Set NetFirewallRule - PowerShell

Overview

The Set-NetFirewallRule command modifies a firewall rule on the local or specified computer. It allows administrators to configure settings related to the rule, such as its name, description, protocol, local and remote ports, action, direction, and profile.

Syntax

Set-NetFirewallRule [-Name] <string> [-Description] <string> [-DisplayName] <string> [-LocalPort] <int[]> [-RemotePort] <int[]> [-Protocol] <string> [-Action] <string> [-Direction] <string> [-Profile] <string[]> [-Enabled] <boolean> [-Group] <string> [-DisplayGroup] <string> [-RemoteAddress] <string[]> [-EdgeTraversalPolicy] <string>

Options/Flags

  • -Name: Specifies the name of the firewall rule to modify.
  • -Description: Provides a description for the firewall rule.
  • -DisplayName: Sets the display name for the firewall rule.
  • -LocalPort: Defines the local port or port range affected by the rule.
  • -RemotePort: Specifies the remote port or port range affected by the rule.
  • -Protocol: Indicates the IP protocol type for the rule (e.g., TCP, UDP).
  • -Action: Determines the action taken when the rule is matched (e.g., Allow, Block).
  • -Direction: Specifies the direction of traffic that the rule applies to (e.g., Inbound, Outbound).
  • -Profile: Defines the network profile(s) where the rule is active (e.g., Domain, Public).
  • -Enabled: Enables or disables the firewall rule.
  • -Group: Sets the security group associated with the firewall rule.
  • -DisplayGroup: Specifies the display group for the firewall rule.
  • -RemoteAddress: Defines the remote IP address(es) or address ranges affected by the rule.
  • -EdgeTraversalPolicy: Configures the Edge traversal policy for the rule (e.g., AllowAll, BlockAll).

Examples

Example 1: Modifying an Existing Firewall Rule

Set-NetFirewallRule -Name "MyFirewallRule" -Description "Updated Description" -Enabled $true

Example 2: Creating a New Firewall Rule with Specific Ports and Protocol

Set-NetFirewallRule -Name "NewFirewallRule" -DisplayName "HTTP Rule" -LocalPort 80 -Protocol TCP -Action Allow -Direction Inbound

Common Issues

  • Error: “The firewall rule does not exist”: Ensure that the specified rule name exists before modifying it.
  • Error: “Access denied”: Run PowerShell as an administrator to modify firewall rules.
  • Error: “Invalid port range”: Specify valid port ranges for -LocalPort and -RemotePort.

Integration

  • Get-NetFirewallRule: Retrieves firewall rules for further processing or comparisons.
  • New-NetFirewallRule: Creates a new firewall rule, which can be modified using Set-NetFirewallRule.
  • Enable-NetFirewallRule, Disable-NetFirewallRule: Modify the state of a firewall rule.