KS-Soft. Network Management Solutions
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister    ProfileProfile    Log inLog in 

PS: Windows Firewall status

 
Post new topic   Reply to topic    KS-Soft Forum Index -> Library
View previous topic :: View next topic  
Author Message
Kris



Joined: 12 May 2010
Posts: 343

PostPosted: Fri Jun 04, 2021 3:51 am    Post subject: PS: Windows Firewall status Reply with quote

The following Powershell code will return a 6 character string, representing the status of the Windows firewall.
For each zone (Domain, Public and Private) there's 2 characters.
The first character shows the status of the zone (1=Enabled, 0=Disabled)
The second character show the Default Action for that zone (1=Blocking, 0=not Blocking)
It executes pretty quick, so if you like you should be able to schedule it even up to every 10 seconds or so for super vulnerable/critical servers.

The test cmd runs like:
Code:
powershell.exe %script% %params%

and takes the target computername as parameter.


Test code:
Code:

If (!$args[0])
    {
    echo  ScriptRes:Unknown:"No ComputerName specified"
    exit
    }

$ComputerName   = $args[0]

[string]$FirewallStatus = ""
[string]$bita = (Invoke-Command -Computername $ComputerName -Command {Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile"   -Name EnableFirewall | Select-Object -ExpandProperty EnableFirewall})
[string]$bitb = (Invoke-Command -Computername $ComputerName -Command {Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile"   -Name DefaultInboundAction | Select-Object -ExpandProperty DefaultInboundAction})
[string]$bitc = (Invoke-Command -Computername $ComputerName -Command {Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile"   -Name EnableFirewall | Select-Object -ExpandProperty EnableFirewall})
[string]$bitd = (Invoke-Command -Computername $ComputerName -Command {Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile"   -Name DefaultInboundAction | Select-Object -ExpandProperty DefaultInboundAction})
[string]$bite = (Invoke-Command -Computername $ComputerName -Command {Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile" -Name EnableFirewall | Select-Object -ExpandProperty EnableFirewall})
[string]$bitf = (Invoke-Command -Computername $ComputerName -Command {Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile" -Name DefaultInboundAction | Select-Object -ExpandProperty DefaultInboundAction})

If ($bita -eq "1") {$FirewallStatus = $FirewallStatus + "1"} else {$FirewallStatus = $FirewallStatus + "0"}
If ($bitb -eq "1") {$FirewallStatus = $FirewallStatus + "1"} else {$FirewallStatus = $FirewallStatus + "0"}
If ($bitc -eq "1") {$FirewallStatus = $FirewallStatus + "1"} else {$FirewallStatus = $FirewallStatus + "0"}
If ($bitd -eq "1") {$FirewallStatus = $FirewallStatus + "1"} else {$FirewallStatus = $FirewallStatus + "0"}
If ($bite -eq "1") {$FirewallStatus = $FirewallStatus + "1"} else {$FirewallStatus = $FirewallStatus + "0"}
If ($bitf -eq "1") {$FirewallStatus = $FirewallStatus + "1"} else {$FirewallStatus = $FirewallStatus + "0"}

If ($FirewallStatus -eq "111111")
    {echo  ScriptRes:OK:$FirewallStatus}
Else
    {echo  ScriptRes:Bad:$FirewallStatus}


Enjoy!
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    KS-Soft Forum Index -> Library All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group

KS-Soft Forum Index