-
Notifications
You must be signed in to change notification settings - Fork 89
FirewallProfile
dscbot edited this page Apr 14, 2025
·
7 revisions
| Parameter | Attribute | DataType | Description | Allowed Values |
|---|---|---|---|---|
| Name | Key | String | The name of the firewall profile to configure. |
Domain, Public, Private
|
| AllowInboundRules | Write | String | Specifies that the firewall blocks inbound traffic. |
True, False, NotConfigured
|
| AllowLocalFirewallRules | Write | String | Specifies that the local firewall rules should be merged into the effective policy along with Group Policy settings. |
True, False, NotConfigured
|
| AllowLocalIPsecRules | Write | String | Specifies that the local IPsec rules should be merged into the effective policy along with Group Policy settings. |
True, False, NotConfigured
|
| AllowUnicastResponseToMulticast | Write | String | Allows unicast responses to multi-cast traffic. |
True, False, NotConfigured
|
| AllowUserApps | Write | String | Specifies that traffic from local user applications is allowed through the firewall. |
True, False, NotConfigured
|
| AllowUserPorts | Write | String | Specifies that traffic is allowed through local user ports. |
True, False, NotConfigured
|
| DefaultInboundAction | Write | String | Specifies how to filter inbound traffic. |
Block, Allow, NotConfigured
|
| DefaultOutboundAction | Write | String | Specifies how to filter outbound traffic. |
Block, Allow, NotConfigured
|
| DisabledInterfaceAliases | Write | StringArray[] | Specifies a list of interfaces on which firewall settings are excluded. | |
| Enabled | Write | String | Specifies that devolution is activated. |
True, False, NotConfigured
|
| EnableStealthModeForIPsec | Write | String | Enables stealth mode for IPsec traffic. |
True, False, NotConfigured
|
| LogAllowed | Write | String | Specifies how to log the allowed packets in the location specified by the LogFileName parameter. |
True, False, NotConfigured
|
| LogBlocked | Write | String | Specifies how to log the dropped packets in the location specified by the LogFileName parameter. |
True, False, NotConfigured
|
| LogFileName | Write | String | Specifies the path and filename of the file to which Windows Server writes log entries. | |
| LogIgnored | Write | String | Specifies how to log the ignored packets in the location specified by the LogFileName parameter. |
True, False, NotConfigured
|
| LogMaxSizeKilobytes | Write | UInt64 | Specifies the maximum file size of the log, in kilobytes. The acceptable values for this parameter are: 1 through 32767. | |
| NotifyOnListen | Write | String | Allows the notification of listening for inbound connections by a service. |
True, False, NotConfigured
|
This resource is used to enable or disable and configure Windows Firewall with Advanced Security profiles.
Configure the Private Firewall Profile.
Configuration FirewallProfile_ConfigurePrivateFirewallProfile_Config
{
Import-DscResource -Module NetworkingDsc
Node localhost
{
FirewallProfile ConfigurePrivateFirewallProfile
{
Name = 'Private'
Enabled = 'True'
DefaultInboundAction = 'Block'
DefaultOutboundAction = 'Allow'
AllowInboundRules = 'True'
AllowLocalFirewallRules = 'False'
AllowLocalIPsecRules = 'False'
NotifyOnListen = 'True'
LogFileName = '%systemroot%\system32\LogFiles\Firewall\pfirewall.log'
LogMaxSizeKilobytes = 16384
LogAllowed = 'False'
LogBlocked = 'True'
LogIgnored = 'NotConfigured'
}
}
}- DefaultGatewayAddress
- DnsClientGlobalSetting
- DnsClientNrptGlobal
- DnsClientNrptRule
- DnsConnectionSuffix
- DnsServerAddress
- Firewall
- FirewallProfile
- HostsFile
- IPAddress
- IPAddressOption
- NetAdapterAdvancedProperty
- NetAdapterBinding
- NetAdapterLso
- NetAdapterName
- NetAdapterRdma
- NetAdapterRsc
- NetAdapterRss
- NetAdapterState
- NetBios
- NetConnectionProfile
- NetIPInterface
- NetworkTeam
- NetworkTeamInterface
- ProxySettings
- Route
- WaitForNetworkTeam
- WinsServerAddress
- WinsSetting