INetFwPolicy2::get_IsRuleGroupCurrentlyEnabled method (netfw.h)
The get_IsRuleGroupCurrentlyEnabled method determines whether a specified group of firewall rules are enabled or disabled for the current profile.
Syntax
HRESULT get_IsRuleGroupCurrentlyEnabled(
[in] BSTR group,
[out] VARIANT_BOOL *enabled
);
Parameters
[in] group
A string that was used to group rules together. It can be the group name or an indirect string to the group name in the form of "@C:\Program Files\Contoso Storefront\StorefrontRes.dll,-1234". Rules belonging to this group would be queried.
[out] enabled
Indicates whether the group of rules identified by the group parameter are enabled or disabled.
If this value is set to true (VARIANT_TRUE), the group of rules is enabled; otherwise the group is disabled.
For Windows 7 and later, this value will be set to true (VARIANT_TRUE) if the rule group is enabled on at least one active profile.
Return value
C++
If the method succeeds, the return value is S_OK.If the method fails, the return value is one of the following error codes.
| Return code | Description |
|---|---|
|
The operation was aborted due to permissions issues. |
|
The method failed due to an invalid parameter. |
|
The method failed because a pointer was invalid. |
For Windows 7 and later, if multiple profiles are active and the profiles have different answers for IsRuleGroupCurrentlyEnabled, the return value is S_FALSE; if the profiles have the same answer for IsRuleGroupCurrentlyEnabled, the return value is S_TRUE.
VB
This call returns a boolean enable status which indicates whether the group of rules identified by the group parameter are enabled or disabled. If this value is set to true (VARIANT_TRUE), the group of rules is enabled; otherwise, the group is disabled.Remarks
When indirect strings in the form of "@C:\Program Files\Contoso Storefront\StorefrontRes.dll,-1234" are passed as parameters to the Windows Firewall with Advanced Security APIs, they should be specified by a full path. The file should have a secure access that permits the Local Service account read access to allow the Windows Firewall Service to read the strings. To avoid non-privileged security principals from modifying the strings, the DLLs should only allow write access to the Administrator account.
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows Vista [desktop apps only] |
| Minimum supported server | Windows Server 2008 [desktop apps only] |
| Target Platform | Windows |
| Header | netfw.h |
| DLL | FirewallAPI.dll |
See also
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for