windows 如何使用命令检查窗口的防火墙是否启用
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/11351651/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to check window's firewall is enabled or not using commands
提问by JChan
I am adding a windows firewall rule using netsh advfirewall firewallcommand in a setup program. My code is giving an error message if the system has windows firewall disabled.
我正在安装程序中使用netsh advfirewall firewall命令添加 Windows 防火墙规则。如果系统禁用了 Windows 防火墙,我的代码会给出错误消息。
So I need to check the window's firewall status before executing the command netsh advfirewall firewall add. ie, if firewall is disabled, no need to add the rule.
所以我需要在执行命令netsh advfirewall firewall add之前检查窗口的防火墙状态。即,如果防火墙被禁用,则无需添加规则。
I am checking if the firewall is enabled or not by using the window registry value "EnableFirewall".
我正在使用窗口注册表值“ EnableFirewall”检查防火墙是否已启用。
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
I am not sure this is the right way. There can be domain firewall profile(?) also.
我不确定这是正确的方法。也可以有域防火墙配置文件(?)。
Thanks in advance.
提前致谢。
回答by Pr38y
Another option is to use netshitself to check if firewall is enabled or not. Execute the command netsh advfirewall show private|public|domain. It will give the state on/off.
另一种选择是使用netsh自身来检查防火墙是否启用。执行命令netsh advfirewall show private|public|domain。它将打开/关闭状态。
回答by Ayan Mullick
Invoke-Command -ComputerName <servername> -Credential <username> -ScriptBlock {[Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey("LocalMachine",$env:COMPUTERNAME).OpenSubKey("System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile").GetValue("EnableFirewall")}
Invoke-Command -ComputerName <servername> -Credential <username> -ScriptBlock {[Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey("LocalMachine",$env:COMPUTERNAME).OpenSubKey("System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile").GetValue("EnableFirewall")}
1means enabled.
1表示启用。
回答by Robert N
Try this for a Compliance and Non-Compliance check:
试试这个进行合规和不合规检查:
$FirewallStatus = 0
$SysFirewallReg1 = Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile" -Name EnableFirewall | Select-Object -ExpandProperty EnableFirewall
If ($SysFirewallReg1 -eq 1) {
$FirewallStatus = 1
}
$SysFirewallReg2 = Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile" -Name EnableFirewall | Select-Object -ExpandProperty EnableFirewall
If ($SysFirewallReg2 -eq 1) {
$FirewallStatus = ($FirewallStatus + 1)
}
$SysFirewallReg3 = Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile" -Name EnableFirewall | Select-Object -ExpandProperty EnableFirewall
If ($SysFirewallReg3 -eq 1) {
$FirewallStatus = ($FirewallStatus + 1)
}
If ($FirewallStatus -eq 3) {Write-Host "Compliant"}
ELSE {Write-Host "Non-Compliant"}
回答by Erik Oppedijk
Make sure to also check the GPO policies for firewalls, they are not stored in the registry, but in another store, see this question as well: Windows Firewall state different between Powershell output and GUI
确保还检查防火墙的 GPO 策略,它们不存储在注册表中,而是存储在另一个存储中,也请参阅此问题: Powershell 输出和 GUI 之间的 Windows 防火墙状态不同
回答by Garrett
$Compliance = 'Non-Compliant'
$Check = get-netfirewallprofile | Where-Object {$_.Name -eq 'Domain' -and $_.Enabled -eq 'True'}
$Check = get-netfirewallprofile | Where-Object {$_.Name -eq 'Public' -and $_.Enabled -eq 'True'}
$Check = get-netfirewallprofile | Where-Object {$_.Name -eq 'Private' -and $_.Enabled -eq 'True'}
if ($Check) {$Compliance = 'Compliant'}
$Compliance
回答by not2qubit
Written as a one-liner:
写成单行:
if (((Get-NetFirewallProfile | select name,enabled) | where { $_.Enabled -eq $True } | measure ).Count -eq 3) {Write-Host "OK" -ForegroundColor Green} else {Write-Host "OFF" -ForegroundColor Red}
What it does?
它能做什么?
- Iterates through each Firewall settings item:
[Domain, Private, Public] - Check if each item is enabled and set to
TRUE - There are 3 items, so we count all TRUES and compare to 3
- Print Green
OKor RedOFF - NOTusing
netshor registry - Requires a working
NetSecurityModule for the Get-NetFirewallProfilecmdlet.
- 遍历每个防火墙设置项:
[Domain, Private, Public] - 检查每个项目是否已启用并设置为
TRUE - 有 3 个项目,所以我们计算所有 TRUES 并与 3 进行比较
- 打印绿色
OK或红色OFF - 不使用
netsh或注册 - 需要
NetSecurity用于Get-NetFirewallProfilecmdlet的工作模块。
回答by Mike Murray
I just had to do something similar for an environment I took over. I used the below to check state for all three profiles.
我只需要为我接管的环境做一些类似的事情。我使用以下命令检查所有三个配置文件的状态。
invoke-command -computername $computer -scriptblock {
try{ get-netfirewallprofile | select name,enabled }
catch{ netsh advfirewall show all state }
}
the try block will work with server 2012 or windows 8 and newer systems. if that fails when it throws an error about not having the cmdlet that will be caught and instead of giving you an error it will fall back to using netsh to display the information.
try 块将适用于 server 2012 或 windows 8 和更新的系统。如果当它抛出一个关于没有将被捕获的 cmdlet 的错误时失败,并且它不会给你一个错误,它会回退到使用 netsh 来显示信息。
I've used this on server 2008 R2, 2012 R2 and 2016 with good results. Hope it works for you!
我已经在服务器 2008 R2、2012 R2 和 2016 上使用了它,结果很好。希望这对你有用!
回答by user3007585
I am new to this but how ever i used reg query to get the details.
我对此很陌生,但是我如何使用 reg 查询来获取详细信息。
type this in command line and hit enter.
在命令行中输入它并按回车键。
reg query \IP_Address\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
I was using it in my works and also was using the command below.
我在我的作品中使用它,也使用下面的命令。
reg query \ip_address\path
