firewall rules

Started by pamsniffer, May 01, 2015, 08:11:53 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

pamsniffer

May 01, 2015, 08:11:53 AM
Hi,

How can i add firewall rules to windows firewall using winbatch

such as block 135 or 80

td

#1
May 01, 2015, 09:14:23 AM
The exact 'how' depends on several factors.  First, assuming that you are referring to the built-in Windows firewall as apposed to a third party firewall then it depends to some extent on your version of Windows and whether or not the firewall rules are implemented as part of domain group policy settings or a machine's local policy. 

Of course, like most things Windows the information is stored in the registry.  There is some good documentation about firewall registry settings in the link below.

https://technet.microsoft.com/en-us/library/cc737845%28WS.10%29.aspx


The article also mentions the netsh command line utility that can be used to modify the Windows firewall and which can be called from one of the WinBatch Run* functions.  The documentation for this powerful utility's firewall related commands can be found here

https://technet.microsoft.com/en-us/library/dd734783%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396

The above link explains the 'advfirewall' command for newer versions of Windows.  Older versions of Windows use the 'firewall' command.

You can also use Powershell to add firewall rules to both local and remote computers.  Some information about that can be found here

http://blogs.technet.com/b/heyscriptingguy/archive/2012/11/13/use-powershell-to-create-new-windows-firewall-rules.aspx

There are examples of using PowerShell with WinBatch in the Tech Database.  If Stan happens to wander by, I am sure he will expound on Powershell more.

Finally, there is the HNetCfg.FwMgr COM Automation object that is supposed to be able to add firewall rules along with other firewall related tasks.  The documentation for this object's interfaces can be found here

https://msdn.microsoft.com/en-us/library/windows/desktop/aa366449%28v=vs.85%29.aspx

You can also place 'HNetCfg.FwMgr' into the progid box of the WIL Type Viewer and click the 'Get Library' button.  This will give you an idea of the object properties and methods available.   I suspect that the Powershell commandlets are using these COM interfaces under the hood.

Sorry to say, I don't have any examples to offer nor does there appear to be much on the subject in the Tech Database.  Perhaps take a stab at it once you decide on a technology and we forum users can offer you some guidance when you get stuck.
"No one who sees a peregrine falcon fly can ever forget the beauty and thrill of that flight."
  - Dr. Tom Cade

pamsniffer

#2
May 01, 2015, 09:49:14 AM
ok thx. I will read the information.

td

#3
May 01, 2015, 10:24:47 AM
Here is a very basic example that allows all inbound traffic to notepad set on the local computer's firewall policy.  Hopefully, it will provide something of a starting point.

Code (winbatch) Select
objFwPol = ObjectCreate('HNetCfg.FwPolicy2')
objFwRule = ObjectCreate('HNetCfg.FWRule')
NET_FW_ACTION_ALLOW = 1

objFwRule.Action = NET_FW_ACTION_ALLOW;
objFwRule.Description = "Allow notepad";
objFwRule.ApplicationName = "C:\Windows\notepad.exe"
objFwRule.Enabled = 1
objFwRule.InterfaceTypes = "All"
objFwRule.Name = "Notepad"
objFwPol.Rules.Add(objFwRule)
"No one who sees a peregrine falcon fly can ever forget the beauty and thrill of that flight."
  - Dr. Tom Cade
Print
Go Up Pages1
User actions