Hi,
How can i add firewall rules to windows firewall using winbatch
such as block 135 or 80
The exact 'how' depends on several factors. First, assuming that you are referring to the built-in Windows firewall as apposed to a third party firewall then it depends to some extent on your version of Windows and whether or not the firewall rules are implemented as part of domain group policy settings or a machine's local policy.
Of course, like most things Windows the information is stored in the registry. There is some good documentation about firewall registry settings in the link below.
https://technet.microsoft.com/en-us/library/cc737845%28WS.10%29.aspx (https://technet.microsoft.com/en-us/library/cc737845%28WS.10%29.aspx)
The article also mentions the netsh command line utility that can be used to modify the Windows firewall and which can be called from one of the WinBatch Run* functions. The documentation for this powerful utility's firewall related commands can be found here
https://technet.microsoft.com/en-us/library/dd734783%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396 (https://technet.microsoft.com/en-us/library/dd734783%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396)
The above link explains the 'advfirewall' command for newer versions of Windows. Older versions of Windows use the 'firewall' command.
You can also use Powershell to add firewall rules to both local and remote computers. Some information about that can be found here
http://blogs.technet.com/b/heyscriptingguy/archive/2012/11/13/use-powershell-to-create-new-windows-firewall-rules.aspx (http://blogs.technet.com/b/heyscriptingguy/archive/2012/11/13/use-powershell-to-create-new-windows-firewall-rules.aspx)
There are examples of using PowerShell with WinBatch in the Tech Database. If Stan happens to wander by, I am sure he will expound on Powershell more.
Finally, there is the HNetCfg.FwMgr COM Automation object that is supposed to be able to add firewall rules along with other firewall related tasks. The documentation for this object's interfaces can be found here
https://msdn.microsoft.com/en-us/library/windows/desktop/aa366449%28v=vs.85%29.aspx (https://msdn.microsoft.com/en-us/library/windows/desktop/aa366449%28v=vs.85%29.aspx)
You can also place 'HNetCfg.FwMgr' into the progid box of the WIL Type Viewer and click the 'Get Library' button. This will give you an idea of the object properties and methods available. I suspect that the Powershell commandlets are using these COM interfaces under the hood.
Sorry to say, I don't have any examples to offer nor does there appear to be much on the subject in the Tech Database. Perhaps take a stab at it once you decide on a technology and we forum users can offer you some guidance when you get stuck.
ok thx. I will read the information.
Here is a very basic example that allows all inbound traffic to notepad set on the local computer's firewall policy. Hopefully, it will provide something of a starting point.
objFwPol = ObjectCreate('HNetCfg.FwPolicy2')
objFwRule = ObjectCreate('HNetCfg.FWRule')
NET_FW_ACTION_ALLOW = 1
objFwRule.Action = NET_FW_ACTION_ALLOW;
objFwRule.Description = "Allow notepad";
objFwRule.ApplicationName = "C:\Windows\notepad.exe"
objFwRule.Enabled = 1
objFwRule.InterfaceTypes = "All"
objFwRule.Name = "Notepad"
objFwPol.Rules.Add(objFwRule)
thx