Powershell – Find Windows Firewall Rule by Port & Modify






A little script I wrote to standardize a bunch of manually created Windows Firewall rules on hosts, with a variety of Display Names. Also added the ability to configure specific parameters, and insert Remote Site / Address to the newly renamed / created rule:




# Set up the variables
$Port = "9000"
$DisplayName = "ServiceName Inbound - $Port"
$Description = "Allow inbound traffic from whitelisted IPs on $Port"
$Whitelist = @("10.0.0.1", "8.8.8.8") 

# Pull a list of all firewall rules
$Rules=(New-object -ComObject HNetCfg.FWPolicy2).rules

# Filter down to the ones that contain LocalPorts=$Port
$RuleFound = $Rules | Where-Object {$_.LocalPorts -eq $Port}

# Pull the name of the rule(s) from the array
if ($RuleFound -eq $null)
        {
        # There is no rule matching, so we need to create one
        New-NetFirewallRule -Direction Inbound -LocalPort $Port -Protocol TCP -RemoteAddress $Whitelist -Action Allow -Profile Domain -DisplayName "$DisplayName" -Description "$Description" 
        }

else
    {
    foreach ($rule in $RuleFound)
        {
        $RuleName = $Rule.Name
        # There was a matching rule, let's amend & rename both the rule Name & DisplayName
        Set-NetFirewallRule -DisplayName "$RuleName" -Direction Inbound -LocalPort $Port -Protocol TCP -RemoteAddress $Whitelist -Action Allow -Profile Domain -Description "$Description" -NewDisplayName "$Displayname" 
        }
    }

 





This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply