INetFwPolicy2::EnableRuleGroup method

The EnableRuleGroup method enables or disables a specified group of firewall rules.

Syntax

HRESULT EnableRuleGroup(
  long         profileTypesBitmask,
  BSTR         group,
  VARIANT_BOOL enable
);

Parameters

profileTypesBitmask

A bitmask of profiles from NET_FW_PROFILE_TYPE2.

group

A string that was used to group rules together. It can be the group name or an indirect string to the group name in the form of "@C:\Program Files\Contoso Storefront\StorefrontRes.dll,-1234". Rules belonging to this group would be enabled or disabled.

enable

Indicates whether the group of rules identified by the group parameter are to be enabled or disabled.

If this value is set to true (VARIANT_TRUE), the group of rules will be enabled; otherwise the group is disabled.

Return Value

C++

If the method succeeds the return value is S_OK.

If the method fails, the return value is one of the following error codes.

Return code Description
E_ACCESSDENIED
The operation was aborted due to permissions issues.
E_INVALIDARG
The method failed due to an invalid parameter.
S_FALSE
The requested group does not exist.
 

VB

If the method succeeds the return value is S_OK.

If the method fails, the return value is one of the following error codes.

Return code Description
E_ACCESSDENIED
The operation was aborted due to permissions issues.
E_INVALIDARG
The method failed due to an invalid parameter.
S_FALSE
The requested group does not exist.

Remarks

When indirect strings in the form of "@C:\Program Files\Contoso Storefront\StorefrontRes.dll,-1234" are passed as parameters to the Windows Firewall with Advanced Security APIs, they should be specified by a full path. The file should have a secure access that permits the Local Service account read access to allow the Windows Firewall Service to read the strings. To avoid non-privileged security principals from modifying the strings, the DLLs should only allow write access to the Administrator account.

Requirements

   
Minimum supported client Windows Vista [desktop apps only]
Minimum supported server Windows Server 2008 [desktop apps only]
Target Platform Windows
Header netfw.h
DLL FirewallAPI.dll

See Also

INetFwPolicy2

Rule Authoring