A firewall is the primary defense against attack from the outside world or from inside. Firewall is used as data center firewall and perimeter firewall to protect the data and infrastructure of any organization. We also have firewall module in the client and server operating system which we use and this also has to be configured to make sure only the desired traffic goes through.
This article is to demonstrate how to set firewall rule in Windows Operating System using PowerShell.
Windows Firewall has three profiles:
- Domain Profile: Applies to networks where the host system can authenticate to a domain controller
- Private Profile: User assigned profile used to designate private or home networks
- Public Profile: Used to designate public networks, Wi-Fi hotspots etc.
Requirement: Block web access to ADSL modem portal
The requirement is to block ADSL modem web portal for the user. For that we need to create an outbound firewall rule to the modem IP address to port 80 (i.e. to block http traffic)
Step 1: Create a Firewall Rule
New-NetFirewallRule -Name BlockModem_Rule -DisplayName BlockModem_Rule
This will create a rule “BlockModem_Rule” in the inbound rules(default as we have not mentioned the direction)
Step 2: Set the direction
Get-NetFirewallRule -DisplayName BlockModem_Rule | Set-NetFirewallRule -Direction Outbound
This will set the rule as outbound rule
Step 3: Set destination IP address to the rule
Get-NetFirewallRule -DisplayName BlockModem_Rule | Set-NetFirewallRule -RemoteAddress 192.168.1.1
Step 4: Set protocol and destination port
Get-NetFirewallRule -DisplayName BlockModem_Rule | Set-NetFirewallRule -Protocol tcp -RemotePort 80
Step 5: Set the rule action to block the traffic
Get-NetFirewallRule -DisplayName BlockModem_Rule | Set-NetFirewallRule -Action Block
This will block the traffic which matches to the firewall rule “BlockModem_Rule”
After setting the firewall rule, we will not be able to browse the modem web portal @ http://192.168.1.1/
Firewall Rule in one line
The same firewall rule as one-liner
New-NetFirewallRule -Name BlockModem_Rule -DisplayName BlockModem_Rule ` -Enabled True -Direction Outbound -Profile Any -Action Block ` -RemoteAddress 192.168.1.1 -Protocol tcp -RemotePort 80
Disable Firewall rule
Get-NetFirewallRule -DisplayName BlockModem_Rule | Set-NetFirewallRule -Enabled False
Delete Firewall rule
Find and remove the firewall rule: BlockModem_Rule
Get-NetFirewallRule -DisplayName BlockModem_Rule | Remove-NetFirewallRule
Thank you for reading this article. Hope this is helpful to you.