Solved

Start Windows Firewall With Script

Posted on 2010-11-09
14
744 Views
Last Modified: 2012-05-10
Hi Guys,

I need to setup a scheduled task to check up on the windows firewall on my ISA server. Need to set this up as a temp solution, seeing that it seems to stop once or twice a week.

Can anyone give me any help with the script? basically it has to check if the windows firewall is started if not it should start it.

Help!

 thanks!
0
Comment
Question by:YOlanie_Visser
  • 6
  • 5
  • 2
  • +1
14 Comments
 
LVL 3

Expert Comment

by:sncameron
ID: 34099547
Use a batch file and the Net command:

net start MpsSvc

Would start the firewall service. Note that you need to run the batch file as an administrator in order to have access to service control.

You can start and stop any service using the same approach:
net start Service
net stop Service
net pause Service
net continue Service

To find the name of a service run the Services Manager (Start->Run->services.msc), right click on a service and choose Properties. The Service Name will be displayed at the top of the properties dialog.

0
 

Author Comment

by:YOlanie_Visser
ID: 34099559
Is there anyway to get it to check if its stopped before it starts it? I don't want restart it every hour.
0
 
LVL 15

Expert Comment

by:DonConsolio
ID: 34099573
check:
netsh firewall show opmode

start:
netsh firewall set opmode enable

stop:
netsh firewall set opmode disable

0
Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

 

Author Comment

by:YOlanie_Visser
ID: 34099790
I assume the commands above are to enable it or disable it? I just need to start it if it has stopped...
it is going to be enabled be default, all it has to do is check if it is stopped..if yes...then start
0
 
LVL 3

Accepted Solution

by:
sncameron earned 500 total points
ID: 34099905
Using a batch file:

call wmic /locale:ms_409 service where (name="wsearch") get state /value | findstr State=Running
if %ErrorLevel% EQU 0 (
    echo "Service is running"
) else (
    echo "Service is stopped"
    # Not running, start it
    net start MpsSvc
)

Using Powershell (which is the approach that I would take if at all possible):

$serviceName = "ServiceName";
$serviceStatus = (get-service "$serviceName").Status;

if ($serviceStatus -eq "Running") {
    echo "Service is Running";
}
else {
    #Could be Stopped, Stopping, Paused, or even Starting...
    echo "Service is $serviceStatus";
    Start-Service $serviceName
    echo "Service is $serviceStatus";
}
0
 

Author Comment

by:YOlanie_Visser
ID: 34101232
Sorry guys I'm quite new to all this, if the service is " Microsoft Firewall" do i put it as fwsrv?
do i substitute only the service name?
Would i run this as a VBS?

$serviceName =" Microsoft Firewall";
$serviceStatus = (get-service "$serviceName").Status;

if ($serviceStatus -eq "Running") {
    echo "Service is Running";
}
else {
    #Could be Stopped, Stopping, Paused, or even Starting...
    echo "Service is $serviceStatus";
    Start-Service $serviceName
    echo "Service is $serviceStatus";
}
0
 
LVL 3

Expert Comment

by:sncameron
ID: 34101351
To find the name of a service run the Services Manager (Start->Run->services.msc), right click on a service and choose Properties. The Service Name will be displayed at the top of the properties dialog.

The Windows Firewall service is MpsSvc.

You need Windows Powershell installed to run the script (http://technet.microsoft.com/en-us/scriptcenter/powershell.aspx):

$serviceName = "MpsSvc";
$serviceStatus = (get-service "$serviceName").Status;

if ($serviceStatus -eq "Running") {
    echo "Service is Running";
}
else {
    #Could be Stopped, Stopping, Paused, or even Starting...
    echo "Service is $serviceStatus";
    Start-Service $serviceName
    echo "Service is $serviceStatus";
} or even Starting...
    echo "Service is $serviceStatus";
    Start-Service $serviceName
    echo "Service is $serviceStatus";
}
0
 

Author Comment

by:YOlanie_Visser
ID: 34101759
(Please see the image below) its Microsoft firewall and not Windows firewall

if I had to run it as a batch file would it be the following:

call wmic /locale:ms_409 service where (name="wsearch") get state /value | findstr State=Running
if %ErrorLevel% EQU 0 (
    echo "Service is running"
) else (
    echo "Service is stopped"
    # Not running, start it
    net start Microsoft Firewall
)


fw.jpg
0
 
LVL 3

Assisted Solution

by:sncameron
sncameron earned 500 total points
ID: 34101853

call wmic /locale:ms_409 service where (name="fwsrv") get state /value | findstr State=Running
if %ErrorLevel% EQU 0 (
   echo "Service is running"
) else (
   echo "Service is stopped"
   # Not running, start it
   net start Microsoft Firewall
)
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 34106545
These are server services - have you edited the service properties and instructed the service to restart automatically?
0
 

Author Comment

by:YOlanie_Visser
ID: 34109247
I have but not quite sure it works. i set it to restart the service and to restart 1min after. if i stop the service to test it, it does not come back up...will it only work in case of failure?
0
 
LVL 3

Expert Comment

by:sncameron
ID: 34109256
Yes, it will only work if the service fails. It won't restart a clean shutdown of the service.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 34109270
as you'd expect......

You'd be pretty miffed if you deliberately stopped the service manually and five seconds later it kept restarting itself.
0
 

Author Comment

by:YOlanie_Visser
ID: 34109441
thanks guys.

Will set everything up
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin Within the dynamic life of an IT administrator, we hold many information in our minds like user names, passwords, IDs, phone numbers, incomes, service tags, bills and the order from our wives to buy milk when coming back to home.…
I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question