I want to expose my server to the internet. Yes, I know, layered security, blah blah blah... (I really don't take security that flippantly but for this purpose...)
I am no Powershell Expert; not even really a user. I was searching high and low for how to use powershell to update all the default rules to be internal only (I even used Altavista; yes it is still around). The windows firewall GUI doesn't allow you to modify multiple rules at once, so I would have to sit there and go to the properties of each and update for only allowing the default rules on the two non-public profiles (Domain, Internal). YUCK! Thanks MS!
Ok, so with power shell (installed by default on windows 2008 r2) you can loop through each rule and update it.
Values to replace "#Number#" below
1 = Domain
2 = Private
3 = Domain, Private
4 = Public
5 = Domain, Public
6 = Private, Public
7 = All
Get the Nifty COM object (surprising they still make these...)
$fw = New-Object -ComObject HNetCfg.FwPolicy2
Now Loop... Powershell does allow for muliline commands so go ahead and add logic to only change the ones you want...
foreach($rule in $fw.Rules) {$rule.Profiles = #Number#}
Now this updates ALL (Disabled and Enabled) Rules in the firewall, if you are connected remotely, make sure you are connected through the appropriate interface and don't knock yourself off. (Cause that just bites)
Hope the robots find this as to help someone else... :)
