Solved

Start Windows Firewall With Script

Posted on 2010-11-09
14
739 Views
Last Modified: 2012-05-10
Hi Guys,

I need to setup a scheduled task to check up on the windows firewall on my ISA server. Need to set this up as a temp solution, seeing that it seems to stop once or twice a week.

Can anyone give me any help with the script? basically it has to check if the windows firewall is started if not it should start it.

Help!

 thanks!
0
Comment
Question by:YOlanie_Visser
  • 6
  • 5
  • 2
  • +1
14 Comments
 
LVL 3

Expert Comment

by:sncameron
ID: 34099547
Use a batch file and the Net command:

net start MpsSvc

Would start the firewall service. Note that you need to run the batch file as an administrator in order to have access to service control.

You can start and stop any service using the same approach:
net start Service
net stop Service
net pause Service
net continue Service

To find the name of a service run the Services Manager (Start->Run->services.msc), right click on a service and choose Properties. The Service Name will be displayed at the top of the properties dialog.

0
 

Author Comment

by:YOlanie_Visser
ID: 34099559
Is there anyway to get it to check if its stopped before it starts it? I don't want restart it every hour.
0
 
LVL 14

Expert Comment

by:DonConsolio
ID: 34099573
check:
netsh firewall show opmode

start:
netsh firewall set opmode enable

stop:
netsh firewall set opmode disable

0
 

Author Comment

by:YOlanie_Visser
ID: 34099790
I assume the commands above are to enable it or disable it? I just need to start it if it has stopped...
it is going to be enabled be default, all it has to do is check if it is stopped..if yes...then start
0
 
LVL 3

Accepted Solution

by:
sncameron earned 500 total points
ID: 34099905
Using a batch file:

call wmic /locale:ms_409 service where (name="wsearch") get state /value | findstr State=Running
if %ErrorLevel% EQU 0 (
    echo "Service is running"
) else (
    echo "Service is stopped"
    # Not running, start it
    net start MpsSvc
)

Using Powershell (which is the approach that I would take if at all possible):

$serviceName = "ServiceName";
$serviceStatus = (get-service "$serviceName").Status;

if ($serviceStatus -eq "Running") {
    echo "Service is Running";
}
else {
    #Could be Stopped, Stopping, Paused, or even Starting...
    echo "Service is $serviceStatus";
    Start-Service $serviceName
    echo "Service is $serviceStatus";
}
0
 

Author Comment

by:YOlanie_Visser
ID: 34101232
Sorry guys I'm quite new to all this, if the service is " Microsoft Firewall" do i put it as fwsrv?
do i substitute only the service name?
Would i run this as a VBS?

$serviceName =" Microsoft Firewall";
$serviceStatus = (get-service "$serviceName").Status;

if ($serviceStatus -eq "Running") {
    echo "Service is Running";
}
else {
    #Could be Stopped, Stopping, Paused, or even Starting...
    echo "Service is $serviceStatus";
    Start-Service $serviceName
    echo "Service is $serviceStatus";
}
0
 
LVL 3

Expert Comment

by:sncameron
ID: 34101351
To find the name of a service run the Services Manager (Start->Run->services.msc), right click on a service and choose Properties. The Service Name will be displayed at the top of the properties dialog.

The Windows Firewall service is MpsSvc.

You need Windows Powershell installed to run the script (http://technet.microsoft.com/en-us/scriptcenter/powershell.aspx):

$serviceName = "MpsSvc";
$serviceStatus = (get-service "$serviceName").Status;

if ($serviceStatus -eq "Running") {
    echo "Service is Running";
}
else {
    #Could be Stopped, Stopping, Paused, or even Starting...
    echo "Service is $serviceStatus";
    Start-Service $serviceName
    echo "Service is $serviceStatus";
} or even Starting...
    echo "Service is $serviceStatus";
    Start-Service $serviceName
    echo "Service is $serviceStatus";
}
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:YOlanie_Visser
ID: 34101759
(Please see the image below) its Microsoft firewall and not Windows firewall

if I had to run it as a batch file would it be the following:

call wmic /locale:ms_409 service where (name="wsearch") get state /value | findstr State=Running
if %ErrorLevel% EQU 0 (
    echo "Service is running"
) else (
    echo "Service is stopped"
    # Not running, start it
    net start Microsoft Firewall
)


fw.jpg
0
 
LVL 3

Assisted Solution

by:sncameron
sncameron earned 500 total points
ID: 34101853

call wmic /locale:ms_409 service where (name="fwsrv") get state /value | findstr State=Running
if %ErrorLevel% EQU 0 (
   echo "Service is running"
) else (
   echo "Service is stopped"
   # Not running, start it
   net start Microsoft Firewall
)
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 34106545
These are server services - have you edited the service properties and instructed the service to restart automatically?
0
 

Author Comment

by:YOlanie_Visser
ID: 34109247
I have but not quite sure it works. i set it to restart the service and to restart 1min after. if i stop the service to test it, it does not come back up...will it only work in case of failure?
0
 
LVL 3

Expert Comment

by:sncameron
ID: 34109256
Yes, it will only work if the service fails. It won't restart a clean shutdown of the service.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 34109270
as you'd expect......

You'd be pretty miffed if you deliberately stopped the service manually and five seconds later it kept restarting itself.
0
 

Author Comment

by:YOlanie_Visser
ID: 34109441
thanks guys.

Will set everything up
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

The HP utility "HP Lights-Out Online Configuration Utility for Windows Server 2003/2008" could be of great use when it comes to remotely configure a HP servers ILO WITHOUT rebooting the server. We would only need to create and run scripts using thi…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now