Checking the Effective Firewall Status

Firewall status is determined by a combination of two levels of control. Global operation mode determines whether the firewall is enabled and whether exceptions are allowed. Interface operation mode determines whether a specific interface is firewalled when the firewall is enabled. To find the current status of the firewall, first check the global operation mode, and then check the mode on the interface of interest.

To check the global operation mode, use the FirewallEnabled property of the INetFwProfile object to find out if the firewall is enabled. Use the ExceptionsNotAllowed property of the INetFwProfile object to find out if exceptions are allowed.

To check the interface operation mode, use the InternetFirewallEnabled property of the INetSharingConfiguration object.

The following table lists the resulting system state as a combination of the global operation mode and the operation mode of a specific interface.

Global Operation ModeInterface Operation ModeResultant Firewall Status
Not EnabledNot EnabledNot Enabled
Not EnabledEnabledNot Enabled
EnabledNot EnabledNot Enabled
Exceptions Not Allowed AND EnabledEnabledEnabled
Exceptions Not Allowed AND EnabledNot EnabledEnabled