How to Manage Windows Firewall Rules with PowerShell
Windows incorporates a sturdy, but straightforward to use, superior firewall, and utilizing PowerShell 7 we will simply configure the firewall from the command line. This article covers widespread instructions used within the Windows Firewall and the place they might be used.
The module NetSafety is properly documented. Keep in thoughts that this text solely applies to the Windows working system. For different working techniques, there are different command-line instruments that can be utilized to do the identical kind of capabilities reminiscent of UFW
or IPTables
on Linux.
Table of Contents
Loading the NetSafety
Module
The NetSafety
module, built-in and supplied by Microsoft, incorporates all the performance wanted to add, take away, and modify firewall guidelines. To load the module, merely import the module as proven under.
Import-Module -Name 'NetSafety'
List Existing Firewall Rules
The cmdlet, Get-NetFirewallRule
will present all current firewall guidelines. There are many, by default, so to display, we output the primary 10.
Get-NetFirewallRule | Select-Object ShowName, Enabled, Direction, Action -First 10

There are many properties which can be returned by Get-NetFirewallRule
. Though we record solely a properties above, operating Get-NetFirewallRule | Select-Object * -First 1
, will record all out there.
Create a New Firewall Rule
There are many various methods to create a brand new Firewall rule however the command that does that is [Net-NewFirewallRule](<https://docs.microsoft.com/en-us/powershell/module/netsecurity/new-netfirewallrule?view=win10-ps>)
. The fundamental properties that want to be stuffed in are:
ShowName
– The pleasant identify of the firewall ruleDirection
– Whether to block visitors leaving the pcOutbound
or coming into the pcInbound
Action
– What motion to take if the rule is met,Allow
orBlock
$Params = @{ "DisplayName" = 'Block WINS' "Direction" = 'Inbound' "Action" = 'Block' "RemoteAddress" = 'WINS' }
New-NetFirewallRule @Params
If the Name
parameter isn’t used, then a random GUID is used. The ShowName
could also be human readable however the Name
itself assigned a random GUID.
Modify an Existing Firewall Rule
What if we wish to modify an current rule with out eradicating and recreating the rule completely. To achieve this, we should always run the Set-NetFirewallRule
, and can enable us to modify the firewall rule as mandatory.
$Params = @{
"DisplayName" = 'Block WINS'
"Action" = 'Allow'
}
Set-NetFirewallRule @Params
Other helpful talents that the Set-NetFirewallRule
has is the flexibility to function on a number of guidelines directly. This could be performed by finding guidelines by one among three parameters.
Name
This is the default and if names are set in by way of the pipeline or a string array then every will acted upon.ShowName
Similar toName
, a number of pipelined objects or a string array will modify these guidelines accordingly.ShowGroup
orGroup
If guidelines are grouped collectively, all of these guidelines grouped could be acted upon directly.
Remove an Existing Firewall Rule
Finally, we want to take away the prevailing rule as it might now not be wanted. To do that, run the command Remove-NetFirewallRule
. When you achieve this, it’s typically sensible to use the WhatIf
parameter to confirm that the rule is the right one to take away.
Remove-NetFirewallRule -ShowName "Block WINS"
It’s necessary to be aware that the Remove-NetFirewallRule
can take away a number of guidelines directly. An instance of this kind of performance is under. The under rule will take away all disabled guidelines contained inside the coverage firewall_gpo
within the advert.native.take a look at
area.
Remove-NetFirewallRule -Enabled 'False' -PolicyStore 'advert.native.testfirewall_gpo'
A helpful command, however doubtlessly harmful, is operating Remove-NetFirewallFule
by itself which removes all the static native firewall guidelines which have been created. If you’ve gotten a website GPO that defines firewall guidelines, it will take away any that will battle with these GPO outlined guidelines.
Additional Functionality
There are many different instructions out there inside the NetSafety
module. Though we don’t cowl all of them right here, just a few notable instructions are proven under to display how in depth the module is.
Copy-NetFirewallRule
This command will copy an current firewall rule and all related filters to the identical or completely different coverage retailer.Disable-NetFirewallRule
This will disable a beforehand enabled firewall rule. The rule will nonetheless exist, however not actively modify any community information.If you run this command with none parameters, it’ll disable all lively guidelines on the goal pc. It is suggested to at all times run this command with theWhatIf
parameter if not concentrating on a selected rule or algorithm.Enable-NetFirewallRule
Like theDisable-NetFirewallRule
, this command will allow a beforehand disabled rule or algorithm.If this command is run with none parameters it’ll allow all beforehand disabled guidelines. It is suggested to at all times run this command with theWhatIf
parameter if not concentrating on a selected rule or algorithm.Get-NetFirewallProfile
This command exhibits the at present configured choices for a specified profile, such because theDomain
,Private
, orPublic
profiles.Get-NetFirewallSetting
The international firewall settings could be retrieved through the use of theGet-NetFirewallSetting
command. These settings embrace such choices as certificates choices, packet queueing, or authorization lists.Rename-NetFirewallRule
To rename an current firewall rule, use theRename-NetFirewallRule
command. This is beneficial if a rule was created and not using a specified identify, thereby receiving a random GUID because it’s identify, and it’s most popular to have a human-readable identify assigned.Set-NetFirewallProfile
To set particular settings for particular person profiles, use theSet-NetFirewallProfile
command. This permits every profile to have distinct settings.Set-NetFirewallSetting
This command configures international firewall behaviors that apply whatever the community profile at present in use.Show-NetFirewallRule
This helper command will present the firewall guidelines and their related objects in a formatted record.
There is in depth IPSec performance contained inside the module. The instructions listed above are those who function on the usual Windows Firewall settings.
Conclusion
There are many out there instructions for managing the Windows Firewall. This article solely touches on just a few of them, notably crucial instructions to rapidly record, create, modify, and take away firewall guidelines. Even complicated firewall configurations could be completed strictly by means of the command line utilizing the NetSafety
PowerShell module!
Source link
This Web site is affiliated with Amazon associates, Clickbank, JVZoo, Sovrn //Commerce, Warrior Plus etc.