Windows 7防火墙:从命令行修改组项目 [英] Windows 7 Firewall: Modify group items from command line

问题描述

我正在创建一个界面，该界面允许用户管理Windows防火墙. Windows随附的GUI看起来像这样

I am creating an interface that allows the user to manage (among other things) the Windows Firewall. The GUI that comes with Windows looks like this

我的GUI用Java编写，并使用 netsh advfirewall firewall命令读取当前设置并保存更改.

My GUI is written in Java and uses the netsh advfirewall firewall commands to read the current settings and to save changes.

其中一些项目是防火墙中的单个记录.但是，"Windows远程管理"项是分组的"项之一.这是多个项目的组合.这是组合中的其中一项.

Some of the items are single records in the firewall. The "Windows Remote Management" item however, is one of the "grouped" items. This is a combination of multiple items. Here is one of those items in the combination.

Rule Name:                            Windows Remote Management - Compatibility
Mode (HTTP-In)
----------------------------------------------------------------------
Enabled:                              No
Direction:                            In
Profiles:                             Private,Public
Grouping:                             Windows Remote Management
LocalIP:                              Any
RemoteIP:                             LocalSubnet
Protocol:                             TCP
LocalPort:                            80
RemotePort:                           Any
Edge traversal:                       No
Action:                               Allow

在这种情况下，整个组都被禁用，但是可以为public或private或两者都启用. (更不用说域了)

In this case the whole group is disabled, but it can be enabled for the type public or private or both. (not to mention domain)

使用Windows GUI启用该组时，如果仅启用一种类型，则它必须复制该组中的所有项目.禁用类型的一份，启用类型的一份.

When you enable this group using the Windows GUI, if you only enable one of the types, it has to duplicate all the items in the group. One copy for disabled type, one for the enabled type.

当我尝试创建第二个副本时出现问题. netsh advfirewall firewall add rule命令不会请允许我对新项目进行分组.因此，这意味着我无法创建第二个副本！这意味着，除非Windows已经复制了该项目，否则我只能一起启用或禁用这两种类型(公共和私有)，这不是我想要的.

The problem arises when I try to create the second copy. The netsh advfirewall firewall add rule command does not allow me to set a grouping on new items. So that means I can't create the second copy! Which means, unless the item has already been duplicated by Windows, I can only enable or disable both types together (public and private) which is not what I want.

如何创建第二个副本?关于如何使用Java或命令行执行操作的任何想法?我发现netsh导出会创建一个字节文件.看起来它是一个注册表字节文件.有没有一种方法可以使用reg query编辑防火墙?防火墙设置将存储在注册表中的什么位置?我希望避免编写自己的.exe.

How can I create this second copy? Any ideas on how to do it with Java or the command line? I found that a netsh export creates a byte file. It looks like it is a registry byte file. Is there a way to edit the firewall using reg query? Where would firewall settings be stored int the registry? I am hoping to avoid writing my own .exe.

推荐答案

注册表中Windows防火墙规则的存储位置为:

The place in the registry where Windows Firewall rules are stored is:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules

此注册表项中的数据具有可通过netsh advfirewall firewall编辑的相同变量.大多数实际的名称和描述都是类似于@FirewallAPI.dll,-31293的引用.防火墙条目没有唯一的ID，并由其名称标识.由于这个原因，并且由于我无法找出引用所指向的内容，我使用netsh advfirewall firewall删除了防火墙条目，并使用reg query将它们添加回去.

The data in this registry key has the same variables that are editable through netsh advfirewall firewall. Most of the actual names and descriptions are references that look like this @FirewallAPI.dll,-31293. Firewall entries do not have a unique ID and are identified by their name. Because of this and because I was not able to find out what the reference was pointing to I deleted the Firewall entries using netsh advfirewall firewall and adding them back using reg query.

这篇关于Windows 7防火墙:从命令行修改组项目的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！