkConnectionSettings()
    {
        
        HRESULT hr = S_OK;
    	HRESULT hrComInit = S_OK;
        INetSharingManager *fwNetSharingManager = NULL;
           INetFwPolicy2 *pNetFwPolicy2 = NULL; 
        // Create an instance of the firewall settings manager.
        hrComInit = CoInitializeEx(
                        0,
                        COINIT_APARTMENTTHREADED
                        );
    
        // Ignore RPC_E_CHANGED_MODE; this just means that COM has already been
        // initialized with a different mode. Since we don't care what the mode is,
        // we'll just use the existing mode.
        if (hrComInit != RPC_E_CHANGED_MODE)
        {
            if (FAILED(hrComInit))
            {
                printf("CoInitializeEx failed: 0x%08lx\n", hrComInit);
                //goto Cleanup;
            }
        }
    
        // Retrieve INetFwPolicy2
        hr = WFCOMInitialize(&pNetFwPolicy2);
        if (FAILED(hr))
        {
            //goto Cleanup;
        }
    
        
        hr = CoCreateInstance(
                            __uuidof(NetSharingManager),
                            NULL,
                            CLSCTX_INPROC_SERVER,
                            __uuidof(INetSharingManager),
                            (void**)&fwNetSharingManager
                            );
        if (FAILED(hr))
        {
            return false;
        }
        INetConnection *pNC = NULL;
        INetSharingEveryConnectionCollection *pNSECC = NULL;
        hr = fwNetSharingManager->get_EnumEveryConnection (&pNSECC);
        if (FAILED(hr))
        {
            return false;
        }
    
        // enumerate connections
        IEnumVARIANT *pEV = NULL;
        IUnknown *pUnk = NULL;
        hr = pNSECC->get__NewEnum (&pUnk);
        if (FAILED(hr))
        {
            return false;
        }
        hr = pUnk->QueryInterface (__uuidof(IEnumVARIANT),
                                   (void**)&pEV);
        if (FAILED(hr))
        {
            return false;
        }
        VARIANT v;
        VariantInit (&v);
        while ((S_OK == pEV->Next (1, &v, NULL)) )
        {
            if ( VT_UNKNOWN == V_VT (&v)) 
            {
                hr = V_UNKNOWN (&v)->QueryInterface (__uuidof(INetConnection),
                                                    (void**)&pNC);
                if (FAILED(hr))
                {
                    return false;
                }
                INetConnectionProps *pNCP = NULL;
                hr = fwNetSharingManager->get_NetConnectionProps (pNC, &pNCP);
                if (FAILED(hr))
                {
                    return false;
                }
                BSTR name;
                pNCP->get_Name(&name);
                        variant_t l_vtInterface;
                        variant_t l_vtInterfaceName(name);
                        long l_lIndex = 0;
                        SAFEARRAY *l_pSa = NULL;
                        l_pSa = SafeArrayCreateVector(VT_VARIANT, 0, 1);
                        if (!l_pSa)
                        {
                        }
                        else
                        {
                            hr = SafeArrayPutElement(l_pSa, &l_lIndex, &l_vtInterfaceName);
                            if (FAILED(hr))
                            {
                                return false;
                            }
                            l_vtInterface.vt = VT_ARRAY | VT_VARIANT;
                            l_vtInterface.parray = l_pSa;
                        }
                            hr = pNetFwPolicy2->put_ExcludedInterfaces(NET_FW_PROFILE2_DOMAIN, l_vtInterface);
                            if (FAILED(hr))
                            {
                                return false;
                            }
                            hr = pNetFwPolicy2->put_ExcludedInterfaces(NET_FW_PROFILE2_PUBLIC, l_vtInterface);
                            if (FAILED(hr))
                            {
                                return false;
                            }
                            hr = pNetFwPolicy2->put_ExcludedInterfaces(NET_FW_PROFILE2_PRIVATE, l_vtInterface);
                            if (FAILED(hr))
                            {
                                return false;
                            }
            }
         }
        VariantClear (&v);
        return true;
    }
    


    Thanks in Adance.

    Manoj

    Monday, November 21, 2011 12:52 PM