A firewall is the primary defense against attack from the outside world or from inside. Firewall is used as data center firewall and perimeter firewall to protect the data and infrastructure of any organization. We also have firewall module in the client and server operating system which we use and this also has to be configured to make sure only the desired traffic goes through.

This article is to demonstrate how to set firewall rule in Windows Operating System using PowerShell.

Windows Firewall has three profiles:

  • Domain Profile: Applies to networks where the host system can authenticate to a domain controller
  • Private Profile: User assigned profile used to designate private or home networks
  • Public Profile: Used to designate public networks, Wi-Fi hotspots etc.

Requirement: Block web access to ADSL modem portal

The requirement is to block ADSL modem web portal for the user. For that we need to create an outbound firewall rule to the modem IP address to port 80 (i.e. to block http traffic)

Step 1: Create a Firewall Rule

New-NetFirewallRule -Name BlockModem_Rule -DisplayName BlockModem_Rule

This will create a rule “BlockModem_Rule” in the inbound rules(default as we have not mentioned the direction)

Step 2: Set the direction 

Get-NetFirewallRule -DisplayName BlockModem_Rule | Set-NetFirewallRule -Direction Outbound

This will set the rule as outbound rule

Step 3: Set destination IP address to the rule

Get-NetFirewallRule -DisplayName BlockModem_Rule | Set-NetFirewallRule -RemoteAddress 192.168.1.1

Step 4: Set protocol and destination port

Get-NetFirewallRule -DisplayName BlockModem_Rule | Set-NetFirewallRule -Protocol tcp -RemotePort 80

Step 5: Set the rule action to block the traffic

Get-NetFirewallRule -DisplayName BlockModem_Rule | Set-NetFirewallRule  -Action Block

This will block the traffic which matches to the firewall rule “BlockModem_Rule”

The rule icon changed from GREEN tick to RED block

Result:

After setting the firewall rule, we will not be able to browse the modem web portal @ http://192.168.1.1/

Firewall Rule in one line

The same firewall rule as one-liner

New-NetFirewallRule -Name BlockModem_Rule -DisplayName BlockModem_Rule `
-Enabled True -Direction Outbound -Profile Any -Action Block `
-RemoteAddress 192.168.1.1 -Protocol tcp -RemotePort 80

Disable Firewall rule

Get-NetFirewallRule -DisplayName BlockModem_Rule | Set-NetFirewallRule -Enabled False

Delete Firewall rule

Find and remove the firewall rule: BlockModem_Rule

Get-NetFirewallRule -DisplayName BlockModem_Rule | Remove-NetFirewallRule

Thank you for reading this article. Hope this is helpful to you.