chrome/installer/util/advanced_firewall_manager_win.h

   1 // Copyright 2014 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef CHROME_INSTALLER_UTIL_ADVANCED_FIREWALL_MANAGER_WIN_H_
   6 #define CHROME_INSTALLER_UTIL_ADVANCED_FIREWALL_MANAGER_WIN_H_
   7
   8 #include <windows.h>
   9 #include <netfw.h>
  10 #include <vector>
  11
  12 #include "base/files/file_path.h"
  13 #include "base/strings/string16.h"
  14 #include "base/win/scoped_comptr.h"
  15
  16 namespace installer {
  17
  18 // Manages firewall rules using Advanced Security Windows API. The API is
  19 // available on Windows Vista and later. Most methods need elevation.
  20 class AdvancedFirewallManager {
  21  public:
  22   AdvancedFirewallManager();
  23   ~AdvancedFirewallManager();
  24
  25   // Initializes object to manage application win name |app_name| and path
  26   // |app_path|.
  27   bool Init(const base::string16& app_name, const base::FilePath& app_path);
  28
  29   // Returns true if firewall is enabled.
  30   bool IsFirewallEnabled();
  31
  32   // Returns true if there is any rule for the application.
  33   bool HasAnyRule();
  34
  35   // Adds a firewall rule allowing inbound connections to the application on UDP
  36   // port |port|. Replaces the rule if it already exists. Needs elevation.
  37   bool AddUDPRule(const base::string16& rule_name,
  38                   const base::string16& description,
  39                   uint16_t port);
  40
  41   // Deletes all rules with specified name. Needs elevation.
  42   void DeleteRuleByName(const base::string16& rule_name);
  43
  44   // Deletes all rules for current app. Needs elevation.
  45   void DeleteAllRules();
  46
  47  private:
  48   friend class AdvancedFirewallManagerTest;
  49
  50   // Creates a firewall rule allowing inbound connections to UDP port |port|.
  51   base::win::ScopedComPtr<INetFwRule> CreateUDPRule(
  52       const base::string16& rule_name,
  53       const base::string16& description,
  54       uint16_t port);
  55
  56   // Returns the list of rules applying to the application.
  57   void GetAllRules(std::vector<base::win::ScopedComPtr<INetFwRule> >* rules);
  58
  59   // Deletes rules. Needs elevation.
  60   void DeleteRule(base::win::ScopedComPtr<INetFwRule> rule);
  61
  62   base::string16 app_name_;
  63   base::FilePath app_path_;
  64   base::win::ScopedComPtr<INetFwPolicy2> firewall_policy_;
  65   base::win::ScopedComPtr<INetFwRules> firewall_rules_;
  66
  67   DISALLOW_COPY_AND_ASSIGN(AdvancedFirewallManager);
  68 };
  69
  70 }  // namespace installer
  71
  72 #endif  // CHROME_INSTALLER_UTIL_ADVANCED_FIREWALL_MANAGER_WIN_H_