-
Notifications
You must be signed in to change notification settings - Fork 88
FirewallProfile
dscbot edited this page Jun 7, 2024
·
6 revisions
Parameter | Attribute | DataType | Description | Allowed Values |
---|---|---|---|---|
Name | Key | String | The name of the firewall profile to configure. |
Domain , Public , Private
|
AllowInboundRules | Write | String | Specifies that the firewall blocks inbound traffic. |
True , False , NotConfigured
|
AllowLocalFirewallRules | Write | String | Specifies that the local firewall rules should be merged into the effective policy along with Group Policy settings. |
True , False , NotConfigured
|
AllowLocalIPsecRules | Write | String | Specifies that the local IPsec rules should be merged into the effective policy along with Group Policy settings. |
True , False , NotConfigured
|
AllowUnicastResponseToMulticast | Write | String | Allows unicast responses to multi-cast traffic. |
True , False , NotConfigured
|
AllowUserApps | Write | String | Specifies that traffic from local user applications is allowed through the firewall. |
True , False , NotConfigured
|
AllowUserPorts | Write | String | Specifies that traffic is allowed through local user ports. |
True , False , NotConfigured
|
DefaultInboundAction | Write | String | Specifies how to filter inbound traffic. |
Block , Allow , NotConfigured
|
DefaultOutboundAction | Write | String | Specifies how to filter outbound traffic. |
Block , Allow , NotConfigured
|
DisabledInterfaceAliases | Write | StringArray[] | Specifies a list of interfaces on which firewall settings are excluded. | |
Enabled | Write | String | Specifies that devolution is activated. |
True , False , NotConfigured
|
EnableStealthModeForIPsec | Write | String | Enables stealth mode for IPsec traffic. |
True , False , NotConfigured
|
LogAllowed | Write | String | Specifies how to log the allowed packets in the location specified by the LogFileName parameter. |
True , False , NotConfigured
|
LogBlocked | Write | String | Specifies how to log the dropped packets in the location specified by the LogFileName parameter. |
True , False , NotConfigured
|
LogFileName | Write | String | Specifies the path and filename of the file to which Windows Server writes log entries. | |
LogIgnored | Write | String | Specifies how to log the ignored packets in the location specified by the LogFileName parameter. |
True , False , NotConfigured
|
LogMaxSizeKilobytes | Write | UInt64 | Specifies the maximum file size of the log, in kilobytes. The acceptable values for this parameter are: 1 through 32767. | |
NotifyOnListen | Write | String | Allows the notification of listening for inbound connections by a service. |
True , False , NotConfigured
|
This resource is used to enable or disable and configure Windows Firewall with Advanced Security profiles.
Configure the Private Firewall Profile.
Configuration FirewallProfile_ConfigurePrivateFirewallProfile_Config
{
Import-DscResource -Module NetworkingDsc
Node localhost
{
FirewallProfile ConfigurePrivateFirewallProfile
{
Name = 'Private'
Enabled = 'True'
DefaultInboundAction = 'Block'
DefaultOutboundAction = 'Allow'
AllowInboundRules = 'True'
AllowLocalFirewallRules = 'False'
AllowLocalIPsecRules = 'False'
NotifyOnListen = 'True'
LogFileName = '%systemroot%\system32\LogFiles\Firewall\pfirewall.log'
LogMaxSizeKilobytes = 16384
LogAllowed = 'False'
LogBlocked = 'True'
LogIgnored = 'NotConfigured'
}
}
}
- DefaultGatewayAddress
- DnsClientGlobalSetting
- DnsConnectionSuffix
- DnsServerAddress
- Firewall
- FirewallProfile
- HostsFile
- IPAddress
- IPAddressOption
- NetAdapterAdvancedProperty
- NetAdapterBinding
- NetAdapterLso
- NetAdapterName
- NetAdapterRdma
- NetAdapterRsc
- NetAdapterRss
- NetAdapterState
- NetBios
- NetConnectionProfile
- NetIPInterface
- NetworkTeam
- NetworkTeamInterface
- ProxySettings
- Route
- WaitForNetworkTeam
- WinsServerAddress
- WinsSetting