Playing around with Windows Firewall

Started by stanl, February 12, 2019, 03:59:41 AM

Previous topic - Next topic

stanl

Attached a spreadsheet that parses out some documented/undocumented port assignments. The script is fairly simple.


Code (WINBATCH) Select


;Winbatch 2018B - Local Firewall Ports
;Stan Littlefield - February 10, 2019
;
;Outputs to .csv file, with options for scope
;============================================================


#DefineSubRoutine fwallPorts(scope)  ;scope can be "ALL", or specific "SQL Server"
                                     ;or bar-delimited "SQL Server|cCleaner|Oracle"
IntControl(73,1,0,0,0)
oFW=0
oFW = CreateObject("HNetCfg.FwPolicy2")


BoxOpen("Please Wait","Enumerating Firewall Local Ports")
cOut="Name,ApplicationName,LocalPorts,Direction":@CRLF
scoped=0
If StrIndex(scope,"|",0,@FWDSCAN)>0 Then scoped=1


ForEach rule in oFW.Rules
   rd=""
   If rule.Protocol == NET_FW_IP_PROTOCOL_TCP | rule.Protocol == NET_FW_IP_PROTOCOL_UDP
      If rule.Direction == NET_FW_RULE_DIR_IN Then rd="In"
      If rule.Direction == NET_FW_RULE_DIR_Out Then rd="Out"
      If scope=="ALL" Then cOut=cOut:rule.Name:",":rule.ApplicationName:",":rule.LocalPorts:",":rd:@CRLF
      If ! scoped
         If scope<>"ALL" & StrIndex(strupper(rule.Name),strupper(scope),0,@FWDSCAN)>0  Then cOut=cOut:rule.Name:",":rule.ApplicationName:",":rule.LocalPorts:",":rd:@CRLF
      Else
         For i= 1 to ItemCount(scope,"|")
            scope1= ItemExtract(i,scope,"|")
            If StrIndex(strupper(rule.Name),strupper(scope1),0,@FWDSCAN)>0  Then cOut=cOut:rule.Name:",":rule.ApplicationName:",":rule.LocalPorts:",":rd:@CRLF
         Next
      Endif
   Endif
Next


oFW=0
FilePut(fOut,cOut)                     
If FileExist(fOut)
   Boxtext("CSV File Created":@LF:fOut)
   Timedelay(2)
Endif
BoxShut()


Return(@TRUE)


:WBERRORHANDLER
Return(@FALSE)


#EndSubRoutine






;constahts
NET_FW_PROFILE2_DOMAIN = 1
NET_FW_PROFILE2_PRIVATE = 2
NET_FW_PROFILE2_PUBLIC = 4


;Protocol
NET_FW_IP_PROTOCOL_TCP = 6
NET_FW_IP_PROTOCOL_UDP = 17
NET_FW_IP_PROTOCOL_ICMPv4 = 1
NET_FW_IP_PROTOCOL_ICMPv6 = 58


;Direction
NET_FW_RULE_DIR_IN = 1
NET_FW_RULE_DIR_OUT = 2


;Action
NET_FW_ACTION_BLOCK = 0
NET_FW_ACTION_ALLOW = 1


fOut = dirscript():"Firewall_LocalPorts.csv"
If FileExist(fOut) Then FileDelete(fOut)


;test- change as needed or use ALL
If ! fwallPorts("SQL Server|cCleaner") Then Terminate(@TRUE,"Function Call Failed","Error Creating or Enumerating Firewall Object")
Exit


;==================================================================