PowerShell: Creating a New Firewall Rule

In this blog post, we’ll guide you through the process of creating a new firewall rule using PowerShell. Elevate your network management game with this step-by-step tutorial.

Why Create a New Firewall Rule?

Firewalls play a crucial role in safeguarding your systems against unauthorized access and potential security threats. By creating a new firewall rule, you gain control over incoming and outgoing network traffic, ensuring a secure and well-defined network environment.

Step 1: Identify the Rule Parameters

Before diving into PowerShell, it’s essential to identify the parameters for your new firewall rule. Key details include:

Rule Name: A descriptive name for easy identification.
Direction: Specify if the rule is for inbound or outbound traffic.
Action: Decide whether to allow or block the specified traffic.
Protocol: Determine the communication protocol (TCP, UDP, etc.).
Port: Specify the port number for the rule.
Program Path (If needed): Define the path to the executable file if the rule is program-specific.

Step 2: Open PowerShell as Administrator

To create a new firewall rule, you need administrative privileges. Right-click on the PowerShell icon and select “Run as Administrator” to open an elevated PowerShell session.

Opening PowerShell as Administrator even a common reminder even for experienced Windows Administrators!

Step 3: Use the New-NetFirewallRule Cmdlet

The New-NetFirewallRule cmdlet is a quick way to create a new firewall rule in PowerShell.

Here’s an example of adding a new rule for a SQL Server:

# New firewall rule (run PowerShell as administrator)
$ruleDisplayName = "Allow Inbound SQL (1433)"

if (-not (Get-NetFirewallRule -DisplayName $ruleDisplayName -ErrorAction SilentlyContinue)) { 
    New-NetFirewallRule `
        -DisplayName $ruleDisplayName `
        -Direction Inbound `
        -Protocol TCP `
        -LocalPort 1433 `
        -Action Allow

    Write-Host "Firewall rule '$ruleDisplayName' created successfully."
} else {
    Write-Host "Firewall rule '$ruleDisplayName' already exists."
}
PowerShell New Firewall Rule

Step 4: Verify and Manage Rules

To view your newly created rule, use the Get-NetFirewallRule cmdlet:

# Show new firewall rule
Get-NetFirewallRule -DisplayName "Allow Inbound SQL - 1433"
PowerShell Get-NetFirewallRule

Additionally, you can modify or remove rules using Set-NetFirewallRule and Remove-NetFirewallRule respectively.

Conclusion

Creating a new firewall rule in PowerShell is a fundamental skill for network administrators. By leveraging the power of PowerShell, you gain efficient control over your network traffic.

You may also need more than local firewall rule changes for your network tests to be successful. If in a corporate environment, you’ll likely be behind more than one firewall, and to allow a new network flow you should submit a request to the network team.

Hope this guide helps!

One thought on “PowerShell: Creating a New Firewall Rule

Leave a Reply

Your email address will not be published. Required fields are marked *