PowerShell Logo Small

Disable-NetFirewallRule



This is the built-in help made by Microsoft for the command 'Disable-NetFirewallRule', in PowerShell version 5 - as retrieved from Windows version 'Microsoft Windows Server 2012 R2 Standard' PowerShell help files on 2016-06-23.

For PowerShell version 3 and up, where you have Update-Help, this command was run just before creating the web pages from the help files.

SYNOPSIS

Disables a firewall rule.

SYNTAX


Disable-NetFirewallRule [-Action <Action[]>] [-AsJob] [-CimSession <CimSession[]>] [-Description <String[]>] [-Direction <Direction[]>] [-DisplayGroup <String[]>]
[-EdgeTraversalPolicy <EdgeTraversal[]>] [-Enabled <Enabled[]>] [-GPOSession <String>] [-Group <String[]>] [-LocalOnlyMapping <Boolean[]>] [-LooseSourceMapping <Boolean[]>]
[-Owner <String[]>] [-PassThru] [-PolicyStore <String>] [-PolicyStoreSource <String[]>] [-PolicyStoreSourceType <PolicyStoreType[]>] [-PrimaryStatus <PrimaryStatus[]>]
[-Status <String[]>] [-ThrottleLimit <Int32>] [-TracePolicyStore] [-Confirm] [-WhatIf] [<CommonParameters>]
Disable-NetFirewallRule [-All] [-AsJob] [-CimSession <CimSession[]>] [-GPOSession <String>] [-PassThru] [-PolicyStore <String>] [-ThrottleLimit <Int32>] [-TracePolicyStore]
[-Confirm] [-WhatIf] [<CommonParameters>]
Disable-NetFirewallRule [-AsJob] [-CimSession <CimSession[]>] [-GPOSession <String>] [-PassThru] [-PolicyStore <String>] [-ThrottleLimit <Int32>] [-TracePolicyStore]
-DisplayName <String[]> [-Confirm] [-WhatIf] [<CommonParameters>]
Disable-NetFirewallRule [-Name] <String[]> [-AsJob] [-CimSession <CimSession[]>] [-GPOSession <String>] [-PassThru] [-PolicyStore <String>] [-ThrottleLimit <Int32>]
[-TracePolicyStore] [-Confirm] [-WhatIf] [<CommonParameters>]
Disable-NetFirewallRule [-AsJob] [-CimSession <CimSession[]>] [-GPOSession <String>] [-PassThru] [-PolicyStore <String>] [-ThrottleLimit <Int32>] [-TracePolicyStore]
-AssociatedNetFirewallAddressFilter <CimInstance> [-Confirm] [-WhatIf] [<CommonParameters>]
Disable-NetFirewallRule [-AsJob] [-CimSession <CimSession[]>] [-PassThru] [-ThrottleLimit <Int32>] -InputObject <CimInstance[]> [-Confirm] [-WhatIf] [<CommonParameters>]
Disable-NetFirewallRule [-AsJob] [-CimSession <CimSession[]>] [-GPOSession <String>] [-PassThru] [-PolicyStore <String>] [-ThrottleLimit <Int32>] [-TracePolicyStore]
-AssociatedNetFirewallApplicationFilter <CimInstance> [-Confirm] [-WhatIf] [<CommonParameters>]
Disable-NetFirewallRule [-AsJob] [-CimSession <CimSession[]>] [-GPOSession <String>] [-PassThru] [-PolicyStore <String>] [-ThrottleLimit <Int32>] [-TracePolicyStore]
-AssociatedNetFirewallServiceFilter <CimInstance> [-Confirm] [-WhatIf] [<CommonParameters>]
Disable-NetFirewallRule [-AsJob] [-CimSession <CimSession[]>] [-GPOSession <String>] [-PassThru] [-PolicyStore <String>] [-ThrottleLimit <Int32>] [-TracePolicyStore]
-AssociatedNetFirewallSecurityFilter <CimInstance> [-Confirm] [-WhatIf] [<CommonParameters>]
Disable-NetFirewallRule [-AsJob] [-CimSession <CimSession[]>] [-GPOSession <String>] [-PassThru] [-PolicyStore <String>] [-ThrottleLimit <Int32>] [-TracePolicyStore]
-AssociatedNetFirewallProfile <CimInstance> [-Confirm] [-WhatIf] [<CommonParameters>]
Disable-NetFirewallRule [-AsJob] [-CimSession <CimSession[]>] [-GPOSession <String>] [-PassThru] [-PolicyStore <String>] [-ThrottleLimit <Int32>] [-TracePolicyStore]
-AssociatedNetFirewallPortFilter <CimInstance> [-Confirm] [-WhatIf] [<CommonParameters>]
Disable-NetFirewallRule [-AsJob] [-CimSession <CimSession[]>] [-GPOSession <String>] [-PassThru] [-PolicyStore <String>] [-ThrottleLimit <Int32>] [-TracePolicyStore]
-AssociatedNetFirewallInterfaceTypeFilter <CimInstance> [-Confirm] [-WhatIf] [<CommonParameters>]
Disable-NetFirewallRule [-AsJob] [-CimSession <CimSession[]>] [-GPOSession <String>] [-PassThru] [-PolicyStore <String>] [-ThrottleLimit <Int32>] [-TracePolicyStore]
-AssociatedNetFirewallInterfaceFilter <CimInstance> [-Confirm] [-WhatIf] [<CommonParameters>]



