Monthly Archives: April 2013

Create a hashtable from a here-string

This syntax is usefull when I need to create a hashtable from content published on MSDN (or somewhere on the web). Just copy content into clipboard, paste into ISE, surround by here-string syntax @’ ‘@ (remember that Powershell doesn’t like whitespace before the here string closing ‘@) and finally prepend this piece of code $variable = DATA {
ConvertFrom-StringData -StringData

The example below shows how to create a bios characteristics hashtable to decode the information in win32_bios WMI class

$BiosCharacteristics = DATA {
ConvertFrom-StringData -StringData @'
3=BIOS Characteristics Not Supported
4= ISA is supported
5= MCA is supported
6= EISA is supported
7= PCI is supported
8= PC Card (PCMCIA) is supported
9= Plug and Play is supported
10= APM is supported
11= BIOS is Upgradable (Flash)
12= BIOS shadowing is allowed
13= VL-VESA is supported
14= ESCD support is available
15= Boot from CD is supported
16= Selectable Boot is supported
17= BIOS ROM is socketed
18= Boot From PC Card (PCMCIA) is supported
19= EDD (Enhanced Disk Drive) Specification is supported
20= Int 13h - Japanese Floppy for NEC 9800 1.2mb (3.5, 1k Bytes/Sector, 360 RPM) is supported
21= Int 13h - Japanese Floppy for Toshiba 1.2mb (3.5, 360 RPM) is supported
22= Int 13h - 5.25 / 360 KB Floppy Services are supported
23= Int 13h - 5.25 /1.2MB Floppy Services are supported
24= Int 13h - 3.5 / 720 KB Floppy Services are supported
25= Int 13h - 3.5 / 2.88 MB Floppy Services are supported
26= Int 5h, Print Screen Service is supported
27= Int 9h, 8042 Keyboard services are supported
28= Int 14h, Serial Services are supported
29= Int 17h, printer services are supported
30= Int 10h, CGA/Mono Video Services are supported
31= NEC PC-98
32= ACPI is supported
33= USB Legacy is supported
34= AGP is supported
35= I2O boot is supported
36= LS-120 boot is supported
37= ATAPI ZIP Drive boot is supported
38= 1394 boot is supported
39= Smart Battery is supported
'@
}

$BiosCharacteristics

Netsh advanced firewall commands

Check advanced firewall status

find out which profile is the advfirewall in

netsh advfirewall show currentprofile

get info about advfirewall all profiles

netsh advfirewall show allprofiles state

Enable/disable advanced firewall

enable advfirewall:

netsh advfirewall set allprofiles state on

disable advfirewall:

netsh advfirewall set allprofiles state off

Reset advanced firewall to default settings

netsh advfirewall reset

Set firewall policy

netsh advfirewall set domainprofile firewallpolicy allowinboound,allowoutbound

Export and import advanced firewall settings

netsh advfirewall export "C:\temp\WFconfiguration.wfw"

netsh advfirewall import "C:\temp\WFconfiguration.wfw"

Rules

displays all currently defined firewall rules

netsh advfirewall firewall show rule name=all

show rules for the domain profile

netsh advfirewall firewall show rule name=all profile=domain

(Note: The above command does not show rules where profile=domain,public or profile=domain,private. It only shows rules that have the single entry domain included in the rule)

 

deny all incoming connections and allow all outgoing connections

netsh advfirewall set allprofiles firewallpolicy blockinbound,allowoutbound

allow or prevent ping

netsh advfirewall firewall add rule name="All ICMP V4" dir=in action=block protocol=icmpv4

netsh advfirewall firewall add rule name="All ICMP V4" dir=in action=allow protocol=icmpv4

allow well-known rules (remote administration for mmc, remote desktop atc.)

