Firewall: Get port and rule information

This topic contains 1 reply, has 2 voices, and was last updated by  Don Jones 5 months, 2 weeks ago.

  • Author
    Posts
  • #70039

    Lakatta
    Participant

    I'm having a heck of a time pulling a report for ports, and then adding the rule display name and other information to it.

    Input a port number
    Get all firewall rules, remote addresses, for the local port number entered.
    Get the Display Name, Local Port, Remote Port, Protocol, Enabled, Action, Remote Addresses

    Something is wrong with my logic, and of course the code. After staring at the screen non-stop to get this worked out, I am finally fried after three days.

    Any help in the right direction is appreciated.
    I'm seeing where it may be wrong, yet, I can't figure out the right direction.

    [pre]
    $Script:Portos = Read-Host "Enter a Port Number"

    $Script:Rules = Get-NetFirewallRule -policystore ActiveStore | Where-object ((Enabled -eq "True") -and (Action -eq "Allow"))

    $Script:PortFilter = $Script:Rules | get-netfirewallportfilter -PolicyStore ActiveStore | Where-Object localport -eq $Script:Portos

    Foreach ($Script:One in $Script:PortFilter)
    {

    $Script:One |
    get-netfirewallportfilter -PolicyStore ActiveStore |
    Where-Object -Property { $_.localport -Eq "$Script:Portos" } |
    Select-Object Protocol , LocalPort , RemotePort

    $DasRemoteIps = $Script:One |
    Get-NetFirewallRule |
    Where-object {$_.Enabled -eq "True" -and $_.Action -eq "Allow"} |
    Select-Object RemoteAddress -Verbose

    $DasRuleName = $Script:One |
    Get-NetFirewallRule -policystore ActiveStore |
    Where-object {$_.Enabled -eq "True" -and $_.Action -eq "Allow"}

    Write-host `n
    Write-output ("Display name :" + $DasRuleName.DisplayName)
    Write-Output ("Port Number :" + $DasPort.LocalPort)
    Write-Output ("Remote Port :" + $DasPort.LocalPort)
    Write-Output ("Protocol :" + $DasPort.LocalPort)
    Write-output ("Enabled :" + $DasRulename.Enabled)
    Write-output ("Action :" + $DasRuleName.Action)
    Write-Output "Remote Addresses:"
    Write-Output "—————————"
    $DasRemoteIps.RemoteAddress
    Write-host `n
    }
    [/pre]

  • #70087

    Don Jones
    Keymaster

    Please review the instructions above the posting textbox for code formatting – [square brackets] aren't usable here.

    You should also, over time, investigate emitting a custom object rather than a bunch of strings. As-is, the data you're outputting is going to be pretty much limited to screen display. "The PowerShell Scripting & Toolmaking Book" is a good resource (I'm biased) for getting into the "PowerShell way" of doing this. Those $script: modifiers are also unnecessary and are going to get you in to trouble.

    Now... where do you see it going wrong? Like, can you set breakpoints after each variable assignment, check the variable's new contents, and see where things stop going as you expect?

You must be logged in to reply to this topic.