Scripting for Windows Firewall

 

Add an Authorized Application

Adds Freecell.exe to the list of authorized applications in the current Windows Firewall profile.

Set objFirewall = CreateObject("HNetCfg.FwMgr") Set objPolicy = objFirewall.LocalPolicy.CurrentProfile  Set objApplication = CreateObject("HNetCfg.FwAuthorizedApplication") objApplication.Name = "Free Cell" objApplication.IPVersion = 2 objApplication.ProcessImageFileName = "c:windowssystem32freecell.exe" objApplication.RemoteAddresses = "*" objApplication.Scope = 0 objApplication.Enabled = True  Set colApplications = objPolicy.AuthorizedApplications colApplications.Add(objApplication) 	 

Add an Application to the Standard Profile

Adds Freecell.exe to the list of authorized applications in the Windows Firewall standard profile.

Set objFirewall = CreateObject("HNetCfg.FwMgr") Set objPolicy = objFirewall.LocalPolicy Set objProfile = objPolicy.GetProfileByType(1)  Set objApplication = CreateObject("HNetCfg.FwAuthorizedApplication") objApplication.Name = "Free Cell" objApplication.IPVersion = 2 objApplication.ProcessImageFileName = "c:windowssystem32freecell.exe" objApplication.RemoteAddresses = "*" objApplication.Scope = 0 objApplication.Enabled = True  Set colApplications = objProfile.AuthorizedApplications colApplications.Add(objApplication) 	 

Create a New Port

Opens port 9999 in the Windows Firewall current profile.

Set objFirewall = CreateObject("HNetCfg.FwMgr") Set objPolicy = objFirewall.LocalPolicy.CurrentProfile  Set objPort = CreateObject("HNetCfg.FwOpenPort") objPort.Port = 9999 objPort.Name = "Test Port" objPort.Enabled = FALSE Set colPorts = objPolicy.GloballyOpenPorts  errReturn = colPorts.Add(objPort) 	 

Delete an Authorized Application

Deletes Freecell.exe from the list of authorized applications in the Windows Firewall current profile.

Set objFirewall = CreateObject("HNetCfg.FwMgr") Set objPolicy = objFirewall.LocalPolicy.CurrentProfile  Set colApplications = objPolicy.AuthorizedApplications  errReturn = colApplications.Remove("c:windowssystem32freecell.exe") 	 

Disable the Firewall

Disables the Windows Firewall for the current profile.

Set objFirewall = CreateObject("HNetCfg.FwMgr") Set objPolicy = objFirewall.LocalPolicy.CurrentProfile  objPolicy.FirewallEnabled = FALSE 	 

Delete an Open Port

Closes port 9999 in the Windows Firewall current profile.

Set objFirewall = CreateObject("HNetCfg.FwMgr") Set objPolicy = objFirewall.LocalPolicy.CurrentProfile  Set colPorts = objPolicy.GloballyOpenPorts errReturn = colPorts.Remove(9999,6) 	 

Disable Remote Administration

Disable Windows Firewall remote administration.

Set objFirewall = CreateObject("HNetCfg.FwMgr") Set objPolicy = objFirewall.LocalPolicy.CurrentProfile  Set objAdminSettings = objPolicy.RemoteAdminSettings objAdminSettings.Enabled = FALSE 	 

Enable the Firewall

Enables Windows Firewall for the current profile.

Set objFirewall = CreateObject("HNetCfg.FwMgr") Set objPolicy = objFirewall.LocalPolicy.CurrentProfile  objPolicy.FirewallEnabled = TRUE 	 

Enable File and Printer Sharing Through Windows Firewall

Enables File and Printer Sharing on a computer running Windows XP Service Pack 2.

Set objFirewall = CreateObject("HNetCfg.FwMgr") Set objPolicy = objFirewall.LocalPolicy.CurrentProfile  Set colServices = objPolicy.Services Set objService = colServices.Item(0) objService.Enabled = TRUE 	 

Enable Remote Administration

Enables remote administration of Windows Firewall fro the current profile.

Set objFirewall = CreateObject("HNetCfg.FwMgr") Set objPolicy = objFirewall.LocalPolicy.CurrentProfile  Set objAdminSettings = objPolicy.RemoteAdminSettings objAdminSettings.Enabled = TRUE 	 

List Authorized Applications

Lists all authorized applications for the Windows Firewall current profile.

