Setting Windows Firewall "Allow a program or feature through Windows Firewall" using Powershell
I've looked but didn't find the ingredients for a script that will add/remove the checkbox settings in "Allow a program or feature through Windows Firewall".
Any links or suggestions?
Any links or suggestions?
In Powershell you can use the NetFirewallRule cmdlet to do that
Get-NetFirewallRule retrieves the rules, New-NetFirewallRule creates new rules, Set-NetFirewallRule modifies existing rules (including enable/disable), and Remove-NetFirewallRule removes existing ones.
Get-NetFirewallRule retrieves the rules, New-NetFirewallRule creates new rules, Set-NetFirewallRule modifies existing rules (including enable/disable), and Remove-NetFirewallRule removes existing ones.
ASKER
Robert: In truth, the reason for this question is because I can't do what I need .. after looking.
Dustin Saunders: Ditto
Now, I generally *can* setup up firewall rules with no real problem insofar as anything I've tried.
But to get those checkboxes filled in the dialog: "Allow a program or feature through Windows Firewall". (or not filled in) is something else.
I rather understand that checking those boxes causes rules to be created. But I've not translated from there to the actual rules created. Mabye that's what I should be asking....?
Dustin Saunders: Ditto
Now, I generally *can* setup up firewall rules with no real problem insofar as anything I've tried.
But to get those checkboxes filled in the dialog: "Allow a program or feature through Windows Firewall". (or not filled in) is something else.
I rather understand that checking those boxes causes rules to be created. But I've not translated from there to the actual rules created. Mabye that's what I should be asking....?
That's all specified in the parameters of your Powershell- the check boxes map to the given parameters. So, lets say I want to make an outbound rule to allow a program called "MyApp.exe". In the dialog:
To do this with Powershell:
The same is true for editing an existing rule, use Get-NetFirewallRule to retrieve the rule, then change the checkbox (or parameter) you want.
Here is a full example, I create the rule and write it in console, then I grab it and set it to disabled and write that in console. You can see that the 'Enabled" property is changed. Then, I delete the rule.
I think that is what you are asking, correct?
- Select 'Program'
- This program path:
- C:\myapp.exe
- Allow the connection
- Profile
- Domain (yes)
- Private (yes)
- Public (yes)
- Name
- "My Net Rule"
To do this with Powershell:
New-NetFirewallRule -Profile Any -Name "My Net Rule" -DisplayName "My Net Rule" -Direction Outbound -Program "C:\MyApp.exe" -Action Allow The same is true for editing an existing rule, use Get-NetFirewallRule to retrieve the rule, then change the checkbox (or parameter) you want.
Here is a full example, I create the rule and write it in console, then I grab it and set it to disabled and write that in console. You can see that the 'Enabled" property is changed. Then, I delete the rule.
New-NetFirewallRule -Profile Any -Name "My Net Rule" -DisplayName "My Net Rule" -Direction Outbound -Program "C:\MyApp.exe" -Action Allow
$rule = Get-NetFirewallRule | ?{ $_.Name -eq "My Net Rule" }
Write-Host ("Rule created and enabled")
$rule
$rule | Set-NetFirewallRule -Enabled False
Write-Host ("Rule has been disabled")
$rule
$rule | Remove-NetFirewallRuleI think that is what you are asking, correct?
P.S. if you're writing out Powershell you can use Windows PowerShell ISE and it will use intellisense to show you the options on the enumeration parameters. For example, you can see in this GIF that as I define the parameter the available options for that show up
ASKER
Dustin Saunders: That's very helpful! Yet, I'm still stuck the first time through.
Of coursse, since the focus of the instructions is on the check boxes in Allow a program...., the rules apparently already exist. So Set-NetFirewallRule seems appropriate.
I hate to ask so specifically, but here is what I'm trying to do. Maybe one will serve as an example:
These are the checkboxes:
Allow a program or feature through Windows Firewall
Click on the upper right: “Change Settings” if needed.
Check the boxes in:
Remote Event Monitor – and - Domain
Remote Event Log Management – and - Domain
Windows Management Instrumentation – and – Domain
So, starting with the first one, I get:
Thank you!
Of coursse, since the focus of the instructions is on the check boxes in Allow a program...., the rules apparently already exist. So Set-NetFirewallRule seems appropriate.
I hate to ask so specifically, but here is what I'm trying to do. Maybe one will serve as an example:
These are the checkboxes:
Allow a program or feature through Windows Firewall
Click on the upper right: “Change Settings” if needed.
Check the boxes in:
Remote Event Monitor – and - Domain
Remote Event Log Management – and - Domain
Windows Management Instrumentation – and – Domain
So, starting with the first one, I get:
Set-NetFirewallRule -Profile Any -Name "Remote Event Monitor (RPC)" -DisplayName "Remote Event Monitor" -Direction Inbound -Program %systemroot%\system32\NetEvtFwdr.exe -Action Allow $rule = Get-NetFirewallRule | ?{ $_.Name -eq "Remote Event Monitor (RPC)" }Thank you!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Dustin Saunders: Thank you!! I got the Powershell script working with your help!
One twist is that the Allow Apps check boxes create multiple rules in the Windows Firewall.
You may notice my follow-on question - which takes this a step further in another direction.
One twist is that the Allow Apps check boxes create multiple rules in the Windows Firewall.
You may notice my follow-on question - which takes this a step further in another direction.
Happy to help, I'll take a look.
Set-NetFirewallProfile (NetSecurity) | Microsoft Docs