Get NetFirewallRule - PowerShell

Overview

Get-NetFirewallRule retrieves rules configured for the Windows Firewall. It allows you to inspect inbound and outbound rules, including their properties and settings. This command is essential for managing network connectivity, security, and fine-tuning firewall policies.

Syntax

Get-NetFirewallRule [-Name] <String> [-DisplayName] <String> [-Group] <String> [-Direction] <String> [-Action] <String> [-Enabled] <Boolean> [-InterfaceType] <String> [-RemoteAddress] <String> [-LocalAddress] <String> [-Protocol] <String> [-LocalPort] <UInt16[]> [-RemotePort] <UInt16[]> [-PolicyStore] <String>

Options/Flags

  • -Name: Specifies the exact name of the rule to find.
  • -DisplayName: Filters rules based on their display name. Supports wildcard (*) patterns.
  • -Group: Narrows down results by firewall rule group, such as “Inbound Rules” or “Outbound Rules”.
  • -Direction: Filters rules based on their direction, either “Inbound” or “Outbound”.
  • -Action: Retrieves rules based on their action when matching network traffic, such as “Allow” or “Block”.
  • -Enabled: Includes or excludes disabled rules from the results.
  • -InterfaceType: Specifies the network interface type to check for rules, such as “Any”, “Ethernet”, or “Wireless”.
  • -RemoteAddress: Filters rules based on the IP address range they apply to remotely.
  • -LocalAddress: Filters rules based on the IP address range they apply to locally.
  • -Protocol: Retrieves rules based on the network protocol they apply to, such as “TCP” or “UDP”.
  • -LocalPort: Filters rules based on the local port range they apply to. Can be an array of port numbers.
  • -RemotePort: Filters rules based on the remote port range they apply to. Can be an array of port numbers.
  • -PolicyStore: Specifies the firewall policy store to retrieve rules from, such as “LocalMachine” or “ActiveDirectory”.

Examples

Simple Retrieval:

Get-NetFirewallRule

Search by Name:

Get-NetFirewallRule -Name "MyFirewallRule"

Filter by Direction and Action:

Get-NetFirewallRule -Direction Inbound -Action Allow

Complex Query with Multiple Criteria:

Get-NetFirewallRule -DisplayName "*Firewall*" -Group OutboundRules -LocalAddress "192.168.0.1" -RemoteAddress "8.8.8.8"

Common Issues

  • Access Denied: Ensure you have sufficient permissions to retrieve firewall rules.
  • Inconsistent Results: Sometimes, different rule properties might appear differently in PowerShell and GUI interfaces.
  • Rule Not Found: Verify that the rule exists and the search criteria are correct.

Integration

  • Set-NetFirewallRule: Modify existing firewall rules.
  • New-NetFirewallRule: Create new firewall rules.
  • Enable-NetFirewallRule: Enable disabled firewall rules.
  • Disable-NetFirewallRule: Disable enabled firewall rules.
  • Get-NetFirewallPolicy
  • New-NetFirewallPolicy
  • Set-NetFirewallPolicy
  • Remove-NetFirewallPolicy