How to know currently open ports on the Windows Firewall?
The reason you can't get the same results using the same commands is that the Win7 firewall rules can be specific to an individual application, and configured per network type (Private, Domain, Public), protocol, port, etc. Powershell should give you a much better way to query this information and sort it. Here's a quick script I have to dump my configuration, when I need it.
Function Get-EnabledRules
{
Param($profile)
$rules = (New-Object -comObject HNetCfg.FwPolicy2).rules
$rules = $rules | where-object {$_.Enabled -eq $true}
$rules = $rules | where-object {$_.Profiles -bAND $profile}
$rules
}
$networkListManager = [Activator]::CreateInstance([Type]::GetTypeFromCLSID([Guid]"{DCB00C01-570F-4A9B-8D69-199FDBA5723B}"))
$connections = $networkListManager.GetNetworkConnections()
[int[] ] $connTypes = @()
$connTypes = ($connections | % {$_.GetNetwork().GetCategory()})
#$connTypes += 1
Write-Host $connTypes
$connTypes | ForEach-Object {Get-EnabledRules -profile $_ | sort localports,Protocol | format-table -wrap -autosize -property Name, @{Label="Action"; expression={$_.action}}, @{Label="Protocol"; expression={$_.protocol}}, localPorts,applicationname}
A lot of this was based off of this post on MSDN
Related videos on Youtube
Ruben Rubovski
Updated on September 17, 2022Comments
-
Ruben Rubovski almost 2 years
Our company has two websites. Both websites have their own subdomains (on same domain). Both websites are using the same LDAP server for authentication.
Is there a way to authenticate users only once, and allow the (authenticated) user to access either website so that we don't have to login in to each site separately? For example, I'm logged in to siteA.domain.org, then I click on siteB.domain.org -- in this case I wouldn't be prompted to login to siteB.domain.org because I'm already authenticated to siteA.domain.org.
-
Admin over 13 yearsHow is it error prone?
-
Admin over 13 yearsThere are so many rules while I'm just interested in the effective ones.
-
Admin over 13 yearsAnd that makes it error prone?
-
Admin over 13 yearsYeah. Examining dozens of rules in a second is error prone.
-
Admin over 13 yearsProne to what errors exactly? Reading them wrong? Why are you trying to read them in one second? Try slowing down a little bit. In addition, in the GUI you can filter the view by the state of the rule, so you could filter it to show only those rules that are enabled.
-
Admin over 13 yearsWell, I was trying Hyper-V Server 2008 R2 today. It does not have a GUI for Windows Firewall. Anyway, if a command can give us direct result, there's no need to work it out ourselves, right? Especially this feature is available in prior versions, and there is no apparent reason to get rid of it. Perhaps the command just changed a little.
-
Mikael Dúi Bolinder over 10 yearsTried setting the cookie for *.domain.org?
-
-
Cristian E. over 3 yearswhat is this -> GetTypeFromCLSID([Guid]"{DCB00C01-570F-4A9B-8D69-199FDBA5723B}")