CODEWITHSUNDEEP
pythonwindowsfirewallactivepython
Ohads
Ohads

Reputation: 63

How to disable Windows Firewall using python

I am trying to write automation to a little project that I'm doing in work. In the proccess I need to disable Windows Firewall (for every Windows version) using python (I prefer activepython because it already installed).

I looked for many answers but I didn't found any answer that suits my needs.

I found this site: https://mail.python.org/pipermail/python-win32/2012-July/012434.html But the problem is that when I check from the control panel the actual disabling of Firewall is not happening...

Can someone help me with this problem?

Upvotes: 2

Views: 12750

Answers (4)

Eryk Sun
Eryk Sun

Reputation: 34270

The simplest approach is to have another program do the work for you. In this case, netsh.exe has a set of commands to control the Advanced Firewall that's used by Windows Vista and later. For example:

import subprocess
subprocess.check_call('netsh.exe advfirewall set publicprofile state off')

The default profiles are "domainprofile", "privateprofile", and "publicprofile", and the state is either "on" or "off".

Upvotes: 1

ivan_pozdeev
ivan_pozdeev

Reputation: 35986

Ways to control Windows Firewall - both with UI and programmatically - are covered extensively in the Windows Firewall Tools and Settings MSDN article. They are:

  • Registry settings at

    • HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\<profile> (local settings) and
    • HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\<profile> (group policy settings).

    Changing a setting has an instant effect: the Firewall service sets up notifications for the keys apparently.

  • Facilities that work with the settings:

    • COM interface HNetCfg.FwMgr
    • netsh firewall (netsh advfirewall for Advanced Firewall)
    • WMI winmgmts:root/Microsoft/HomeNet
    • %windir%\Inf\Netfw.inf (absent unless created manually)

firewall.cpl reflects the local registry settings (or overriding Group Policy ones if they are present and doesn't allow to change them) and the currently active profile (for predefined profiles and how one is selected, see How Windows Firewall Works, "Windows Firewall Profile Determination" section for XP/2003 and Understanding Firewall Profiles for Vista+).

Python can work with any of the aforementioned facilities. Though other tools (Group Policy, .reg files, netsh command line) may be more convenient depending on your task (e.g. netsh auto-selects the active profile).

Upvotes: 2

Sandeep Roy
Sandeep Roy

Reputation: 405

# -*- coding: utf-8 -*-
'''
State for configuring Windows Firewall
'''


def __virtual__():
'''
Load if the module firewall is loaded
'''
return 'win_firewall' if 'firewall.get_config' in __salt__ else False


def disabled(name):
'''
Disable all the firewall profiles (Windows only)
'''
ret = {'name': name,
       'result': True,
       'changes': {},
       'comment': ''}

# Determine what to do
action = False
current_config = __salt__['firewall.get_config']()
for key in current_config:
    if current_config[key]:
        action = True
        ret['changes'] = {'fw': 'disabled'}
        break

if __opts__['test']:
    ret['result'] = None
    return ret

# Disable it
if action:
    ret['result'] = __salt__['firewall.disable']()
    if not ret['result']:
        ret['comment'] = 'Could not disable the FW'
else:
    ret['comment'] = 'All the firewall profiles are disabled'

return ret

Upvotes: -2

asdfasdfadsf
asdfasdfadsf

Reputation: 391

The best way to do it would be using WMI:

import wmi,os

c = wmi.WMI("WinMgmts:\root\Microsoft\HomeNet")

for obj in c.HNet_ConnectionProperties():
    print obj
    print obj.IsFirewalled
    obj.IsFirewalled = False
    obj.Put_()

Of course to do this you will need to be running the program as an administrator.

Hope this helps,

Jason.

Upvotes: 2

Related Questions