PowerShell Logo Small

Set-NetFirewallRule



This is the built-in help made by Microsoft for the command 'Set-NetFirewallRule', in PowerShell version 5 - as retrieved from Windows version 'Microsoft Windows Server 2012 R2 Standard' PowerShell help files on 2016-06-23.

For PowerShell version 3 and up, where you have Update-Help, this command was run just before creating the web pages from the help files.

SYNOPSIS

Modifies existing firewall rules.

SYNTAX


Set-NetFirewallRule [-Action <Action>] [-AsJob] [-Authentication <Authentication>] [-CimSession <CimSession[]>] [-Description <String>] [-Direction <Direction>]
[-DynamicTarget <DynamicTransport>] [-EdgeTraversalPolicy <EdgeTraversal>] [-Enabled <Enabled>] [-Encryption <Encryption>] [-GPOSession <String>] [-IcmpType <String[]>]
[-InterfaceAlias <WildcardPattern[]>] [-InterfaceType <InterfaceType>] [-LocalAddress <String[]>] [-LocalOnlyMapping <Boolean>] [-LocalPort <String[]>] [-LocalUser <String>]
[-LooseSourceMapping <Boolean>] [-NewDisplayName <String>] [-OverrideBlockRules <Boolean>] [-Owner <String>] [-Package <String>] [-PassThru] [-Platform <String[]>]
[-PolicyStore <String>] [-Profile <Profile>] [-Program <String>] [-Protocol <String>] [-RemoteAddress <String[]>] [-RemoteMachine <String>] [-RemotePort <String[]>]
[-RemoteUser <String>] [-Service <String>] [-ThrottleLimit <Int32>] -DisplayGroup <String[]> [-Confirm] [-WhatIf] [<CommonParameters>]
Set-NetFirewallRule [-Action <Action>] [-AsJob] [-Authentication <Authentication>] [-CimSession <CimSession[]>] [-Description <String>] [-Direction <Direction>]
[-DynamicTarget <DynamicTransport>] [-EdgeTraversalPolicy <EdgeTraversal>] [-Enabled <Enabled>] [-Encryption <Encryption>] [-IcmpType <String[]>] [-InterfaceAlias
<WildcardPattern[]>] [-InterfaceType <InterfaceType>] [-LocalAddress <String[]>] [-LocalOnlyMapping <Boolean>] [-LocalPort <String[]>] [-LocalUser <String>]
[-LooseSourceMapping <Boolean>] [-NewDisplayName <String>] [-OverrideBlockRules <Boolean>] [-Owner <String>] [-Package <String>] [-PassThru] [-Platform <String[]>] [-Profile
<Profile>] [-Program <String>] [-Protocol <String>] [-RemoteAddress <String[]>] [-RemoteMachine <String>] [-RemotePort <String[]>] [-RemoteUser <String>] [-Service <String>]
[-ThrottleLimit <Int32>] -InputObject <CimInstance[]> [-Confirm] [-WhatIf] [<CommonParameters>]
Set-NetFirewallRule [-Action <Action>] [-AsJob] [-Authentication <Authentication>] [-CimSession <CimSession[]>] [-Description <String>] [-Direction <Direction>]
[-DynamicTarget <DynamicTransport>] [-EdgeTraversalPolicy <EdgeTraversal>] [-Enabled <Enabled>] [-Encryption <Encryption>] [-GPOSession <String>] [-IcmpType <String[]>]
[-InterfaceAlias <WildcardPattern[]>] [-InterfaceType <InterfaceType>] [-LocalAddress <String[]>] [-LocalOnlyMapping <Boolean>] [-LocalPort <String[]>] [-LocalUser <String>]
[-LooseSourceMapping <Boolean>] [-NewDisplayName <String>] [-OverrideBlockRules <Boolean>] [-Owner <String>] [-Package <String>] [-PassThru] [-Platform <String[]>]
[-PolicyStore <String>] [-Profile <Profile>] [-Program <String>] [-Protocol <String>] [-RemoteAddress <String[]>] [-RemoteMachine <String>] [-RemotePort <String[]>]
[-RemoteUser <String>] [-Service <String>] [-ThrottleLimit <Int32>] -DisplayName <String[]> [-Confirm] [-WhatIf] [<CommonParameters>]
Set-NetFirewallRule [-Name] <String[]> [-Action <Action>] [-AsJob] [-Authentication <Authentication>] [-CimSession <CimSession[]>] [-Description <String>] [-Direction
<Direction>] [-DynamicTarget <DynamicTransport>] [-EdgeTraversalPolicy <EdgeTraversal>] [-Enabled <Enabled>] [-Encryption <Encryption>] [-GPOSession <String>] [-IcmpType
<String[]>] [-InterfaceAlias <WildcardPattern[]>] [-InterfaceType <InterfaceType>] [-LocalAddress <String[]>] [-LocalOnlyMapping <Boolean>] [-LocalPort <String[]>]
[-LocalUser <String>] [-LooseSourceMapping <Boolean>] [-NewDisplayName <String>] [-OverrideBlockRules <Boolean>] [-Owner <String>] [-Package <String>] [-PassThru] [-Platform
<String[]>] [-PolicyStore <String>] [-Profile <Profile>] [-Program <String>] [-Protocol <String>] [-RemoteAddress <String[]>] [-RemoteMachine <String>] [-RemotePort
<String[]>] [-RemoteUser <String>] [-Service <String>] [-ThrottleLimit <Int32>] [-Confirm] [-WhatIf] [<CommonParameters>]
Set-NetFirewallRule [-Action <Action>] [-AsJob] [-Authentication <Authentication>] [-CimSession <CimSession[]>] [-Description <String>] [-Direction <Direction>]
[-DynamicTarget <DynamicTransport>] [-EdgeTraversalPolicy <EdgeTraversal>] [-Enabled <Enabled>] [-Encryption <Encryption>] [-GPOSession <String>] [-IcmpType <String[]>]
[-InterfaceAlias <WildcardPattern[]>] [-InterfaceType <InterfaceType>] [-LocalAddress <String[]>] [-LocalOnlyMapping <Boolean>] [-LocalPort <String[]>] [-LocalUser <String>]
[-LooseSourceMapping <Boolean>] [-NewDisplayName <String>] [-OverrideBlockRules <Boolean>] [-Owner <String>] [-Package <String>] [-PassThru] [-Platform <String[]>]
[-PolicyStore <String>] [-Profile <Profile>] [-Program <String>] [-Protocol <String>] [-RemoteAddress <String[]>] [-RemoteMachine <String>] [-RemotePort <String[]>]
[-RemoteUser <String>] [-Service <String>] [-ThrottleLimit <Int32>] -Group <String[]> [-Confirm] [-WhatIf] [<CommonParameters>]



