I'm a little stuck on the documentation for the Firewall cmdlets in Windows server. I am trying to copy the address lists for the remote and local ips from one rule to another. I can get the list using
Get-NetFirewallRule -DisplayName "MSSQL" | Get-NetFirewallAddressFilter
Now I was trying to set this for another rule like this:
Set-NetFirewallAddressFilter -DisplayName "FTP Server (FTP Traffic-In)" | Get-NetFirewallRule -DisplayName "MSSQL" | Get-NetFirewallAddressFilter
This is obviously wrong, as I immediately get an error saying that Set-NetFirewallAddressFilter
does not have a parameter ´Displayname´
When I use Set-NetFirewallRule
instead it does, but there I cannot use a complete object but only Local and Remote Addresses seperately.
Could you help, please?
Update
I have now tried running something like this:
Set-NetFirewallRule -DisplayName "Test" -RemoteAddress |
Get-NetFirewallRule -DisplayName "MSSQL" | Get-NetFirewallAddressFilter | ft Remote
That doesn't work: Set-NetFirewallRule : The address is invalid. Addresses may be specified as IP addresses, ranges, or subnets.
Stuck again…
Best Answer
What you need to do is:
And yes, you can merge a lot of those into a one-liner, but for example I think this will do it:
(and if you have the Windows Firewall with Advanced Security GUI open, refresh it).
I can't see any way around that if it needs them separately. Splatting might make it possible, but that would be a lot more code for effectively the same result. If it really has to be one line (why?) you can do both together with something like:
Your two pipelines both have some really misunderstood bits in them. The first one:
Set-
commandlets don't often return any output, but you pipe as if it would haveGet-
ing the original firewall rule, which is just going to do weird things. It might ignore any pipeline input, or might crash based on it. Either way...Get-
cmdlets would work together to get addresses, but they just output to the screen and would not change anything.The second updated one:
Set-
at the start and gets as far as the RemoteAddres parameter, but then switches (ouch!) to a pipeline, to pipe what ?? intoGet-NetFirewallRule
(same caveat as before)Format-Table
(!) which is a display cmdlet for interactive console use only.It's allllmost right - at a glance it has the look of a PowerShell one-liner, but it's really really broken.
Set-
cmdlets.Get-
s together but don't use the output.:flail:
But it's so close, it would look like:
Encapsulating the
Get-
sub-pipeline in parens()
so you can use the output of it, taking the.RemoteAddress
property, and using that as the value for the-RemoteAddress
parameter toSet-NetFirewallRule
.