Modifying Firewall Rules

Yesterday I was momentarily opening port 80 in my computer to test Sitecore.Ship from a remote location when I found a whole bunch of interesting entries in my Inbound Firewall rules

firewall HP rules

I guess all of that is in use when I invoke a scanning job from the printer itself. However, I don't understand why they are all set for Profile All ; I am only going to use the scanner when I am home connected to my network. I decided to change the Profile to Private. Except it was a very tedious task using the UI. Open the properties of each one, find the correct tab... not a job for me.

Instead I opened powershell and discovered all the commands to modify the firewall rules are there.

PS C:\> Get-Command -Noun NetFirewallRule

CommandType     Name                                               Version    Source  
-----------     ----                                               -------    ------                                   
Function        Copy-NetFirewallRule                         NetSecurity  
Function        Disable-NetFirewallRule                      NetSecurity  
Function        Enable-NetFirewallRule                       NetSecurity  
Function        Get-NetFirewallRule                          NetSecurity  
Function        New-NetFirewallRule                          NetSecurity  
Function        Remove-NetFirewallRule                       NetSecurity  
Function        Rename-NetFirewallRule                       NetSecurity  
Function        Set-NetFirewallRule                          NetSecurity  
Function        Show-NetFirewallRule                         NetSecurity                              

First I tried to get a list of the rules and Show-NetFirewallRule did the job.

Luckily HP has made my life easier by prepending 'hp' to all the rules. So next, I put the rules through a pipeline using the Where-Object commandlet (shortened to where below) to only show those that match a particular regular expression.

Show-NetFirewallRule | where {$_.DisplayName -match "^hp.*"}  

The list is a bit difficult to read - so let's just get the DisplayName so we make sure we have the right ones.

Show-NetFirewallRule | where {$_.DisplayName -match "^hp.*"} | select DisplayName  

That seems right. Now the easiest part, just change the Profile name and we are done. Fortunately the Set-NetFirewallRule command accepts a rule object as pipeline parameter. So all we need to do is

Show-NetFirewallRule | where {$_.DisplayName -match "^hp.*"} | Set-NetFirewallRule -Profile Private  

Except I get a whole list of errors because I need to do this as Admin. It seems a very legitimate requirement! Open an admin powershell console (in my case just Microsoft + X, A) execute again the last command and all done!