- <#
- .SYNOPSIS
- This script gets the status of the host firewall
- and ensures the firewall IS running!
- .DESCRIPTION
- This script gets the status and displays it to the
- console. The script also turns on the firewall if it's
- currently off. It's a simpler script than in MSDN for VBScript!
- .NOTES
- File Name : Get-FirewallStatus.ps1
- Author : Thomas Lee - tfl@psp.co.uk
- Requires : PowerShell Version 2.0
- .LINK
- This script posted to:
- http://pshscripts.blogspot.com/2010/03/get-firewallstatusps1.html
- MSDN Sample posted at:
- http://msdn.microsoft.com/en-us/library/aa366442%28VS.85%29.aspx
- .EXAMPLE
- PSH [C:\foo]: .\Get-FirewallStatus.ps1
- Firewall Enabled : True
- Firewall Exceptions Not Allowed: False
- #>
- ##
- # Start Script
- ##
- # Create the firewall manager object.
- $fwMgr = New-Object -com HNetCfg.FwMgr
- # Get the current profile for the local firewall policy.
- $profile = $fwMgr.LocalPolicy.CurrentProfile
- # Verify that the Firewall is enabled. If it isn't, then enable it.
- if (!$profile.FirewallEnabled)
- {$profile.FirewallEnabled = $TRUE}
- # Display details
- "Firewall Enabled : {0}" -f $profile.FirewallEnabled
- "Firewall Exceptions Not Allowed: {0}" -f $profile.ExceptionsNotAllowed
- # End Script
Tuesday, 23 March 2010
Get-FirewallStatus.ps1
Monday, 22 March 2010
Get-FWAuthorisedApplications.ps1
- <#
- .SYNOPSIS
- This script displays each Firewall Authorised Application
- .DESCRIPTION
- This script gets the list of authorised applications, then
- displays them. This is a re-write of a MSDN Script written in
- VBScript.
- .NOTES
- File Name : Get-FWAuthorisedApplications.ps1
- Author : Thomas Lee - tfl@psp.co.uk
- Requires : PowerShell Version 2.0
- .LINK
- This script posted to:
- http://www.pshscripts.blogspot.com
- MSDN Sample posted at:
- http://msdn.microsoft.com/en-us/library/aa366181%28VS.85%29.aspx
- .EXAMPLE
- PSH [C:\foo]: .\Get-FWAuthorisedApplications.ps1
- 2 Authorised Applications:
- Name: : Delivery Manager Service
- Image Filename : C:\Program Files (x86)\Kontiki\KService.exe
- IP Version : ANY
- Scope : All subnets
- RemoteAddresses: *
- Enabled : True
- Name: : BitTorrent
- Image Filename : C:\Program Files (x86)\BitTorrent\bittorrent.ex
- IP Version : ANY
- Scope : All subnets
- RemoteAddresses: *
- Enabled : True
- #>
- ##
- # Start of script
- ##
- # IP Version Constants
- $NET_FW_IP_VERSION_V4 = 0
- $NET_FW_IP_VERSION_V4_NAME = "IPv4"
- $NET_FW_IP_VERSION_V6 = 1
- $NET_FW_IP_VERSION_V6_NAME = "IPv6"
- $NET_FW_IP_VERSION_ANY = 2
- $NET_FW_IP_VERSION_ANY_NAME = "ANY"
- # Scope constants
- $NET_FW_SCOPE_ALL = 0
- $NET_FW_SCOPE_ALL_NAME = "All subnets"
- $NET_FW_SCOPE_LOCAL_SUBNET = 1
- $NET_FW_SCOPE_LOCAL_SUBNET_NAME = "Local subnet only"
- $NET_FW_SCOPE_CUSTOM = 2
- $NET_FW_SCOPE_CUSTOM_NAME = "Custom Scope (see RemoteAddresses)"
- # Create the firewall manager object
- $fwMgr = new-object -com HNetCfg.FwMgr
- # Get the current profile for the local firewall policy
- $profile = $fwMgr.LocalPolicy.CurrentProfile
- #Display authorised applications
- "{0} Authorised Applications:" -f $profile.AuthorizedApplications.Count
- foreach ($app in $profile.AuthorizedApplications) {
- " Name: : {0}" -f $app.Name
- " Image Filename : {0}" -f $app.ProcessImageFileName
- switch ($app.IpVersion) {
- $NET_FW_IP_VERSION_V4 {" IP Version : {0}" -f $NET_FW_IP_VERSION_V4_NAME}
- $NET_FW_IP_VERSION_V6 {" IP Version : {0}" -f $NET_FW_IP_VERSION_V6_NAME}
- $NET_FW_IP_VERSION_ANY {" IP Version : {0}" -f $NET_FW_IP_VERSION_ANY_NAME}
- }
- switch ($app.Scope) {
- $NET_FW_SCOPE_ALL {" Scope : {0}" -f $NET_FW_SCOPE_ALL_NAME}
- $NET_FW_SCOPE_LOCAL_SUBNET {" Scope : {0}" -f $NET_FW_SCOPE_LOCAL_SUBNET_NAME}
- $NET_FW_SCOPE_CUSTOM {" Scope : {0}" -f $NET_FW_SCOPE_CUSTOM_NAME}
- }
- " RemoteAddresses: {0}" -f $app.RemoteAddresses
- " Enabled : {0}" -f $app.Enabled
- ""
- }
Sunday, 21 March 2010
Add-FireWallApplication.ps1
- <#
- .SYNOPSIS
- This script adds a program to the firewall.
