EzFirewallMgmt

about_EzFirewallMgmt

SHORT DESCRIPTION

Simplified helper functions to block and unblock ports and programs Utilizes New-NetFirewallRule and Remove-NetFirewallRule functions and turns them into easier to use versions for basic operations

LONG DESCRIPTION

New-NetFirewallRule has many parameters that you often don't need or don't want to specify over and over again. This module handles the extra parameters in that function for simpler basic operations for common firewall rule needs.

This is done with helper functions like Unblock-Port and Unblock-Program which are 2 very common types of firewall rules that get created. This module helps with automatically creating inbound and outbound matching rules, finding all exes in a program's path, and also defaulting to blocking/unblocking both tcp and udp versions of a port.

It ends up creating multiple rules with similar naming conventions that can then be found and removed with its other helper functions.

Usage Scenario

i.e. Maybe you set windows firewall to default block all incoming/outgoing connections So you now want to selectively unblock things through the firewall for a more secure and controlled network.

You could set the default controls to block in the windows firewall advanced setting gui/control panel and then use the following ideas to start opening things up.

Port Rules

You could unblock a port on both tcp and udp simply with Unblock-Port -port 1434

Or just unblock a port on tcp Unblock-Port -port 1433 -protocol TCP

Program Rules

There is also Unblock-Program -name "steam" this will find that folders that match that program name in the program files folders and allow all exe's within those folders access to the network.

Or you can specify a path to a specific program(s) with Unblock-Program -path "C:\Path\to\program.exe"

Each Unblock function has an equal Block function that operates the same but creates block action rules.

Removing Rules

You can also remove rules that were created with this module with Remove-PortRule and Remove-ProgramRule.

THe parameters for

Rule Naming

These removals and adds of firewall rules will create names based on the command used. i.e. Unblock-Port -port "1433-1434","135" would create rules named "Unblock Port 1433-1434,135 TCP inbound", "Unblock Port 1433-1434,135 TCP outbound", "Unblock Port 1433-1434,135 UDP inbound", "Unblock Port 1433-1434,135 UDP outbound"

Running Remove-PortUnblock -port "1433-1434","135" Would remove all 4 of those rules by using Get-PortRuleName to get the base string used for creating the rule and appending a wildcard * to it.

The program rules follow a similar pattern of {Unblock|Block} program {programName} - {program.exe} {inbound|outbound} and the Remove-ProgramRule function works in the same wildcard appending manner.