Powershell Script to Retrieve Firewall Rules And Ports

When we perform Side-by-Side Migrations there are times where we need to have a look at Windows Firewall Rules for troubleshooting the Issues.

Also if we want to check what FW rules are currenlty in Placed or Enabled

By using Get-NetFirewallRule command we can get list of FW rules which are already enabled

Almost a year back I saw the script online and saved in my folder but I used this Script now in my current orgnaisation and helped this script today for me .So, wanted to share it online and can have others if they don’t have it.. Sorry for not providing the Author Name here as I was not noted at that time

Note : Used this script and working fine on Windows server 2016 , I haven’t tried it in other Windows Version ..If you are trying lower version please do TEST it and then use it .

Retrieve a list of Firewall Rules

Get-NetFirewallRule -Direction Inbound | Select-Object -Property DisplayName,Profile,Enabled

Filter the options for Inbound Rule and select a few properties and sort the list

$InboundRules = Get-NetFirewallRule -Direction Inbound | Select-Object -Property DisplayName,Profile,Enabled
$InboundRules | Sort-Object -Property DisplayName

Filter the options a bit more – Inbound Rules for the Domain profile

$InboundRulesDomain = Get-NetFirewallRule -Direction Inbound | Where-Object {$_.Profile -EQ “Domain” -or $_.Profile -EQ “Any”}
$InboundRulesDomain | Select-Object -Property DisplayName,Profile,Enabled | Sort-Object -Property DisplayName
$InboundRulesDomain | Select-Object -Property DisplayName,Profile,Enabled | Export-Csv -Path “C:\FireWallReport.csv”
Import-Csv -Path “C:\FireWallReport.csv” | Out-GridView

Retrieve details about protocol and port information from the same data

$InboundDomainPorts = $InboundRulesDomain | Get-NetFirewallPortFilter | Select-Object -Property InstanceID,Protocol,LocalPort,RemotePort
$InboundDomainPorts | Sort-Object -Property InstanceID
$InboundDomainPorts | Export-Csv -Path “C:\FireWallPortReport.csv”
Import-Csv -Path “C:\FireWallPortReport.csv” | Out-GridView

Author: Sri

Hello Friends, This blog is to help the IT professionals who want to become a professional SQL Server DBA but don't know how and from where to start with. So, I am going to share my experiences and my learning in this blog. Will talk about what are the pre-requisite skills required to become a Professional SQL Server DBA, how much time it takes to be a good DBA and what are the additional skill sets are required to become a good DBA. Apart from that I will also post real time sql server settings on server level and database level, Configuring High Availability. Also will share the Client requirements with real time setups if possible I will provide you with screenshots.

One thought on “Powershell Script to Retrieve Firewall Rules And Ports”

  1. Sri, this is slightly shorter than your script
    Please note that this script will grab only Enabled, Inbound rules, but it writes as you intended results into a CSV file then displays the results in a GridView.
    I prefer to display Profile at the end, since more than 1 can be listed, but you can of course play with the order of columns to your liking

    Get-NetFirewallRule -Name ‘*’ | Where-Object {$_.Enabled –eq ‘True’ –and $_.Direction –eq ‘Inbound’} |
    Select-Object Name, DisplayName, DisplayGroup, Action,
    @{Name=’Protocol’;Expression={($PSItem | Get-NetFirewallPortFilter).Protocol}},
    @{Name=’LocalPort’;Expression={($PSItem | Get-NetFirewallPortFilter).LocalPort}},
    @{Name=’RemotePort’;Expression={($PSItem | Get-NetFirewallPortFilter).RemotePort}},
    @{Name=’RemoteAddress’;Expression={($PSItem | Get-NetFirewallAddressFilter).RemoteAddress}},
    Profile | Export-Csv -Path “C:\PS\FireWallPortReport.csv” -NoTypeInfo -Delim “,”
    Import-Csv -Path “C:\PS\FireWallPortReport.csv” | Out-GridView

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: