Windows firewall: How to change existing rules using netsh
I can create new rules using
netsh advfirewall firewall add rule...
and Delete them using
netsh advfirewall firewall delete rule...
But I am not able to find a way to change existing rules.
Right now I implemented a logic where I check if the rule exists and if the rule does exist then I delete it and then I insert a modified rule. But in this approach, I need to keep track of previous rule configurations. For example, if I just want to disable the rule that I just cannot delete the existing rule and write a new rule without knowing what were other configurations of that rule.
Is there a better way to do the same where I want to change one field but keep everything the same using bat file? Thank you.
Solution 1:
You can use the netsh advfirewall firewall set rule
command, which "sets new values for properties of an existing rule." For example, to disable all rules named "Web Server":
netsh advfirewall firewall set rule name="Web Server" new enable=no
See netsh advfirewall firewall set rule /?
for more details. Notably, additional filters (e.g. profile=private
to only affect the Private profile) go before new
and other fields to change go after new
.