none
hNetCfg Library in powershell. How to get some lack info of hnetcfg.fwpolicy2? RRS feed

  • Question

  • Hi, i'm new beginner with powershell and hnetcfg library. I used command: 

    $fw = New-Object -ComObject hnetcfg.fwpolicy2
    $fw | Get-Member
    $fw.Rules

    and it return almost information i want : name, desc, protocol, lport, rPort... but it lack some information like AllowedUser, AllowedAddress, Override that i saw in "Windows Firewall with Advanced Security". Can anyone give me some idea that how can get allowedaddress, alloweduser,... I used window 2k8 R2.

    Thanks for your support.


    • Edited by Boo_Bullet Monday, March 17, 2014 4:44 AM
    Monday, March 17, 2014 4:42 AM

Answers

All replies

  • $fwmgr=New-Object -Com HNetCfg.FwMgr 
    $cp=$fwmgr.LocalPolicy.CurrentProfile
    $cp | gm
    
    


    ¯\_(ツ)_/¯

    Monday, March 17, 2014 5:21 AM
  • Thanks jrv but i try your command and all attribute in $cp (AuthorizedApplications, ExceptionsNotAllowed, ...) but got nothing like information of AllowedUser/Computers, ...

    Can you give me some better ideas or help me to specific what i need in  your previous command?

    Sorry if it bother you because i'm noob.

    Monday, March 17, 2014 6:22 AM
  • You have to run elevated and it won't work on pre-vista systems.


    ¯\_(ツ)_/¯

    Monday, March 17, 2014 6:26 AM
    • Marked as answer by Boo_Bullet Tuesday, March 18, 2014 4:39 AM
    Monday, March 17, 2014 6:32 AM
  • Thanks jrv. Now i'm running its on Win 2k8 R2 with powershell 2.0

    Does this command require higher version of powershell like 3.0 or 4.0?

    Monday, March 17, 2014 6:43 AM
  • W2008R2 -  You must run elevated!

    PS C:\scripts> $fwmgr=New-Object -Com HNetCfg.FwMgr
    PS C:\scripts> $cp=$fwmgr.LocalPolicy.CurrentProfile
    PS C:\scripts> $cp | gm


       TypeName: System.__ComObject#{174a0dda-e9f9-449d-993b-21ab667ca456}

    Name                                         MemberType Definition
    ----                                         ---------- ----------
    AuthorizedApplications                       Property   INetFwAuthorizedApplications AuthorizedApplications () {get}
    ExceptionsNotAllowed                         Property   bool ExceptionsNotAllowed () {get} {set}
    FirewallEnabled                              Property   bool FirewallEnabled () {get} {set}
    GloballyOpenPorts                            Property   INetFwOpenPorts GloballyOpenPorts () {get}
    IcmpSettings                                 Property   INetFwIcmpSettings IcmpSettings () {get}
    NotificationsDisabled                        Property   bool NotificationsDisabled () {get} {set}
    RemoteAdminSettings                          Property   INetFwRemoteAdminSettings RemoteAdminSettings () {get}
    Services                                     Property   INetFwServices Services () {get}
    Type                                         Property   NET_FW_PROFILE_TYPE_ Type () {get}
    UnicastResponsesToMulticastBroadcastDisabled Property   bool UnicastResponsesToMulticastBroadcastDisabled () {get} {...


    PS C:\scripts>


    ¯\_(ツ)_/¯

    Monday, March 17, 2014 6:47 AM
  • I run your previous command and its return same with your post and i don't really know what mean of "elevated!".

    PS C:\Users\Administrator> $fwmgr=New-Object -Com HNetCfg.FwMgr
    $cp2=$fwmgr.LocalPolicy.CurrentProfile
    $cp2 | gm




       TypeName: System.__ComObject#{174a0dda-e9f9-449d-993b-21ab667ca456}

    Name                                         MemberType Definition                                                       
    ----                                         ---------- ----------                                                       
    AuthorizedApplications                       Property   INetFwAuthorizedApplications AuthorizedApplications () {get}     
    ExceptionsNotAllowed                         Property   bool ExceptionsNotAllowed () {get} {set}                         
    FirewallEnabled                              Property   bool FirewallEnabled () {get} {set}                              
    GloballyOpenPorts                            Property   INetFwOpenPorts GloballyOpenPorts () {get}                       
    IcmpSettings                                 Property   INetFwIcmpSettings IcmpSettings () {get}                         
    NotificationsDisabled                        Property   bool NotificationsDisabled () {get} {set}                        
    RemoteAdminSettings                          Property   INetFwRemoteAdminSettings RemoteAdminSettings () {get}           
    Services                                     Property   INetFwServices Services () {get}                                 
    Type                                         Property   NET_FW_PROFILE_TYPE_ Type () {get}                               
    UnicastResponsesToMulticastBroadcastDisabled Property   bool UnicastResponsesToMulticastBroadcastDisabled () {get} {set}


    I try all property in this command like AuthorizedApplications, ExceptionsNotAllowed,.... but its not return what i need. Anyway tks for answer and i will follow article msdn in your post.

    Tuesday, March 18, 2014 2:05 AM
  • "Run elevated" means that you must right-click the PowerShell icon and choose "Run as administrator." When UAC is enabled, simply being a member of the local Administrators group isn't enough. You have to right-click and specifically choose "Run as administrator."


    -- Bill Stewart [Bill_Stewart]

    Tuesday, March 18, 2014 3:22 AM
    Moderator
  • Yes, i choose: "Run as administrator." but nothing different and i still can't get information of Allowed User / Allowed Computer like in "Windows Firewall with Advanced Security"
    Tuesday, March 18, 2014 4:16 AM
  • Yes, i choose: "Run as administrator." but nothing different and i still can't get information of Allowed User / Allowed Computer like in "Windows Firewall with Advanced Security"

    Sorry but you will have to start here: http://msdn.microsoft.com/en-us/library/windows/desktop/aa364701(v=vs.85).aspx

    You will need to learn how to use the Firewall management API.  It is a complex API but you will figure it out if you have any background in how firewalls and networks work.  It is not a friendly PI.  It is written at a network level for network engineers and admins to use.  It is not an end user API.

    I have used it in the past but it has been a while.  It took me an hour or more to understand how to use it.  The documentation I posted is better than what I had to work with.


    ¯\_(ツ)_/¯

    Tuesday, March 18, 2014 4:36 AM
  • Yeah i still reading this and try to find more clue on net too. forgot to mark it as answer :)
    Tuesday, March 18, 2014 4:41 AM