-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathwindows_check_firewall.ps1
More file actions
executable file
·52 lines (41 loc) · 1.25 KB
/
windows_check_firewall.ps1
File metadata and controls
executable file
·52 lines (41 loc) · 1.25 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
<#
.TITLE
Check Firewall Status [Windows]
.SUPPORTS
Windows
.LICENSE
AGPLv3
.CATEGORY
Firewall
.CHANGELOG
20250204 - Initial version
#>
$Ret = 0
$Profiles = $(Get-NetFirewallProfile | select Name,Enabled)
$ConnectionProfiles = $(Get-NetConnectionProfile | Select Name,NetworkCategory,IPv4Connectivity)
$AllRules = $(Get-NetFirewallRule -Action Allow -Enabled True -Direction Inbound)
$Rules = @()
$Categories = @("Any")
$Profiles | Format-Table
if (($Profiles | where { $_.Enabled -eq $True } | measure ).Count -eq 3) {
Write-Output "Windows firewall enabled"
}
else {
Write-Output "WARNING: Windows firewall disabled"
}
$ConnectionProfiles | Format-Table
ForEach($Profile in $ConnectionProfiles) {
$Categories += $Profile.NetworkCategory
}
ForEach($Rule in $AllRules) {
if ($Rule.Profile -in $Categories) {
$Rules += $Rule
}
}
$Rules | Format-Table -Property Name,
@{Name='Protocol';Expression={($PSItem | Get-NetFirewallPortFilter).Protocol}},
@{Name='LocalPort';Expression={($PSItem | Get-NetFirewallPortFilter).LocalPort}},
@{Name='RemotePort';Expression={($PSItem | Get-NetFirewallPortFilter).RemotePort}},
@{Name='RemoteAddress';Expression={($PSItem | Get-NetFirewallAddressFilter).RemoteAddress}},
Enabled,Profile,Direction,Action
Exit($Ret)