1 unstable release
Uses new Rust 2024
| new 0.1.0 | Mar 28, 2025 |
|---|
#64 in Windows APIs
86KB
1K
SLoC
Windows Firewall Rs
A Rust crate for managing Windows Firewall rules and settings using the Windows API in Rust.
Features
- Create, modify, and delete firewall rules
- Check firewall status and active profiles
- Manage incoming and outgoing rules
- Full control over rule properties:
- Ports and protocols
- Applications and services
- Network interfaces
- IP addresses
- ICMP settings
- Edge traversal
- Security profiles
Installation
Add this to your Cargo.toml:
[target.'cfg(windows)'.dependencies]
windows_firewall = "1.0.0"
Usage Examples
Creating and Managing Rules
use windows_firewall::{
add_rule, remove_rule, rule_exists, update_rule, WindowsFirewallRule, WindowsFirewallRuleSettings,
ActionFirewallWindows, DirectionFirewallWindows, ProtocolFirewallWindows
};
// Create a new rule
let mut rule = WindowsFirewallRule::builder()
.name("TestHTTPRule")
.action(ActionFirewallWindows::Allow)
.direction(DirectionFirewallWindows::In)
.enabled(true)
.description("Test HTTP rule")
.protocol(ProtocolFirewallWindows::Tcp)
.local_ports([80])
.build();
// Add the rule
match add_rule(rule.clone()) {
Ok(_) => println!("Rule added successfully"),
Err(e) => eprintln!("Failed to add rule: {}", e),
};
// Verify the rule exists
match rule_exists("TestHTTPRule") {
Ok(exists) => println!("Rule exists: {}", exists),
Err(e) => eprintln!("Failed to check rule: {}", e),
};
let updated_settings = WindowsFirewallRuleSettings::builder()
.enabled(false)
.description("Updated test HTTP rule")
.build();
// Update the rule
match update_rule("TestHTTPRule", updated_settings) {
Ok(_) => println!("Rule updated successfully"),
Err(e) => eprintln!("Failed to update rule: {}", e),
};
// Remove the rule
match remove_rule("TestHTTPRule") {
Ok(_) => println!("Rule removed successfully"),
Err(e) => eprintln!("Failed to remove rule: {}", e),
};
Another example of using struct methods
use windows_firewall::{
WindowsFirewallRule, WindowsFirewallRuleSettings,
ActionFirewallWindows, DirectionFirewallWindows, ProtocolFirewallWindows
};
// Create a new firewall rule
let mut rule = WindowsFirewallRule::builder()
.name("TestDNSServerRule")
.action(ActionFirewallWindows::Allow)
.direction(DirectionFirewallWindows::In)
.enabled(true)
.description("Test DNS Server rule")
.protocol(ProtocolFirewallWindows::Udp)
.local_ports([53])
.build();
// Add the rule
match rule.add() {
Ok(_) => println!("DNS Server rule added successfully"),
Err(e) => eprintln!("Failed to add DNS Server rule: {}", e),
};
// Verify the rule exists
match rule.exists() {
Ok(exists) => println!("Rule exists: {}", exists),
Err(e) => eprintln!("Failed to check rule: {}", e),
};
let updated_settings = WindowsFirewallRuleSettings::builder()
.enabled(false)
.description("Updated DNS Server rule")
.build();
// Update the rule
match rule.update(&updated_settings) {
Ok(_) => println!("DNS Server rule updated successfully"),
Err(e) => eprintln!("Failed to update DNS Server rule: {}", e),
};
// Remove the rule
match rule.remove() {
Ok(_) => println!("DNS Server rule removed successfully"),
Err(e) => eprintln!("Failed to remove DNS Server rule: {}", e),
};
Checking Firewall Status
use windows_firewall::{get_firewall_state, ProfileFirewallWindows};
match get_firewall_state(ProfileFirewallWindows::Current) {
Ok(enabled) => println!("Firewall is {}", if enabled { "enabled" } else { "disabled" }),
Err(e) => eprintln!("Failed to get firewall state: {}", e),
}
Listing Firewall Rules
use windows_firewall::list_rules;
match list_rules() {
Ok(rules) => {
for rule in rules {
println!("Rule: {}", rule.name());
println!(" Direction: {:?}", rule.direction());
println!(" Action: {:?}", rule.action());
println!(" Enabled: {}", rule.enabled());
}
},
Err(e) => eprintln!("Failed to list rules: {}", e),
}
API Reference
Core Functions
add_rule(rule: WindowsFirewallRule) -> Result<()>- Add a new firewall ruleadd_rule_if_not_exists(rule: WindowsFirewallRule) -> Result<bool>- Add a rule if not presentget_active_profile() -> Result<ProfileFirewallWindows>- Get current firewall profileget_firewall_state(profile: ProfileFirewallWindows) -> Result<bool>- Check firewall statusget_rule(name: &str) -> Result<WindowsFirewallRule>- Retrieve a specific rulelist_incoming_rules() -> Result<Vec<WindowsFirewallRule>>- List all inbound ruleslist_outgoing_rules() -> Result<Vec<WindowsFirewallRule>>- List all outbound ruleslist_rules() -> Result<Vec<WindowsFirewallRule>>- List all firewall rulesremove_rule(name: &str) -> Result<()>- Remove a specific rulerule_exist(name: &str) -> Result<bool>- Check if a rule existsset_firewall_state(profile: ProfileFirewallWindows, enabled: bool) -> Result<()>- Enable/disable firewall
Main Types
WindowsFirewallRule- Primary structure for rule managementWindowsFirewallRuleSettings- Structure for rule updatesActionFirewallWindows- Enum for rule actions (Allow, Block)DirectionFirewallWindows- Enum for traffic direction (In, Out)ProfileFirewallWindows- Enum for firewall profilesProtocolFirewallWindows- Enum for supported protocols
Requirements
- Windows 7 or later
- Administrative privileges for certain operations
- Rust 1.56.0 or later
Support
For issues and questions:
- Open an issue on GitHub
- Check the documentation
License
This project is licensed under either of
- Apache License, Version 2.0, (LICENSE-APACHE or https://www.apache.org/licenses/LICENSE-2.0)
- MIT license (LICENSE-MIT or https://opensource.org/licenses/MIT)
at your option.
Dependencies
~0.6–30MB
~482K SLoC