For each zone (Domain, Public and Private) there's 2 characters.
The first character shows the status of the zone (1=Enabled, 0=Disabled)
The second character show the Default Action for that zone (1=Blocking, 0=not Blocking)
It executes pretty quick, so if you like you should be able to schedule it even up to every 10 seconds or so for super vulnerable/critical servers.
The test cmd runs like:
Code: Select all
powershell.exe %script% %params%
Test code:
Code: Select all
If (!$args[0])
{
echo ScriptRes:Unknown:"No ComputerName specified"
exit
}
$ComputerName = $args[0]
[string]$FirewallStatus = ""
[string]$bita = (Invoke-Command -Computername $ComputerName -Command {Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile" -Name EnableFirewall | Select-Object -ExpandProperty EnableFirewall})
[string]$bitb = (Invoke-Command -Computername $ComputerName -Command {Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile" -Name DefaultInboundAction | Select-Object -ExpandProperty DefaultInboundAction})
[string]$bitc = (Invoke-Command -Computername $ComputerName -Command {Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile" -Name EnableFirewall | Select-Object -ExpandProperty EnableFirewall})
[string]$bitd = (Invoke-Command -Computername $ComputerName -Command {Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile" -Name DefaultInboundAction | Select-Object -ExpandProperty DefaultInboundAction})
[string]$bite = (Invoke-Command -Computername $ComputerName -Command {Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile" -Name EnableFirewall | Select-Object -ExpandProperty EnableFirewall})
[string]$bitf = (Invoke-Command -Computername $ComputerName -Command {Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile" -Name DefaultInboundAction | Select-Object -ExpandProperty DefaultInboundAction})
If ($bita -eq "1") {$FirewallStatus = $FirewallStatus + "1"} else {$FirewallStatus = $FirewallStatus + "0"}
If ($bitb -eq "1") {$FirewallStatus = $FirewallStatus + "1"} else {$FirewallStatus = $FirewallStatus + "0"}
If ($bitc -eq "1") {$FirewallStatus = $FirewallStatus + "1"} else {$FirewallStatus = $FirewallStatus + "0"}
If ($bitd -eq "1") {$FirewallStatus = $FirewallStatus + "1"} else {$FirewallStatus = $FirewallStatus + "0"}
If ($bite -eq "1") {$FirewallStatus = $FirewallStatus + "1"} else {$FirewallStatus = $FirewallStatus + "0"}
If ($bitf -eq "1") {$FirewallStatus = $FirewallStatus + "1"} else {$FirewallStatus = $FirewallStatus + "0"}
If ($FirewallStatus -eq "111111")
{echo ScriptRes:OK:$FirewallStatus}
Else
{echo ScriptRes:Bad:$FirewallStatus}