- .DESCRIPTION
- This script used the firewall com object to add
- a new application to the firewall.
- .NOTES
- File Name : Add-FirewallApplication.ps1
- Author : Thomas Lee - tfl@psp.co.uk
- Requires : PowerShell Version 2.0
- .LINK
- This script posted to:
- http://pshscripts.blogspot.com/2010/03/add-firewallapplicationps1.html
- MSDN Sample posted at:
- http://msdn.microsoft.com/en-us/library/aa366421%28VS.85%29.aspx
- .EXAMPLE
- At start of script, authorised applications are:
- Name Enabled
- ---- -------
- Delivery Manager Service True
- BitTornado True
- driver True
- driver True
- BitTorrent True
- DNA True
- Microsoft Office OneNote True
- After adding Notepad - here are authorised applications
- Name Enabled
- ---- -------
- Notepad True
- Delivery Manager Service True
- BitTornado True
- driver True
- driver True
- BitTorrent True
- DNA True
- Microsoft Office OneNote True
- #>
- ##
- # Start of script
- ##
- # Set constants
- $NET_FW_PROFILE_DOMAIN = 0
- $NET_FW_PROFILE_STANDARD = 1
- # Scope
- $NET_FW_SCOPE_ALL = 0
- # IP Version - ANY is the only allowable setting for now
- $NET_FW_IP_VERSION_ANY = 2
- # Create the firewall manager object.
- $fwMgr = new-object -com HNetCfg.FwMgr
- # Get the current profile for the local firewall policy.
- $profile = $fwMgr.LocalPolicy.CurrentProfile
- # Display applications available
- "At start of script, authorised applications are:"
- $profile.AuthorizedApplications | ft name, enabled -AutoSize
- # Create application to add to firewall
- $app = New-Object -com HNetCfg.FwAuthorizedApplication
- $app.ProcessImageFileName = "C:\windows\notepad.exe"
- $app.Name = "Notepad"
- $app.Scope = $NET_FW_SCOPE_ALL
- # Use either Scope or RemoteAddresses, but not both
- # $app.RemoteAddresses = "*"
- $app.IpVersion = $NET_FW_IP_VERSION_ANY
- $app.Enabled = $TRUE
- # Use this line if you want to add the app, but disabled.
- # $app.Enabled = FALSE
- $profile.AuthorizedApplications.Add($app)
- # Show applications after addition
- "After adding Notepad - here are authorised applications"
- $profile.AuthorizedApplications | ft name, enabled -AutoSize
- # End of script
Saturday, 20 March 2010
Get-OutlookStores.ps1
- <#
- .SYNOPSIS
- This script uses the Outlook COM object to
- display the data stores in the current profile
- .DESCRIPTION
- This script creates an Outlook object, displays
- user information, and the stores currently
- attached to the profile.
