Sunday 21 March 2010

Add-FireWallApplication.ps1

  1.    <# 
  2. .SYNOPSIS 
  3.     This script adds a program to the firewall. 
  4. .DESCRIPTION 
  5.     This script used the firewall com object to add 
  6.     a new application to the firewall.   
  7. .NOTES 
  8.     File Name  : Add-FirewallApplication.ps1 
  9.     Author     : Thomas Lee - tfl@psp.co.uk 
  10.     Requires   : PowerShell Version 2.0 
  11. .LINK 
  12.     This script posted to: 
  13.         http://pshscripts.blogspot.com/2010/03/add-firewallapplicationps1.html
  14.     MSDN Sample posted at: 
  15.         http://msdn.microsoft.com/en-us/library/aa366421%28VS.85%29.aspx 
  16. .EXAMPLE 
  17.     At start of script, authorised applications are: 
  18.  
  19.     Name                            Enabled 
  20.     ----                            ------- 
  21.     Delivery Manager Service           True 
  22.     BitTornado                         True 
  23.     driver                             True 
  24.     driver                             True 
  25.     BitTorrent                         True 
  26.     DNA                                True 
  27.     Microsoft Office OneNote           True 
  28.  
  29.     After adding Notepad - here are authorised applications 
  30.  
  31.    Name                            Enabled 
  32.    ----                            ------- 
  33.     Notepad                           True 
  34.     Delivery Manager Service          True 
  35.     BitTornado                        True 
  36.     driver                            True 
  37.     driver                            True 
  38.     BitTorrent                        True 
  39.     DNA                               True 
  40.     Microsoft Office OneNote          True 
  41. #> 
  42.  
  43. ## 
  44. # Start of script 
  45. ## 
  46.  
  47. # Set constants 
  48. $NET_FW_PROFILE_DOMAIN = 0 
  49. $NET_FW_PROFILE_STANDARD = 1 
  50.  
  51. # Scope 
  52. $NET_FW_SCOPE_ALL = 0 
  53.  
  54. # IP Version - ANY is the only allowable setting for now 
  55. $NET_FW_IP_VERSION_ANY = 2 
  56.  
  57. # Create the firewall manager object. 
  58. $fwMgr = new-object -com HNetCfg.FwMgr 
  59.  
  60. # Get the current profile for the local firewall policy. 
  61. $profile = $fwMgr.LocalPolicy.CurrentProfile 
  62.  
  63. # Display applications available 
  64. "At start of script, authorised applications are:" 
  65. $profile.AuthorizedApplications | ft name, enabled -AutoSize 
  66.  
  67. # Create application to add to firewall 
  68. $app = New-Object -com HNetCfg.FwAuthorizedApplication 
  69. $app.ProcessImageFileName = "C:\windows\notepad.exe" 
  70. $app.Name = "Notepad" 
  71. $app.Scope = $NET_FW_SCOPE_ALL 
  72.  
  73. # Use either Scope or RemoteAddresses, but not both 
  74. # $app.RemoteAddresses = "*" 
  75. $app.IpVersion = $NET_FW_IP_VERSION_ANY 
  76. $app.Enabled = $TRUE 
  77.  
  78. # Use this line if you want to add the app, but disabled. 
  79. # $app.Enabled = FALSE 
  80. $profile.AuthorizedApplications.Add($app
  81.  
  82. # Show applications after addition 
  83. "After adding Notepad - here are authorised applications" 
  84. $profile.AuthorizedApplications | ft name, enabled -AutoSize 
  85. # End of script 

No comments: