-
Notifications
You must be signed in to change notification settings - Fork 21
Expand file tree
/
Copy pathGet-FirewallRules.ps1
More file actions
54 lines (48 loc) · 2.02 KB
/
Get-FirewallRules.ps1
File metadata and controls
54 lines (48 loc) · 2.02 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
# Get currently active network profiles
$activeProfiles = (Get-NetConnectionProfile).NetworkCategory
$activeProfiles = $activeProfiles | ForEach-Object {
switch ($_) {
'DomainAuthenticated' { 'Domain' }
'Domain' { 'Domain' }
'Private' { 'Private' }
'Public' { 'Public' }
default { $_ }
}
}
# Get all enabled firewall rules from ActiveStore (runtime)
$rules = Get-NetFirewallRule -PolicyStore ActiveStore | Where-Object { $_.Enabled -eq $true }
$report = foreach ($rule in $rules) {
# Use ToString() for Profile to handle enum type
$profileText = $rule.Profile.ToString()
# Convert to array of normalized profile names
if ($profileText -eq 'Any') {
$ruleProfiles = @('Domain','Private','Public')
} else {
$ruleProfiles = ($profileText -split ',\s*' | ForEach-Object {
switch ($_) {
'DomainAuthenticated' { 'Domain' }
'Domain' { 'Domain' }
'Private' { 'Private' }
'Public' { 'Public' }
default { $_ }
}
})
}
# Determine which active profiles enforce this rule
$enforcedProfiles = $activeProfiles | Where-Object { $_ -in $ruleProfiles }
[PSCustomObject]@{
DisplayName = $rule.DisplayName
Name = $rule.Name
Enabled = $rule.Enabled
Direction = $rule.Direction
Action = $rule.Action
RuleProfiles = ($ruleProfiles -join ', ')
ActiveProfiles = ($activeProfiles -join ', ')
EnforcedFor = if ($enforcedProfiles) { $enforcedProfiles -join ', ' } else { 'None' }
PrimaryStatus = $rule.PrimaryStatus
EnforcementStatus = ($rule.EnforcementStatus -join ', ')
PolicyStoreSource = $rule.PolicyStoreSource
}
}
# Show results
$report | Out-GridView