<div>
I would look into the netfirewall powershell module, you can pretty much do anything you need with the windows firewall using that module.&nbsp;<br><a href="https://docs.microsoft.com/en-us/powershell/module/netsecurity/set-netfirewallprofile?view=windowsserver2019-ps" rel="ugc">Set-NetFirewallProfile (NetSecurity) | Microsoft Docs</a>&nbsp;<br><br><br>
</div>


<div>
In Powershell you can use the NetFirewallRule cmdlet to do that<br><br><a href="https://docs.microsoft.com/en-us/powershell/module/netsecurity/get-netfirewallrule?view=windowsserver2019-ps" rel="ugc">Get-NetFirewallRule</a> retrieves the rules, <a href="https://docs.microsoft.com/en-us/powershell/module/netsecurity/new-netfirewallrule?view=windowsserver2019-ps" rel="ugc">New-NetFirewallRule</a> creates new rules, <a href="https://docs.microsoft.com/en-us/powershell/module/netsecurity/set-netfirewallrule?view=windowsserver2019-ps" rel="ugc">Set-NetFirewallRule </a>modifies existing rules (including enable/disable), and <a href="https://docs.microsoft.com/en-us/powershell/module/netsecurity/rename-netfirewallrule?view=windowsserver2019-ps" rel="ugc">Remove-NetFirewallRule</a> removes existing ones.
</div>


<div>
Robert: &nbsp;In truth, the reason for this question is because I can't do what I need .. after looking.<br>Dustin Saunders: Ditto<br><br>Now, I generally *can* setup up firewall rules with no real problem insofar as anything I've tried.<br>But to get those checkboxes filled in the dialog: "<em>Allow a program or feature through Windows Firewall".</em>&nbsp; (or not filled in) is something else.<br>I rather understand that checking those boxes causes rules to be created. &nbsp;But I've not translated from there to the actual rules created. &nbsp;Mabye that's what I should be asking....?
</div>


<div>
That's all specified in the parameters of your Powershell- the check boxes map to the given parameters. &nbsp;So, lets say I want to make an outbound rule to allow a program called "MyApp.exe". &nbsp;In the dialog:<ol><li>Select 'Program'</li><li>This program path:<ol><li>C:\myapp.exe</li></ol></li><li>Allow the connection</li><li>Profile<ol><li>Domain (yes)</li><li>Private (yes)</li><li>Public (yes)</li></ol></li><li>Name<ol><li>"My Net Rule"</li></ol></li></ol><br>To do this with Powershell:<pre><code class="code-1 nolinks" id="code-20-43289529-1"><span>New-NetFirewallRule -Profile Any -Name "My Net Rule" -DisplayName "My Net Rule" -Direction Outbound -Program "C:\MyApp.exe" -Action Allow&nbsp;</span>
</code></pre><br>The same is true for editing an existing rule, use Get-NetFirewallRule to retrieve the rule, then change the checkbox (or parameter) you want.<br><br>Here is a full example, I create the rule and write it in console, then I grab it and set it to disabled and write that in console. &nbsp;You can see that the 'Enabled" property is changed. &nbsp;Then, I delete the rule. &nbsp;<br><br><pre><code class="code-10 nolinks" id="code-20-43289529-2"><span>New-NetFirewallRule -Profile Any -Name "My Net Rule" -DisplayName "My Net Rule" -Direction Outbound -Program "C:\MyApp.exe" -Action Allow </span>
<span>$rule = Get-NetFirewallRule | ?{ $_.Name -eq "My Net Rule" }</span>
<span></span>
<span>Write-Host ("Rule created and enabled")</span>
<span>$rule</span>
<span></span>
<span>$rule | Set-NetFirewallRule -Enabled False</span>
<span></span>
<span>Write-Host ("Rule has been disabled")</span>
<span>$rule</span>
<span></span>
<span>$rule | Remove-NetFirewallRule</span>
</code></pre><br>I think that is what you are asking, correct?
</div>


<div>
P.S. &nbsp;if you're writing out Powershell you can use Windows PowerShell ISE and it will use intellisense to show you the options on the enumeration parameters. &nbsp;For example, you can see in this GIF that as I define the parameter the available options for that show up<br><a href="https://filedb.experts-exchange.com/incoming/2021/05_w21/1561268/ise_firewall.gif" rel="ugc"><img src="https://filedb.experts-exchange.com/incoming/2021/05_w21/1561268/ise_firewall.gif" class="fr-fic fr-dib"></a>
</div>


ise_firewall.gif

<div>
Dustin Saunders: &nbsp;That's very helpful! &nbsp;Yet, I'm still stuck the first time through.<br>Of coursse, since the focus of the instructions is on the check boxes in Allow a program...., the rules apparently already exist.&nbsp; So Set-NetFirewallRule seems appropriate.<br><br>I hate to ask so specifically, but here is what I'm trying to do. &nbsp;Maybe one will serve as an example:<br>These are the checkboxes:<br><strong><em>Allow a program or feature through Windows Firewall</em></strong><br><strong><em>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp;</em>Click on the upper right: “Change Settings” if needed.</strong><br><strong>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp;Check the boxes in:</strong><br><strong>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp;</strong>Remote Event Monitor – and - Domain<br>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp;Remote Event Log Management – and - Domain<br>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; Windows Management Instrumentation – and – Domain<br>So, starting with the first one, I get:<br><pre><code class="code-1 nolinks" id="code-20-43289577-1"><span>Set-NetFirewallRule -Profile Any -Name "Remote Event Monitor (RPC)" -DisplayName "Remote Event Monitor" -Direction Inbound -Program %systemroot%\system32\NetEvtFwdr.exe -Action Allow $rule = Get-NetFirewallRule | ?{ $_.Name -eq "Remote Event Monitor (RPC)" }</span>
</code></pre>I pulled the "Program" from the Firewall inbound rules. &nbsp;I don't quite get the part following $rule so I had to guess.<br><br>Thank you!
</div>


Consultant

hypercube

<div>
Dustin Saunders: &nbsp;Thank you!! &nbsp;I got the Powershell script working with your help!<br>&nbsp;<br>One twist is that the Allow Apps check boxes create multiple rules in the Windows Firewall.<br>You may notice my follow-on question - which takes this a step further in another direction.<br><br>
</div>


<div>
Happy to help, I'll take a look.
</div>


<div>
<div class="content wysiwyg-content fr-view">
I've looked but didn't find the ingredients for a script that will add/remove the checkbox settings in "<em>Allow a program or feature through Windows Firewall".</em><br>Any links or suggestions?
</div>
</div>



I've looked but didn't find the ingredients for a script that will add/remove the checkbox settings in "
Allow a program or feature through Windows Firewall".
Any links or suggestions?

Setting Windows Firewall &quot;Allow a program or feature through Windows Firewall&quot; using Powershell

Windows PowerShell is a task automation and configuration management framework from Microsoft, consisting of a command-line shell and associated scripting language built on the .NET Framework. PowerShell provides full access to the Component Object Model (COM) and Windows Management Instrumentation (WMI), enabling administrators to perform administrative tasks on both local and remote Windows systems as well as WS-Management and Common Information Model (CIM) enabling management of remote Linux systems and network devices.

Powershell

Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.

Software Firewalls

This topic area includes legacy versions of Windows prior to Windows 2000: Windows 3/3.1, Windows 95 and Windows 98, plus any other Windows-related versions including Windows Mobile.

Setting Windows Firewall &quot;Allow a program or feature through Windows Firewall&quot; using Powershell

Setting Windows Firewall "Allow a program or feature through Windows Firewall" using Powershell