forked from MattiasC85/Scripts
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Create-FireWallRule.ps1
45 lines (37 loc) · 1.29 KB
/
Create-FireWallRule.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
#Verified in WinPE 10 / Win10
#Defaults to create an incoming rule which allows the TCP protocol on choosen port(s)
Param (
[Parameter(ValueFromPipelineByPropertyName,Mandatory=$true)]
[ValidateNotNullOrEmpty()]
[string] $Name,
[Parameter(ValueFromPipelineByPropertyName,Mandatory=$true)]
[string[]] $Ports,
[Parameter(ValueFromPipelineByPropertyName,Mandatory=$false)]
[System.Net.Sockets.ProtocolType] $Protocol=[System.Net.Sockets.ProtocolType]::TCP,
[Parameter(ValueFromPipelineByPropertyName,Mandatory=$false)]
[string] $ApplicationPath,
[Parameter(ValueFromPipelineByPropertyName,Mandatory=$false)]
[ValidateSet('In','Out')]
[string]$Direction="In",
[Parameter(ValueFromPipelineByPropertyName,Mandatory=$false)]
[ValidateSet('Allow','Block')]
[string]$Action="Allow"
)
$fw=New-Object -ComObject HNetcfg.FWpolicy2
$rule=New-Object -ComObject HNetCfg.FWRule
if ($ApplicationPath -notin ($null,""))
{
$rule.ApplicationName=$ApplicationPath
}
$rule.Direction=switch($Direction){"In" {1} "Out" {2}}
$rule.Name=$Name
$rule.Protocol=$Protocol.Value__
$rule.LocalPorts=$Ports -join ","
$rule.EdgeTraversal=$false
switch($Action)
{
'Allow' {$rule.Action=1}
'Block' {$rule.Action=0}
}
$rule.Enabled=$true
$fw.Rules.Add($rule)