Search powershellhelp.space

DESCRIPTION


IMPORTANT NOTE:Running this cmdlet without parameters disables all Windows Firewall rules on the target computer. Always run this cmdlet with the -WhatIf parameter if you
are not targeting a specific Windows Firewall rule or group of rules.


The Disable-NetFirewallRule cmdlet disables a previously enabled firewall rule to be inactive within the computer or a group policy organizational unit. A Disabled rule will
not actively modify system behavior, but the rule still exists on the computer or in a Group Policy Object (GPO) so it can be re-enabled. This is different from the
Remove-NetFirewallRule cmdlet, which permanently removes the rule.


This cmdlet gets one or more firewall rules to be disabled with the Name parameter (default), the DisplayName parameter, rule properties, or by the associated filters or
objects. The Enabled parameter value for the resulting queried rules is set to False.


Disabling IPsec and firewall rules can be useful for debugging firewall policy mismatch issues, but is easier when the rules are in the local, or persistent, store.
Disabling rules in a GPO container will not take effect until the next time the client applies the GPO. To troubleshoot GPO-based firewall policy, consider copying all the
rules and authorization and cryptographic sets from the GPO to a computer that does not have the GPO policy applied using the Copy-NetFirewallRule cmdlet. This is way to
locally modify the policy, in order to troubleshoot any IPsec problems.



<

RELATED LINKS

Online Version: http://go.microsoft.com/fwlink/?LinkId=216656
Copy-NetFirewallRule
Enable-NetFirewallRule
Get-NetFirewallAddressFilter
Get-NetFirewallApplicationFilter
Get-NetFirewallInterfaceFilter
Get-NetFirewallInterfaceTypeFilter
Get-NetFirewallPortFilter
Get-NetFirewallProfile
Get-NetFirewallSecurityFilter
Get-NetFirewallServiceFilter
Get-NetFirewallRule
New-NetFirewallRule
Open-NetGPO
Remove-NetFirewallRule
Rename-NetFirewallRule
Save-NetGPO
Set-NetFirewallRule
Show-NetFirewallRule
New-GPO

REMARKS

<

Examples


EXAMPLE 1

PS C:\>Disable-NetFirewallRule –DisplayName "Network Discovery"



This example disables a firewall rule given the localized name.




EXAMPLE 2

PS C:\>Disable-NetFirewallRule –Group "@FirewallAPI.dll,-28502"



This example disables all of the File and Printer Sharing rules on the local computer. Use the universal and world-ready indirect string @FirewallAPI to specify the group.




EXAMPLE 3

PS C:\>Disable-NetFirewallRule –Direction Outbound -PolicyStore contoso.com\gpo_name



This example disables all of the previously enabled outbound firewall rules in a specified GPO.




EXAMPLE 4

PS C:\>$nfwRule = Get-NetFirewallRule -PolicyStore ActiveStore -PolicyStoreSourceType Dynamic



PS C:\>Disable-NetFirewallRule –InputObject $nfwRule


This is an alternate way to perform the same using only the pipeline.
PS C:\>Get-NetFirewallRule -PolicyStore ActiveStore -PolicyStoreSourceType Dynamic | Disable-NetFirewallRule



This example disables the dynamic firewall rules on the computer.