INetFwRule interface (netfw.h)
The INetFwRule interface provides access to the properties of a rule.
Inheritance
The INetFwRule interface inherits from the IDispatch interface. INetFwRule also has these types of members:
Methods
The INetFwRule interface has these methods.
| INetFwRule::get_Action Specifies the action for a rule or default setting. (INetFwRule.get_Action) |
| INetFwRule::get_ApplicationName Specifies the friendly name of the application to which this rule applies. (Get) |
| INetFwRule::get_Description Specifies the description of this rule. (Get) |
| INetFwRule::get_Direction Specifies the direction of traffic for which the rule applies. (Get) |
| INetFwRule::get_EdgeTraversal Indicates whether edge traversal is enabled or disabled for this rule. (Get) |
| INetFwRule::get_Enabled Enables or disables a rule. (Get) |
| INetFwRule::get_Grouping Specifies the group to which an individual rule belongs. (Get) |
| INetFwRule::get_IcmpTypesAndCodes Specifies the list of ICMP types and codes for this rule. (Get) |
| INetFwRule::get_Interfaces Specifies the list of interfaces for which the rule applies. (Get) |
| INetFwRule::get_InterfaceTypes Specifies the list of interface types for which the rule applies. (Get) |
| INetFwRule::get_LocalAddresses Specifies the list of local addresses for this rule. (Get) |
| INetFwRule::get_LocalPorts Specifies the list of local ports for this rule. (Get) |
| INetFwRule::get_Name Specifies the friendly name of this rule. (Get) |
| INetFwRule::get_Profiles Specifies the profiles to which the rule belongs. (Get) |
| INetFwRule::get_Protocol Specifies the IP protocol of this rule. (Get) |
| INetFwRule::get_RemoteAddresses Specifies the list of remote addresses for this rule. (Get) |
| INetFwRule::get_RemotePorts Specifies the list of remote ports for this rule. (Get) |
| INetFwRule::get_ServiceName Specifies the service name property of the application. (Get) |
| INetFwRule::put_Action Specifies the action for a rule or default setting. (INetFwRule.put_Action) |
| INetFwRule::put_ApplicationName Specifies the friendly name of the application to which this rule applies. (Put) |
| INetFwRule::put_Description Specifies the description of this rule. (Put) |
| INetFwRule::put_Direction Specifies the direction of traffic for which the rule applies. (Put) |
| INetFwRule::put_EdgeTraversal Indicates whether edge traversal is enabled or disabled for this rule. (Put) |
| INetFwRule::put_Enabled Enables or disables a rule. (Put) |
| INetFwRule::put_Grouping Specifies the group to which an individual rule belongs. (Put) |
| INetFwRule::put_IcmpTypesAndCodes Specifies the list of ICMP types and codes for this rule. (Put) |
| INetFwRule::put_Interfaces Specifies the list of interfaces for which the rule applies. (Put) |
| INetFwRule::put_InterfaceTypes Specifies the list of interface types for which the rule applies. (Put) |
| INetFwRule::put_LocalAddresses Specifies the list of local addresses for this rule. (Put) |
| INetFwRule::put_LocalPorts Specifies the list of local ports for this rule. (Put) |
| INetFwRule::put_Name Specifies the friendly name of this rule. (Put) |
| INetFwRule::put_Profiles Specifies the profiles to which the rule belongs. (Put) |
| INetFwRule::put_Protocol Specifies the IP protocol of this rule. (Put) |
| INetFwRule::put_RemoteAddresses Specifies the list of remote addresses for this rule. (Put) |
| INetFwRule::put_RemotePorts Specifies the list of remote ports for this rule. (Put) |
| INetFwRule::put_ServiceName Specifies the service name property of the application. (Put) |
Remarks
Each time you change a property of a rule, Windows Firewall commits the rule and verifies it for correctness. As a result, when you edit a rule, you must perform the steps in a specific order. For example, if you add an ICMP rule, you must first set the protocol to ICMP, then add the rule. If these steps are taken in the opposite order, an error occurs and the change is lost.
If you are editing a TCP port rule and converting it into an ICMP rule, first delete the port, change protocol from TCP to ICMP, and then add the rule.
In order to retrieve and modify existing rules, instances of this interface must be retrieved through INetFwRules. All configuration changes take place immediately.
When accessing the properties of a rule, keep in mind that there may be a small time lag before a newly-added rule is applied.
Properties are used to create firewall rules. Many of the properties can be used in order to create very specific firewall rules.
| Property | Type and format | Constraints |
|---|---|---|
| Name | Clear text string. | Required. The string must not contain a "|" and it must not be "all". |
| Description | Clear text string. | Optional. The string must not contain a "|". |
| Grouping | String in the format "@<dll name>, <resource string identifier>". | Required. |
| Enabled | Boolean (VARIANT_BOOLEAN). | Optional. Defaults to false (VARIANT_FALSE) if nothing is specified. |
| ApplicationName | Clear text string. | Optional. |
| ServiceName | Clear text string. | Optional. |
| LocalPorts | Clear text string containing a list of port numbers. "RPC" is an acceptable value. | Optional. |
| RemotePorts | Clear text string containing a list of port numbers. | Optional. |
| LocalAddresses | Clear text string containing a list of IPv4 and IPv6 addresses separated by commas. Range values and"*"are acceptable in this list. | Optional. |
| RemoteAddresses | Clear text string containing a list of IPv4 and IPv6 addresses separated by commas. Range values and"*"are acceptable in this list. | Optional. |
| Protocol | Number. | Optional. |
| put_Profiles | String value in the format "type, code". Multiple types and codes can be included in the string by separating each pair with a ";". | Optional. |
| Interfaces | Array of strings containing the friendly names of interfaces. | Optional. |
| InterfaceTypes | String value. Multiple interface types can be included in the string by separating each value with a ",". Acceptable values are "RemoteAccess", "Wireless", "Lan", and "All". | Optional. |
| Direction | Enumeration. | Optional. |
| Action | Enumeration. | Optional. |
| EdgeTraversal | Boolean (VARIANT_BOOLEAN). | Optional. |
| Profiles | Enumeration. | Optional. |
For additional information on each property, please see the corresponding topic.
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows Vista [desktop apps only] |
| Minimum supported server | Windows Server 2008 [desktop apps only] |
| Target Platform | Windows |
| Header | netfw.h |
See also
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for