- .NOTES
- File Name : Get-OutlookStores.ps1
- Author : Thomas Lee - tfl@psp.co.uk
- Requires : PowerShell Version 2.0
- .LINK
- This script posted to:
- http://www.pshscripts.blogspot.com
- .EXAMPLE
- PSH [C:\foo]: .\Get-OutlookStores.ps1'
- Current profile has the following configured accounts:
- Account Type User Name SMTP Address
- ------------ --------- ------------
- Microsoft Exchange Thomas.Lee Thomas.Lee@cookham.net
- thomas_lee@hotmail.com Thomas Lee (MSN) thomas_lee@hotmail.com
- Exchange Offile Folder Store:
- C:\Users\tfl\AppData\Local\Microsoft\Outlook\outlook0.ost
- PST Files
- Display Name File Path
- ------------ ---------
- Archive Folders C:\Users\tfl\AppData\Local\Microsoft\Outlook\archive.pst
- #>
- ##
- # Begin Script
- ##
- # Create Outlook object
- $Outlook = New-Object -ComObject Outlook.Application
- $stores = $Outlook.Session.Stores
- $accounts = $outlook.session.accounts
- # Basic information
- "Current profile has the following configured accounts:"
- $dn = @{label = "Account Type"; expression={$_.displayname}}
- $un = @{label = "User Name"; expression = {$_.username}}
- $sm = @{label = "SMTP Address"; expression = {$_.smtpaddress}}
- $accounts | Format-Table -AutoSize $dn,$un,$sm
- # Check number of stores > 0
- if ($stores.Count -le 0) {"No stores found"; return}
- # Outlook Off-Line folder store
- $ost = $stores | where{$_.filepath -match ".ost$"}
- if (!$ost)
- {
- "No Outlook Offline Folder store found"
- }
- else
- {
- "Exchange Offile Folder Store:"
- $ost | ft filepath -HideTableHeaders
- }
- # PST Files
- $pst = $stores | where {$_.filepath -match ".pst$"}
- if (!$pst)
- {
- "No PST files found"
- }
- else
- {
- "PST Files"
- $dn = @{label = "Display Name"; expression={$_.displayname}}
- $fn = @{label = "File Path"; expression={$_.filepath}}
- $pst | ft $dn,$fn
- }
- # End Script
Thursday, 18 March 2010
Enable-ICMP.ps1
- <#
- .SYNOPSIS
- This script Enables ICMP on the Standard Firewall profile.
- .DESCRIPTION
- This script creates a Firewall object then configures it.
- .NOTES
- File Name : Enable-ICMP.ps1
- Author : Thomas Lee - tfl@psp.co.uk
- Requires : PowerShell Version 2.0
- .LINK
- This script posted to:
- http://www.pshscripts.blogspot.com
- MSDN Sample posted at:
- http://
- .EXAMPLE
- PSH [C:\foo]: . 'E:\PowerShellScriptLib\COM\HNetCfg.FwMgr\Enable-ICMP.ps1'
- AllowOutboundDestinationUnreachable : False
- AllowRedirect : False
- AllowInboundEchoRequest : False
- AllowOutboundTimeExceeded : False
- AllowOutboundParameterProblem : False
- AllowOutboundSourceQuench : False
- AllowInboundRouterRequest : False
- AllowInboundTimestampRequest : False
- AllowInboundMaskRequest : False
- AllowOutboundPacketTooBig : True
- After Script ran:
- AllowOutboundDestinationUnreachable : False
- AllowRedirect : False
- AllowInboundEchoRequest : True
- AllowOutboundTimeExceeded : False
- AllowOutboundParameterProblem : False
- AllowOutboundSourceQuench : False
- AllowInboundRouterRequest : False
- AllowInboundTimestampRequest : False
- AllowInboundMaskRequest : False
- AllowOutboundPacketTooBig : True
- #>
- ##
- # Start of script
- ##
- # Set strict mode
- Set-StrictMode -Version 2.0
- # Set Constants
- $NET_FW_PROFILE_DOMAIN = 0
- $NET_FW_PROFILE_STANDARD = 1
- # Create the firewall manager object.
- $fwMgr = New-Object -com HNetCfg.FwMgr
- # Get the current profile for the local firewall policy.
- $profile = $fwMgr.LocalPolicy.GetProfileByType($NET_FW_PROFILE_STANDARD)
- # Display current ICMP settings
- $Profile.IcmpSettings
- # Now set it to True
- $profile.IcmpSettings.AllowInboundEchoRequest = $True
- # Use this line if you want to disable the setting.
- #profile.IcmpSettings.AllowInboundEchoRequest = $FALSE
- # Display it again
- "After Script ran: "
- $Profile.IcmpSettings
- # End Script
New-ExcelWorkbook.ps1
- <#
- .SYNOPSIS
- This script creates an Excel workbook using PowerShell
- .DESCRIPTION
- This script demonstrates manipulating Excell with PowerShell
- and the Excel.Application COM object.