Search powershellhelp.space

DESCRIPTION


The Set-NetFirewallRule cmdlet modifies existing firewall rule properties. This cmdlet gets one or more firewall rules to be modified with the Name parameter (default), the
DisplayName parameter, or by group association using the DisplayGroup or Group parameter. Rules cannot be queried by property in this cmdlet, but the querying can be done by
the Get-NetFirewallRule cmdlet and piped into this cmdlet. The remaining parameters modify the properties of the specified rules. If the DisplayGroup or Group parameter is
specified, then all sets associated with the specified group receive the same modifications.


To move a rule to a new GPO, copy the existing rule using the Copy-NetFirewallRule cmdlet with the NewPolicyStore parameter, then remove the old rule with this cmdlet.



<

RELATED LINKS

Online Version: http://go.microsoft.com/fwlink/?LinkId=288218
Copy-NetFirewallRule
Disable-NetFirewallRule
Enable-NetFirewallRule
Get-NetFirewallAddressFilter
Get-NetFirewallApplicationFilter
Get-NetFirewallInterfaceFilter
Get-NetFirewallInterfaceTypeFilter
Get-NetFirewallPortFilter
Get-NetFirewallRule
Get-NetFirewallSecurityFilter
Get-NetFirewallServiceFilter
New-NetFirewallRule
Open-NetGPO
Remove-NetFirewallRule
Rename-NetFirewallRule
Save-NetGPO
Set-NetIPsecRule
Set-NetFirewallRule
Set-NetFirewallSetting
Show-NetFirewallRule
New-GPO

REMARKS

<

Examples


EXAMPLE 1

PS C:\>Set-NetFirewallRule -DisplayName "AllowWeb80" -RemoteAddress "192.168.0.2"



This example changes a rule to match a different remote IP address of a web server for which traffic is allowed by a rule.




EXAMPLE 2

PS C:\>Set-NetFirewallRule -DisplayGroup "Windows Firewall Remote Management" -Enabled True


This cmdlet shows an alternate way to enable all of the rules in a predefined group.
PS C:\>Enable-NetFirewallRule -DisplayGroup "Windows Firewall Remote Management"



This example enables all of the rules in a predefined group.




EXAMPLE 3

PS C:\>Set-NetFirewallRule -DisplayName "AllowMessenger" -Authentication Required –Profile Domain



This example changes a rule to require authentication and scopes the rule to apply on the domain profile. A separate IPsec rule must exist to perform the authentication.