Set objFirewall = CreateObject("HNetCfg.FwMgr") Set objPolicy = objFirewall.LocalPolicy.CurrentProfile  Set colApplications = objPolicy.AuthorizedApplications  For Each objApplication in colApplications     Wscript.Echo "Authorized application: " & objApplication.Name     Wscript.Echo "Application enabled: " & objApplication.Enabled     Wscript.Echo "Application IP version: " & objApplication.IPVersion     Wscript.Echo "Application process image file name: " & _         objApplication.ProcessImageFileName     Wscript.Echo "Application remote addresses: " & _         objApplication.RemoteAddresses     Wscript.Echo "Application scope: " & objApplication.Scope     Wscript.Echo Next 	 

List Authorized Applications in the Standard Profile

Lists all authorized applications for the Windows Firewall standard profile.

Set objFirewall = CreateObject("HNetCfg.FwMgr") Set objPolicy = objFirewall.LocalPolicy  Set objProfile = objPolicy.GetProfileByType(1) Set colApplications = objProfile.AuthorizedApplications  For Each objApplication in colApplications     Wscript.Echo "Authorized application: " & objApplication.Name     Wscript.Echo "Application enabled: " & objApplication.Enabled     Wscript.Echo "Application IP version: " & objApplication.IPVersion     Wscript.Echo "Application process image file name: " & _         objApplication.ProcessImageFileName     Wscript.Echo "Application remote addresses: " & _         objApplication.RemoteAddresses     Wscript.Echo "Application scope: " & objApplication.Scope     Wscript.Echo Next 	 

List All Globally-Open Ports

Lists all globally-open ports for the Windows Firewall current profile.

Set objFirewall = CreateObject("HNetCfg.FwMgr") Set objPolicy = objFirewall.LocalPolicy.CurrentProfile  Set colPorts = objPolicy.GloballyOpenPorts  For Each objPort in colPorts     Wscript.Echo "Port name: " & objPort.Name     Wscript.Echo "Port number: " & objPort.Port     Wscript.Echo "Port IP version: " & objPort.IPVersion     Wscript.Echo "Port protocol: " & objPort.Protocol     Wscript.Echo "Port scope: " & objPort.Scope     Wscript.Echo "Port remote addresses: " & objPort.RemoteAddresses     Wscript.Echo "Port enabled: " & objPort.Enabled     Wscript.Echo "Port built-in: " & objPort.Builtin Next 	 

List Firewall Properties

Lists Windows Firewall properties for the current profile.

Set objFirewall = CreateObject("HNetCfg.FwMgr") Set objPolicy = objFirewall.LocalPolicy.CurrentProfile Wscript.Echo "Current profile type: " & objFirewall.CurrentProfileType  Wscript.Echo "Firewall enabled: " & objPolicy.FirewallEnabled Wscript.Echo "Exceptions not allowed: " & objPolicy.ExceptionsNotAllowed Wscript.Echo "Notifications disabled: " & objPolicy.NotificationsDisabled Wscript.Echo "Unicast responses to multicast broadcast disabled: " & _     objPolicy.UnicastResponsestoMulticastBroadcastDisabled 	 

List Firewall Service Properties

Lists service properties for the Windows Firewall current profile.

Set objFirewall = CreateObject("HNetCfg.FwMgr") Set objPolicy = objFirewall.LocalPolicy.CurrentProfile  Set colServices = objPolicy.Services  For Each objService in colServices     Wscript.Echo "Service name: " & objService.Name     Wscript.Echo "Service enabled: " & objService.Enabled     Wscript.Echo "Service type: " & objService.Type     Wscript.Echo "Service IP version: " & objService.IPVersion     Wscript.Echo "Service scope: " & objService.Scope     Wscript.Echo "Service remote addresses: " & objService.RemoteAddresses     Wscript.Echo "Service customized: " & objService.Customized     Set colPorts = objService.GloballyOpenPorts     For Each objPort in colPorts         Wscript.Echo "Port name: " & objPort.Name         Wscript.Echo "Port number: " & objPort.Port         Wscript.Echo "Port enabled: " & objPort.Enabled         Wscript.Echo "Port built-in: " & objPort.BuiltIn         Wscript.Echo "Port IP version: " & objPort.IPVersion         Wscript.Echo "Port protocol: " & objPort.Protocol         Wscript.Echo "Port remote addresses: " & objPort.RemoteAddresses         Wscript.Echo "Port scope: " & objPort.Scope     Next     Wscript.Echo Next 	 

List ICMP Settings

Lists ICMP settings for the Windows Firewall current profile.