- .NOTES
- File Name : New-ExcelWorkbook.ps1
- Author : Thomas Lee - tfl@psp.co.uk
- Requires : PowerShell Version 2.0
- .LINK
- This script posted to:
- http://pshscripts.blogspot.com/2010/03/new-excelworkbookps1.html
- MSDN Sample posted at:
- http://msdn.microsoft.com/en-us/library/bb211359.aspx
- .EXAMPLE
- Run it and see one!
- #>
- ##
- # Start of Script
- ##
- # Then we create and save a sample worksheet
- # Create Excel object
- $excel = new-object -comobject Excel.Application
- # Make Excel visible
- $excel.visible = $true
- # Create a new workbook
- $workbook = $excel.workbooks.add()
- # The default workbook has three sheets, remove 2
- $S2 = $workbook.sheets | where {$_.name -eq "Sheet2"}
- $s3 = $workbook.sheets | where {$_.name -eq "Sheet3"}
- $s2.delete()
- $s3.delete()
- # Get sheet and update sheet name
- $s1 = $workbook.sheets | where {$_.name -eq 'Sheet1'}
- $s1.name = "PowerShell Sample"
- # Update workook properties
- $workbook.author = "Thomas Lee - tfl@psp.co.uk"
- $workbook.title = "Excel and PowerShell rock!"
- $workbook.subject = "Demonstrating the Power of PowerShell with Excel"
- # Next update some cells in the worksheet 'PowerShell Sample'
- $s1.range("A1:A1").cells="Cell a1"
- $s1.range("A2:A2").cells="A2"
- $s1.range("b1:b1").cells="Cell B1"
- $s1.range("b2:b2").cells="b2"
- # now make a sum
- $s1.range("E1:E2").cells="Widgets"
- $s1.range("E2:E2").cells=2
- $s1.range("E3:E3").cells=2
- $s1.range("E4:E4").cells=38
- $s1.range("D5:D5").cells="Total"
- $s1.range("E5:E5").cells.formula = "=sum(e2,E4)"
- # And save it away:
- $s1.saveas("c:\foo\xlsx3.xlsx")
- # end of script
Wednesday, 17 March 2010
Enable-FirewallPort2.ps1
- <#
- .SYNOPSIS
- This script creates a rule in the Windows Host Firewall.
- .DESCRIPTION
- This script creates a new firewall rule for
- port 80 over tcp (i.e. 80).
- .NOTES
- File Name : Enable-FirewallPort.ps1
- Author : Thomas Lee - tfl@psp.co.uk
- Requires : PowerShell Version 2.0
- .LINK
- This script posted to:
- http://pshscripts.blogspot.com/2010/03/enable-firewallport2ps1.html
- MSDN Sample posted at:
- http://msdn.microsoft.com/en-us/library/aa366423%28VS.85%29.aspx
- .EXAMPLE
- PSH [C:\foo]: .\Enable-FirewallPort.ps1
- Before Script Runs:
- Name IpVersion Protocol Port Scope RemoteAddresses Enabled
- ---- --------- -------- ---- ----- --------------- -------
- HTTPS 2 6 443 0 * True
- driver 2 6 8085 0 * True
- driver 2 6 8085 0 * True
- After Script Runs:
- Name IpVersion Protocol Port Scope RemoteAddresses Enabled
- ---- --------- -------- ---- ----- --------------- -------
- HTTP 2 6 80 0 * True
- HTTPS 2 6 443 0 * True
- driver 2 6 8085 0 * True
- driver 2 6 8085 0 * True
- #>
- ##
- # Start Script
- ##
- # Set Strict Mode
- Set-Strictmode -Version 2.0
- # Set Constants
- $NET_FW_IP_PROTOCOL_UDP = 17
- $NET_FW_IP_PROTOCOL_TCP = 6
- # Create the firewall manager object.
- $fwMgr = New-Object -COM HNetCfg.FwMgr
- # Get the current profile for the local firewall policy.
