-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
64b6ec9
commit effd7e6
Showing
1 changed file
with
37 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1 +1,37 @@ | ||
| # Get-Rules-Groups | ||
| # Get-Rules & Groups v1.1 :recycle: :beginner: | ||
| * :diamond_shape_with_a_dot_inside: Dumps ALL ("Allow") **Firewall Rules** from Windows Defender Firewall with Advanced Security. | ||
| * :diamond_shape_with_a_dot_inside: Reconverts them into applicables one through "netsh advfirewall firewall add rule". | ||
| * :diamond_shape_with_a_dot_inside: Will get dumped & converted in: %USERPROFILE%\Rules\FWCommands.txt | ||
| * :diamond_shape_with_a_dot_inside: Prompts user to open the dump/rules location, for analysis/learning/re-apply/backups. | ||
| * :open_file_folder: To-do: Add to extraction/conversion: Deny rules :no_entry: | ||
| * :warning: Packages in rules won't be applied/converted/extracted to rules (to-do) | ||
|
|
||
|  | ||
|
|
||
| ## Instructions: | ||
|
|
||
| * __Right-click the script, run in PowerShell__ :repeat_one: | ||
|
|
||
| > Get-Rules Block :cinema: | ||
| > 1. Creates the Rules folder in %USERPROFILE%\Rules if not present | ||
| > 2. Dumps all "allowed" firewall rules into a textfile at %USERPROFILE%\Rules\FW-Rules.txt | ||
| > 3. Stock the rules into a variable from the file dumped (user can use custom file/path) | ||
| > 4. Parse each rules ending at '(?<=Action: Allow)' | ||
| > 5. Create a .txt of each rules at %USERPROFILE%\Rules\$i.txt | ||
| > 6. Increment until none left | ||
|  | ||
|
|
||
| > Conversion (Rules, Groups) :arrows_counterclockwise: | ||
| > 1. Gets the last item of the rules dumped, then starts the loop until last rule | ||
| > 2. Starting from rule #1, it'll extract all rule's parameters into variables | ||
| > 3. Then create a netsh command to re-enter it as needed, with rule's variables | ||
| > 4. Each set of variables creates a command which is added to a command file | ||
| > 5. Final textfile contains all commands ready to be applied, in the 'netsh' format. | ||
|  | ||
|  | ||
|  | ||
|
|
||
| I created this dumper to easily re-create multiple rules I needed. Be sure to note the packages or you may be missing some stuff, lemme know if anything is wrong! | ||
| With the "Export Policy" option, you can't select which to export/import, (like the predefined firewall rules) you have to overwrite the whole set :x: |