INetFwRule interface

The INetFwRule interface provides access to the properties of a rule.

Methods

The INetFwRule interface has these methods.

Method Description
INetFwRule::get_Action Specifies the action for a rule or default setting.
INetFwRule::get_ApplicationName Specifies the friendly name of the application to which this rule applies.
INetFwRule::get_Description Specifies the description of this rule.
INetFwRule::get_Direction Specifies the direction of traffic for which the rule applies.
INetFwRule::get_EdgeTraversal Indicates whether edge traversal is enabled or disabled for this rule.
INetFwRule::get_Enabled Enables or disables a rule.
INetFwRule::get_Grouping Specifies the group to which an individual rule belongs.
INetFwRule::get_IcmpTypesAndCodes Specifies the list of ICMP types and codes for this rule.
INetFwRule::get_Interfaces Specifies the list of interfaces for which the rule applies.
INetFwRule::get_InterfaceTypes Specifies the list of interface types for which the rule applies.
INetFwRule::get_LocalAddresses Specifies the list of local addresses for this rule.
INetFwRule::get_LocalPorts Specifies the list of local ports for this rule.
INetFwRule::get_Name Specifies the friendly name of this rule.
INetFwRule::get_Profiles Specifies the profiles to which the rule belongs.
INetFwRule::get_Protocol Specifies the IP protocol of this rule.
INetFwRule::get_RemoteAddresses Specifies the list of remote addresses for this rule.
INetFwRule::get_RemotePorts Specifies the list of remote ports for this rule.
INetFwRule::get_ServiceName Specifies the service name property of the application.
INetFwRule::put_Action Specifies the action for a rule or default setting.
INetFwRule::put_ApplicationName Specifies the friendly name of the application to which this rule applies.
INetFwRule::put_Description Specifies the description of this rule.
INetFwRule::put_Direction Specifies the direction of traffic for which the rule applies.
INetFwRule::put_EdgeTraversal Indicates whether edge traversal is enabled or disabled for this rule.
INetFwRule::put_Enabled Enables or disables a rule.
INetFwRule::put_Grouping Specifies the group to which an individual rule belongs.
INetFwRule::put_IcmpTypesAndCodes Specifies the list of ICMP types and codes for this rule.
INetFwRule::put_Interfaces Specifies the list of interfaces for which the rule applies.
INetFwRule::put_InterfaceTypes Specifies the list of interface types for which the rule applies.
INetFwRule::put_LocalAddresses Specifies the list of local addresses for this rule.
INetFwRule::put_LocalPorts Specifies the list of local ports for this rule.
INetFwRule::put_Name Specifies the friendly name of this rule.
INetFwRule::put_Profiles Specifies the profiles to which the rule belongs.
INetFwRule::put_Protocol Specifies the IP protocol of this rule.
INetFwRule::put_RemoteAddresses Specifies the list of remote addresses for this rule.
INetFwRule::put_RemotePorts Specifies the list of remote ports for this rule.
INetFwRule::put_ServiceName Specifies the service name property of the application.

Remarks

Each time you change a property of a rule, Windows Firewall commits the rule and verifies it for correctness. As a result, when you edit a rule, you must perform the steps in a specific order. For example, if you add an ICMP rule, you must first set the protocol to ICMP, then add the rule. If these steps are taken in the opposite order, an error occurs and the change is lost.

If you are editing a TCP port rule and converting it into an ICMP rule, first delete the port, change protocol from TCP to ICMP, and then add the rule.

In order to retrieve and modify existing rules, instances of this interface must be retrieved through INetFwRules. All configuration changes take place immediately.

When accessing the properties of a rule, keep in mind that there may be a small time lag before a newly-added rule is applied.

Properties are used to create firewall rules. Many of the properties can be used in order to create very specific firewall rules.

Property Type and format Constraints
Name Clear text string. Required. The string must not contain a "|" and it must not be "all".
Description Clear text string. Optional. The string must not contain a "|".
Grouping String in the format "@<dll name>, <resource string identifier>". Required.
Enabled Boolean (VARIANT_BOOLEAN). Optional. Defaults to false (VARIANT_FALSE) if nothing is specified.
ApplicationName Clear text string. Optional.
ServiceName Clear text string. Optional.
LocalPorts Clear text string containing a list of port numbers. "RPC" is an acceptable value. Optional.
RemotePorts Clear text string containing a list of port numbers. Optional.
LocalAddresses Clear text string containing a list of IPv4 and IPv6 addresses separated by commas. Range values and"*"are acceptable in this list. Optional.
RemoteAddresses Clear text string containing a list of IPv4 and IPv6 addresses separated by commas. Range values and"*"are acceptable in this list. Optional.
Protocol Number. Optional.
put_Profiles String value in the format "type, code". Multiple types and codes can be included in the string by separating each pair with a ";". Optional.
Interfaces Array of strings containing the friendly names of interfaces. Optional.
InterfaceTypes String value. Multiple interface types can be included in the string by separating each value with a ",". Acceptable values are "RemoteAccess", "Wireless", "Lan", and "All". Optional.
Direction Enumeration. Optional.
Action Enumeration. Optional.
EdgeTraversal Boolean (VARIANT_BOOLEAN). Optional.
Profiles Enumeration. Optional.
 

For additional information on each property, please see the corresponding topic.

Requirements

   
Windows version Windows Vista [desktop apps only] Windows Server 2008 [desktop apps only]
Target Platform Windows
Header netfw.h

See Also

IDispatch

IUnknown