- $profile = $fwMgr.LocalPolicy.CurrentProfile
- # Display it
- "Before Script Runs:"
- $profile.GloballyOpenPorts | `
- ft name, ipversion, protocol, port, scope, remoteaddresses, enabled -auto
- # Now add Port 80
- $port = New-Object -COM HNetCfg.FWOpenPort
- $port.Name = "HTTP"
- $port.Protocol = $NET_FW_IP_PROTOCOL_TCP
- $port.Port = 80
- # If using RemoteAddresses, don't use Scope
- # "*" means Scope of Any. Other entries are ignored if this is specified.
- # "LocalSubnet" means Scope of Local Subnet. Can be used with other addresses as well.
- $port.RemoteAddresses = "*"
- # Use this line to scope the port to Local Subnet only
- #$port.RemoteAddresses = "LocalSubnet"
- #Use this line to scope the port to the specific IP 10.1.1.1, the specific subnet 12.5.0.0, and Local Subnet. Don't put spaces.
- #port.RemoteAddresses = "LocalSubnet,10.1.1.1/255.255.255.255,12.5.0.0/255.255.0.0"
- $port.Enabled = $TRUE
- #Use this line instead if you want to add the port, but disabled
- #port.Enabled = FALSE
- # Now add the port
- $profile.GloballyOpenPorts.Add($port)
- # Print Results
- " After Script Runs:"
- $profile = $fwMgr.LocalPolicy.CurrentProfile
- $profile.GloballyOpenPorts | `
- ft name, ipversion, protocol, port, scope, remoteaddresses, enabled -auto
- # End of script
Tuesday, 16 March 2010
Set-ProgrammerAlias.ps1
- <#
- .SYNOPSIS
- This script creates a function to set aliases for all Cmdlets which omit the '-'
- .DESCRIPTION
- This script defines a function which uses Get-Command to find all
- cmdlets. For each of them, it then creates an alias which omits
- the "-". This function was oritinally written by Jeffrey Snover for
- Monad back in the day, but I updated it slightly for PowerShell V2.
- Updated after a comment to be a tad shorter.
- .NOTES
- File Name : Set-ProgrammerAlias.ps1
- Author : Jeffrey Snover - jsnover@microsoft.com
- Updated by : Thomas Lee - tfl@psp.co.uk
- Requires : PowerShell Version 2.0
- .LINK
- This script posted to:
- http://www.pshscripts.blogspot.com
- #>
- ##
- # Start of Script
- function Set-ProgrammerAlias {
- get-command -Com Cmdlet | % {set-alias $($_.Verb + $_.Noun) $_.Name}
- }
Friday, 5 March 2010
Enable-FWPort.ps1
- <#
- .SYNOPSIS
- This script enables then disables the SMTP port on a local system
- .DESCRIPTION
- This script first creates a FW object, then creates a port. The
- script then addes that port to the firewall rules. The script
- finally removes the port. The script also prints before/after
- results.
- .NOTES
- File Name : Enable-FWPort.ps1
- Author : Thomas Lee - tfl@psp.co.uk
- Requires : PowerShell Version 2.0
- .LINK
- This script posted to:
- http://www.pshscripts.blogspot.com
- MSDN Sample posted at:
- http://msdn.microsoft.com/en-us/library/aa366425(VS.85).aspx
- #>
- ##
- # Start of Script
- ##
- # Define Constants
- $NET_FW_IP_PROTOCOL_UDP = 17
- $NET_FW_IP_PROTOCOL_TCP = 6
- $NET_FW_SCOPE_ALL = 0
- # Create FW objecct
- $fwMgr = new-object -com HNetCfg.FwMgr
- # Get current profile
- $profile = $fwMgr.LocalPolicy.CurrentProfile
- # Display ports open:
- $profile.GloballyOpenPorts | ft name,port,enabled -auto
- # Create Port object
- $port = New-Object -com HNetCfg.FWOpenPort
- $port.Name = "SMTP"
- $port.Port = 25
- $port.Protocol = $NET_FW_IP_PROTOCOL_TCP
- $port.Scope = $NET_FW_SCOPE_ALL
- # Enable the port
- $port.Enabled = $True
- $profile.GloballyOpenPorts.Add($port)
- # Display results
- $profile.GloballyOpenPorts | ft name,port,enabled -auto
- # now remove the port
- $profile.GloballyOpenPorts.remove($port.port,$NET_FW_IP_PROTOCOL_TCP)
- # Display results
- $profile.GloballyOpenPorts | ft name,port,enabled -auto
- # End of script
Subscribe to:
Posts (Atom)