关于python:分享一个Python写的windows环境系统服务来自动化管理防火墙规则

43次阅读

共计 4414 个字符,预计需要花费 12 分钟才能阅读完成。

import pythoncom
import win32com
class rule:

items = {}
# 中英文转换
items_name = {
    "Action":'操作',
    "ApplicationName":'程序',
    "Description":'形容',
    "Direction":'进站 / 出站',
    "EdgeTraversal":'边缘穿梭',
    "EdgeTraversalOptions":'边缘穿梭选项',
    "Enabled":'已启用',
    "Grouping":'组',
    "IcmpTypesAndCodes":'ICMP 设置',
    "InterfaceTypes":'接口类型',
    "Interfaces":'接口',
    "LocalAddresses":'本地地址',
    "LocalAppPackageId":'利用程序包',
    "LocalPorts":'本地端口',
    "LocalUserAuthorizedList":'受权的本地计算机',
    "LocalUserOwner":'本地用户所有者',
    "Name":'名称',
    "Profiles":'配置文件',
    "Protocol":'协定',
    "RemoteAddresses":'近程地址',
    "RemoteMachineAuthorizedList":'受权的近程计算机',
    "RemotePorts":'近程端口',
    "RemoteUserAuthorizedList":'受权的近程用户',
    "SecureFlags":'平安',
    "serviceName":'服务名'}
items_shell = {
    "Action": 'action',
    "ApplicationName": 'program',
    "Description": 'description',
    "Direction": 'dir',
    "EdgeTraversal": 'edge',
    "EdgeTraversalOptions": '边缘穿梭选项',
    "Enabled": 'enable',
    "Grouping": '组',
    "IcmpTypesAndCodes": 'ICMP 设置',
    "InterfaceTypes": 'interfacetype',
    "Interfaces": '接口',
    "LocalAddresses": 'localip',
    "LocalAppPackageId": '利用程序包',
    "LocalPorts": 'localport',
    "LocalUserAuthorizedList": '受权的本地计算机',
    "LocalUserOwner": '本地用户所有者',
    "Name": 'name',
    "Profiles": 'profile',
    "Protocol": 'protocol',
    "RemoteAddresses": 'remoteip',
    "RemoteMachineAuthorizedList": 'rmtcomputergrp',
    "RemotePorts": 'remoteport',
    "RemoteUserAuthorizedList": 'rmtusrgrp',
    "SecureFlags": 'security',
    "serviceName": 'service'
}
def __init__(self,index):
    self.index = index
    for i in self.items_name.keys():
        self.items[i] = ''
def init_by_app(self, app_in):
    for key in self.items_name.keys():
        self.items[key] = "" + str(eval("app_in."+key))
        print(self.items[key] )
def init_by_dict(self,dirc_con):
    flag = False
    for item_key in self.items_name.keys():
        if self.items_name[item_key] in dirc_con.keys():
            flag = True
            self.items[item_key] = dirc_con[self.items_name[item_key]]
    if not flag:
        for key in dirc_con.keys():
            self.items[key] = dirc_con[key]
def create_rule(self):
    app = win32com.client.Dispatch('HNetCfg.FwRule')
    res = []
    # 留神赋值程序
    app.Action = int(self.items["Action"])
    app.Description = self.items["Description"]
    app.Direction = int(self.items["Direction"])
    app.EdgeTraversal = self.items["EdgeTraversal"]
    app.EdgeTraversalOptions = self.items["EdgeTraversalOptions"]
    app.Enabled = self.items["Enabled"]
    app.Grouping = self.items["Grouping"]
    ## app.IcmpTypesAndCodes = self.items["IcmpTypesAndCodes"]
    app.InterfaceTypes = self.items["InterfaceTypes"]
    ## app.Interfaces = self.items["Interfaces"]
    app.LocalAddresses = self.items["LocalAddresses"]
    app.LocalAppPackageId = self.items["LocalAppPackageId"]
    ## app.LocalPorts = str(self.items["LocalPorts"]),
    ## app.LocalUserAuthorizedList = self.items["LocalUserAuthorizedList"]
    app.LocalUserOwner = self.items["LocalUserOwner"]
    app.Name = self.items["Name"]
    app.Profiles = self.items["Profiles"]
    app.Protocol = self.items["Protocol"]
    app.RemoteAddresses = self.items["RemoteAddresses"]
    ## app.RemoteMachineAuthorizedList = self.items["RemoteMachineAuthorizedList"]
    app.RemotePorts = self.items["RemotePorts"]
    app.LocalPorts = self.items['LocalPorts']
    ## app.RemoteUserAuthorizedList = ''app.SecureFlags = self.items["SecureFlags"]
    # app.serviceName = "null"
    # app.ApplicationName = "null"
    return app
def __str__(self):
    result =[金融期货](https://www.gendan5.com/futures/ff.html) "="*10 + '\n 序号 :' + str(self.index) + '\n'
    for key in self.items_name.keys():
        result += self.items_name[key] + ":" + str(self.items[key]) +"\n"
    return result

def add_rule(dict_value):

fw = win32com.client.gencache.EnsureDispatch('HNetCfg.FwPolicy2', 0)
apps = fw.Rules
print(apps.Count)
# app = win32com.client.Dispatch('HNetCfg.FwRule3')
rule_obj = rule(-1)
rule_obj.init_by_dict(dict_value)
app = rule_obj.create_rule()
apps.Add(app)

def del_rule(dict_value):

fw = win32com.client.gencache.EnsureDispatch('HNetCfg.FwPolicy2', 0)
apps = fw.Rules
print("before :", apps.Count)
rule_obj = rule(-1)
rule_obj.init_by_dict(dict_value)
for app in apps:
    print(rule_obj.items['Name'] , str(app.Name))
    print(rule_obj.items['LocalPorts'] , str(app.LocalPorts))
    print(rule_obj.items['RemoteAddresses'] , str(app.RemoteAddresses))
    if rule_obj.items['Name'] == str(app.Name) and rule_obj.items['LocalPorts'] == str(app.LocalPorts) and rule_obj.items['RemoteAddresses'] == str(app.RemoteAddresses):
        # 只能依据 Name 删除, 大略是个傻子哟
        apps.Remove(str(app.Name))
        # break
print("after :", apps.Count)

if name == ‘__main__’:

my_dict = {
'序号' : '2',
'操作' : '0',
'程序' : '',' 形容 ':'',
'进站 / 出站' : '1',
'边缘穿梭' : 'False',
'边缘穿梭选项' : '0',
'已启用' : 'True',
'组' : '','ICMP 设置 ':'',
'接口类型' : 'All',
'接口' : 'None',
'本地地址' : '*',
'利用程序包' : '',' 本地端口 ':'9876',' 受权的本地计算机 ':'',
'本地用户所有者' : '',' 名称 ':'test_cmd',' 配置文件 ':'2',' 协定 ':'6',' 近程地址 ':'114.115.250.41/255.255.255.255',' 受权的近程计算机 ':'',
'近程端口' : '*',
'受权的近程用户' : '',' 平安 ':'0',' 服务名 ':''
}
add_rule(my_dict)
del_rule(my_dict)

正文完
 0