by Peter Rodriguez

The following cmdlet lists current firewalls configured on your system:

Get-netfirewallrule | ft name, displaygroup, action, direction -wrap


The output below shows the rule’s Name, DisplayGroup, Action and Direction. Keep in mind that this example represents an abbreviated list.


Where the Firewall Logs are located

There should be a log for each firewall profile, i.e. Public, Private and Domain, which you can find using the following cmdlet:

Get-netfirewallprofile | format-table name, enabled, logfilename


 Display Specific Firewall Rule Settings

Use the following cmdlet to view the features of a specific firewall rule:

Get-NetFirewallRule –displayname “NSClient++ Monitoring Agent”


 Enabling a Firewall Rule

To enable a firewall rule, we need to combine two cmdlets via a pipeline.  For example:

Get-NetFirewallRule -displayname “NSClient++ Monitoring Agent” | enable-netfirewallrule

 Disable a Firewall Rule

To disable a firewall rule we [again] need to combine two cmdlets via a pipeline.  For example:

Get-NetFirewallRule - displayname “NSClient++ Monitoring Agent” | disable-netfirewallrule

How to List Remote IP Addresses Associated with Firewall Rule

Now, for a little advanced stuff.  Let’s say that you need to know what the scope of Remote IP addresses are for a given Firewall Rule:

Get-NetFirewallRule -displayname “Blocking Remote IP from Threat Analysis Report” |

Get-NetFirewallAddressFilter | select -ExpandProperty RemoteAddress | select -First 5


Final Thought

This is just scratching the surface of what you can do with Firewall Rules, using PowerShell.  The following provides a list of all cmdlets associated with Firewall Rules:  I highly recommend getting familiar with these cmdlets by looking for creative ways to incorporate them into your scripting.

get-command *firewall*



Examples on how to Automate Firewall Rules Across your Enterprise Environment.  Click here.