INetFwRule interface (netfw.h)

The INetFwRule interface provides access to the properties of a rule.

Inheritance

The INetFwRule interface inherits from the IDispatch interface. INetFwRule also has these types of members:

Methods

The INetFwRule interface has these methods.

 
INetFwRule::get_Action

Specifies the action for a rule or default setting. (INetFwRule.get_Action)
INetFwRule::get_ApplicationName

Specifies the friendly name of the application to which this rule applies. (Get)
INetFwRule::get_Description

Specifies the description of this rule. (Get)
INetFwRule::get_Direction

Specifies the direction of traffic for which the rule applies. (Get)
INetFwRule::get_EdgeTraversal

Indicates whether edge traversal is enabled or disabled for this rule. (Get)
INetFwRule::get_Enabled

Enables or disables a rule. (Get)
INetFwRule::get_Grouping

Specifies the group to which an individual rule belongs. (Get)
INetFwRule::get_IcmpTypesAndCodes

Specifies the list of ICMP types and codes for this rule. (Get)
INetFwRule::get_Interfaces

Specifies the list of interfaces for which the rule applies. (Get)
INetFwRule::get_InterfaceTypes

Specifies the list of interface types for which the rule applies. (Get)
INetFwRule::get_LocalAddresses

Specifies the list of local addresses for this rule. (Get)
INetFwRule::get_LocalPorts

Specifies the list of local ports for this rule. (Get)
INetFwRule::get_Name

Specifies the friendly name of this rule. (Get)
INetFwRule::get_Profiles

Specifies the profiles to which the rule belongs. (Get)
INetFwRule::get_Protocol

Specifies the IP protocol of this rule. (Get)
INetFwRule::get_RemoteAddresses

Specifies the list of remote addresses for this rule. (Get)
INetFwRule::get_RemotePorts

Specifies the list of remote ports for this rule. (Get)
INetFwRule::get_ServiceName

Specifies the service name property of the application. (Get)
INetFwRule::put_Action

Specifies the action for a rule or default setting. (INetFwRule.put_Action)
INetFwRule::put_ApplicationName

Specifies the friendly name of the application to which this rule applies. (Put)
INetFwRule::put_Description

Specifies the description of this rule. (Put)
INetFwRule::put_Direction

Specifies the direction of traffic for which the rule applies. (Put)
INetFwRule::put_EdgeTraversal

Indicates whether edge traversal is enabled or disabled for this rule. (Put)
INetFwRule::put_Enabled

Enables or disables a rule. (Put)
INetFwRule::put_Grouping

Specifies the group to which an individual rule belongs. (Put)
INetFwRule::put_IcmpTypesAndCodes

Specifies the list of ICMP types and codes for this rule. (Put)
INetFwRule::put_Interfaces

Specifies the list of interfaces for which the rule applies. (Put)
INetFwRule::put_InterfaceTypes

Specifies the list of interface types for which the rule applies. (Put)
INetFwRule::put_LocalAddresses

Specifies the list of local addresses for this rule. (Put)
INetFwRule::put_LocalPorts

Specifies the list of local ports for this rule. (Put)
INetFwRule::put_Name

Specifies the friendly name of this rule. (Put)
INetFwRule::put_Profiles

Specifies the profiles to which the rule belongs. (Put)
INetFwRule::put_Protocol

Specifies the IP protocol of this rule. (Put)
INetFwRule::put_RemoteAddresses

Specifies the list of remote addresses for this rule. (Put)
INetFwRule::put_RemotePorts

Specifies the list of remote ports for this rule. (Put)
INetFwRule::put_ServiceName

Specifies the service name property of the application. (Put)

Remarks

Each time you change a property of a rule, Windows Firewall commits the rule and verifies it for correctness. As a result, when you edit a rule, you must perform the steps in a specific order. For example, if you add an ICMP rule, you must first set the protocol to ICMP, then add the rule. If these steps are taken in the opposite order, an error occurs and the change is lost.

If you are editing a TCP port rule and converting it into an ICMP rule, first delete the port, change protocol from TCP to ICMP, and then add the rule.

In order to retrieve and modify existing rules, instances of this interface must be retrieved through INetFwRules. All configuration changes take place immediately.

When accessing the properties of a rule, keep in mind that there may be a small time lag before a newly-added rule is applied.

Properties are used to create firewall rules. Many of the properties can be used in order to create very specific firewall rules.

Property Type and format Constraints
Name Clear text string. Required. The string must not contain a "|" and it must not be "all".
Description Clear text string. Optional. The string must not contain a "|".
Grouping String in the format "@<dll name>, <resource string identifier>". Required.
Enabled Boolean (VARIANT_BOOLEAN). Optional. Defaults to false (VARIANT_FALSE) if nothing is specified.
ApplicationName Clear text string. Optional.
ServiceName Clear text string. Optional.
LocalPorts Clear text string containing a list of port numbers. "RPC" is an acceptable value. Optional.
RemotePorts Clear text string containing a list of port numbers. Optional.
LocalAddresses Clear text string containing a list of IPv4 and IPv6 addresses separated by commas. Range values and"*"are acceptable in this list. Optional.
RemoteAddresses Clear text string containing a list of IPv4 and IPv6 addresses separated by commas. Range values and"*"are acceptable in this list. Optional.
Protocol Number. Optional.
put_Profiles String value in the format "type, code". Multiple types and codes can be included in the string by separating each pair with a ";". Optional.
Interfaces Array of strings containing the friendly names of interfaces. Optional.
InterfaceTypes String value. Multiple interface types can be included in the string by separating each value with a ",". Acceptable values are "RemoteAccess", "Wireless", "Lan", and "All". Optional.
Direction Enumeration. Optional.
Action Enumeration. Optional.
EdgeTraversal Boolean (VARIANT_BOOLEAN). Optional.
Profiles Enumeration. Optional.
 

For additional information on each property, please see the corresponding topic.

Requirements

Requirement Value
Minimum supported client Windows Vista [desktop apps only]
Minimum supported server Windows Server 2008 [desktop apps only]
Target Platform Windows
Header netfw.h

See also

IDispatch

IUnknown