[轉]如何讓你的程序安全通過windows防火墻
http://m.shnenglu.com/davyy/archive/2006/07/24/10410.html

大家開發網絡程序,經常要連接其他主機,如果在xp上運行,一定會提示你,只有選擇解除阻止才能
實現正常的網絡連接.那么有沒有辦法在防火墻的例外列表里面通過編程的方式加入自己的程序呢?

當然有了,不然就不要介紹了:)

xp的系統目錄下面有個hnetcfg.dll就是這個編程接口,頭文件是netfw.h,初始化代碼如下:
INetFwProfile* m_pFireWallProfile=NULL;

??? HRESULT hr? =? S_FALSE;
??? INetFwMgr *? fwMgr? =? NULL;
??? INetFwPolicy *? fwPolicy? =? NULL;

??? FW_ERROR_CODE ret? =? FW_NOERROR;
???? try
?????? {
???????? if ( m_pFireWallProfile )
???????????? throw? FW_ERR_INITIALIZED;

???????? //? Create an instance of the firewall settings manager.
???????? hr? =? CoCreateInstance( __uuidof(NetFwMgr), NULL, CLSCTX_INPROC_SERVER, __uuidof( INetFwMgr), ( void ** ) & fwMgr );

???????? if ( FAILED( hr ))
???????????? throw? FW_ERR_CREATE_SETTING_MANAGER;

???????? //? Retrieve the local firewall policy.
???????? hr? =? fwMgr -> get_LocalPolicy(? & fwPolicy );
???????? if ( FAILED( hr ))
???????????? throw? FW_ERR_LOCAL_POLICY;

???????? //? Retrieve the firewall profile currently in effect
???????? hr? =? fwPolicy -> get_CurrentProfile(? & m_pFireWallProfile );
???????? if ( FAILED( hr ))
???????????? throw? FW_ERR_PROFILE;

??? }
???? catch ( FW_ERROR_CODE nError)
????? {
??????? ret? =? nError;
??? }

???? if ( fwPolicy )
??????? fwPolicy -> Release();
???? if ( fwMgr )
??????? fwMgr -> Release();

???? return? ret; 將程序名稱加入例外列表:
WinXPSP2FireWall::AddApplication( const wchar_t* lpszProcessImageFileName, const wchar_t* lpszRegisterName )
{
??? FW_ERROR_CODE ret = FW_NOERROR;
??? HRESULT hr;
??? BOOL bAppEnable;
??? BSTR bstrProcessImageFileName = NULL;
??? BSTR bstrRegisterName = NULL;
??? INetFwAuthorizedApplication* pFWApp = NULL;
??? INetFwAuthorizedApplications* pFWApps = NULL;

??? try
??? {
??????? if( m_pFireWallProfile == NULL )
??????????? throw FW_ERR_INITIALIZED;
??????? if( lpszProcessImageFileName == NULL || lpszRegisterName? == NULL )
??????????? throw FW_ERR_INVALID_ARG;

??????? // First of all, check the application is already authorized;
??????? FW_ERROR_CODE? nError = this->IsAppEnabled( lpszProcessImageFileName, bAppEnable );
??????? if( nError != FW_NOERROR )
??????????? throw nError;

??????? // Only add the application if it isn't authorized
??????? if( bAppEnable == FALSE )
??????? {
??????????? // Retrieve the authorized application collection
??????????? hr = m_pFireWallProfile->get_AuthorizedApplications( &pFWApps );
??????????? if( FAILED( hr ))
??????????????? throw FW_ERR_AUTH_APPLICATIONS;

??????????? // Create an instance of an authorized application
??????????? hr = CoCreateInstance( __uuidof(NetFwAuthorizedApplication), NULL, CLSCTX_INPROC_SERVER, __uuidof(INetFwAuthorizedApplication), (void**)&pFWApp);
??????????? if( FAILED( hr ))
??????????????? throw FW_ERR_CREATE_APP_INSTANCE;

??????????? // Allocate a BSTR for the Process Image FileName
??????????? bstrProcessImageFileName = SysAllocString( lpszProcessImageFileName );
??????????? if( SysStringLen( bstrProcessImageFileName ) == 0)
??????????????? throw FW_ERR_SYS_ALLOC_STRING;

??????????? // Set the process image file name
??????????? hr = pFWApp->put_ProcessImageFileName( bstrProcessImageFileName );
??????????? if( FAILED( hr ) )
??????????????? throw FW_ERR_PUT_PROCESS_IMAGE_NAME;

??????????? // Allocate a BSTR for register name
??????????? bstrRegisterName = SysAllocString( lpszRegisterName );
??????????? if( SysStringLen( bstrRegisterName ) == 0)
??????????????? throw FW_ERR_SYS_ALLOC_STRING;
??????????? // Set a registered name of the process
??????????? hr = pFWApp->put_Name( bstrRegisterName );
??????????? if( FAILED( hr ))
??????????????? throw FW_ERR_PUT_REGISTER_NAME;

??????????? // Add the application to the collection
??????????? hr = pFWApps->Add( pFWApp );
??????????? if( FAILED( hr ))
??????????????? throw FW_ERR_ADD_TO_COLLECTION;
??????? }
??? }
??? catch( FW_ERROR_CODE nError )
??? {
??????? ret = nError;
??? }

??? SysFreeString( bstrProcessImageFileName );
??? SysFreeString( bstrRegisterName );

??? if( pFWApp )
??????? pFWApp->Release();
??? if( pFWApps )
??????? pFWApps->Release();

??? return ret;
}