netsh advfirewall firewall set rule group="Remote Administration" new enable=yes
netsh advfirewall firewall set rule group="File and Printer Sharing" new enable=yes
netsh advfirewall firewall set rule group="Remote Service Management" new enable=yes
netsh advfirewall firewall set rule group="Performance Logs and Alerts" new enable=yes 
netsh advfirewall firewall set rule group="Remote Event Log Management" new enable=yes
netsh advfirewall firewall set rule group="Remote Scheduled Tasks Management" new enable=yes
netsh advfirewall firewall set rule group="Remote Volume Management" new enable=yes 
netsh advfirewall firewall set rule group="Remote Desktop" new enable=yes
netsh advfirewall firewall set rule group="Windows Firewall Remote Management" new enable =yes
netsh advfirewall firewall set rule group="windows management instrumentation (wmi)" new enable=yes

add a rule allowing tcp or udp incoming packets on port 80:

netsh advfirewall firewall add rule name="HTTP" protocol=TCP localport=80 action=allow dir=IN
netsh advfirewall firewall add rule name="HTTP" protocol=UDP localport=80 action=allow dir=IN

add and delete a rule allowing tcp packets on port 1433 (SQL server)

netsh advfirewall firewall add rule name="SQL Server Port 1433" dir=in action=allow protocol=TCP localport=1433

netsh advfirewall firewall delete rule name="SQL Server Port 1433" protocol=tcp localport=1433

open firewall for a given application

netsh advfirewall firewall add rule name="Allow Skype" dir=in action=allow program="C:\program files\Skype\skype.exe"

deny tcp or udp packets on port x:

netsh advfirewall firewall add rule name="HTTP" protocol=TCP localport=80 action=block dir=IN
netsh advfirewall firewall add rule name="HTTP" protocol=UDP localport=80 action=block dir=IN

 

delete a rule:

netsh advfirewall firewall delete rule name="HTTP"

 

allow or deny incoming connection for specific port and IP:

netsh advfirewall firewall add rule name="HTTP" protocol=TCP localport=80 action=allow dir=IN remoteip=x.x.x.x
netsh advfirewall firewall add rule name="HTTP" protocol=TCP localport=80 action=block dir=IN remoteip=x.x.x.x

Allow or deny incoming connection for specific port and subnet:

netsh advfirewall firewall add rule name="HTTP" protocol=TCP localport=80 action=block dir=IN remoteip=x.x.x.x/24

or

netsh advfirewall firewall add rule name="HTTP" protocol=TCP localport=80 action=allow dir=IN remoteip=x.x.x.x-x.x.x.x

or

netsh advfirewall firewall add rule name="HTTP" protocol=TCP localport=80 action=block dir=IN remoteip=localsubnet

Netsh AdvFirewall Firewall Commands

Cool listing of PowerShell-based Group Policy Scripts – Group Policy Software – SDM Software | Group Policy Management & Administration Tools

Cool listing of PowerShell-based Group Policy Scripts – Group Policy Software – SDM Software | Group Policy Management & Administration Tools.

PowerTip: Use PowerShell to Find Application Hangs – Hey, Scripting Guy! Blog – Site Home – TechNet Blogs

PowerTip: Use PowerShell to Find Application Hangs – Hey, Scripting Guy! Blog – Site Home – TechNet Blogs.

Weekend Scripter: Convert Word Documents to PDF Files with PowerShell – Hey, Scripting Guy! Blog – Site Home – TechNet Blogs

Weekend Scripter: Convert Word Documents to PDF Files with PowerShell – Hey, Scripting Guy! Blog – Site Home – TechNet Blogs.

smsagent

Scripts, tools and tips, mostly around Microsoft SCCM and EMS

To The Point

Anything about Technology and Business

Brian's Power Windows Blog

Microsoft in the Enterprise. Windows, Hyper-V, Exchange, SQL, and more!

PowerScripting Podcast

Shownotes and links for the PowerScripting Podcast, a podcast to help people learn Windows Powershell

Learn Powershell | Achieve More

What is this Powershell of which you speak?