Set objFirewall = CreateObject("HNetCfg.FwMgr") Set objPolicy = objFirewall.LocalPolicy.CurrentProfile  Set objICMPSettings = objPolicy.ICMPSettings  Wscript.Echo "Allow inbound echo request: " & _     objICMPSettings.AllowInboundEchoRequest Wscript.Echo "Allow inbound mask request: " & _     objICMPSettings.AllowInboundMaskRequest Wscript.Echo "Allow inbound router request: " & _     objICMPSettings.AllowInboundRouterRequest Wscript.Echo "Allow inbound timestamp request: " & _     objICMPSettings.AllowInboundTimestampRequest Wscript.Echo "Allow outbound destination unreachable: " & _     objICMPSettings.AllowOutboundDestinationUnreachable Wscript.Echo "Allow outbound packet too big: " & _     objICMPSettings.AllowOutboundPacketTooBig Wscript.Echo "Allow outbound parameter problem: " & _     objICMPSettings.AllowOutboundParameterProblem Wscript.Echo "Allow outbound source quench: " & _     objICMPSettings.AllowOutboundSourceQuench Wscript.Echo "Allow outbound time exceeded: " & _     objICMPSettings.AllowOutboundTimeExceeded Wscript.Echo "Allow redirect: " & objICMPSettings.AllowRedirect 	 

List Remote Administration Settings

Lists remote administration settings for the Windows Firewall current profile.

Set objFirewall = CreateObject("HNetCfg.FwMgr") Set objPolicy = objFirewall.LocalPolicy.CurrentProfile  Set objAdminSettings = objPolicy.RemoteAdminSettings Wscript.Echo "Remote administration settings enabled: " & _     objAdminSettings.Enabled Wscript.Echo "Remote administration addresses: " & _     objAdminSettings.RemoteAddresses Wscript.Echo "Remote administration scope: " & objAdminSettings.Scope Wscript.Echo "Remote administration IP version: " & objAdminSettings.IPVersion 	 

List Standard Profile Properties

Demonstration script that connects to and returns information about the Windows Firewall standard profile.

Set objFirewall = CreateObject("HNetCfg.FwMgr") Set objPolicy = objFirewall.LocalPolicy Set objProfile = objPolicy.GetProfileByType(1)  Wscript.Echo "Firewall enabled: " & objProfile.FirewallEnabled Wscript.Echo "Exceptions not allowed: " & objProfile.ExceptionsNotAllowed Wscript.Echo "Notifications disabled: " & objProfile.NotificationsDisabled Wscript.Echo "Unicast responses to multicast broadcast disabled: " & -     objProfile.UnicastResponsestoMulticastBroadcastDisabled 	 

Modify an ICMP Setting

Demonstration script that modifies a Windows Firewall ICMP setting for the current profile.

Set objFirewall = CreateObject("HNetCfg.FwMgr") Set objPolicy = objFirewall.LocalPolicy.CurrentProfile  Set objICMPSettings = objPolicy.ICMPSettings objICMPSettings.AllowRedirect = TRUE 	 

Modify a Firewall Property

Demonstration script that modifies Windows Firewall properties for the current profile.

Set objFirewall = CreateObject("HNetCfg.FwMgr") Set objPolicy = objFirewall.LocalPolicy.CurrentProfile  objPolicy.ExceptionsNotAllowed = TRUE objPolicy.NotificationsDisabled = TRUE objPolicy.UnicastResponsestoMulticastBroadcastDisabled = TRUE 	 

Open a Closed Port

Opens closed port 9999 for the Windows Firewall current profile.

Set objFirewall = CreateObject("HNetCfg.FwMgr") Set objPolicy = objFirewall.LocalPolicy.CurrentProfile Set colPorts = objPolicy.GloballyOpenPorts  Set objPort = colPorts.Item(9999,6) objPort.Enabled = TRUE 	 

Restore the Default Settings

Restore the Windows Firewall default settings.

Set objFirewall = CreateObject("HNetCfg.FwMgr") objFirewall.RestoreDefaults()
 
Enjoy
Paddy
 

Leave a Reply

Your email address will not be published. Required fields are marked *