Windows Server firewall track connection state

powershell windows-server-2012-r2

I am trying to control a Windows Server 2012 (R2) firewall by using PowerShell commands (see https://technet.microsoft.com/en-us/library/hh831755.aspx#BKMK_ProfileGlobalDefaults for example and reference).

On my Linux machines, I was able to track connection state with IPTables using conntrack to be able to allow established and related connections (http://www.iptables.info/en/connection-state.html). I haven't found an equivalent in the Windows Firewall.

Is there a way to do this in Windows Server using PowerShell? I have searched all over the internet and not found anything relevant.


You can query active TCP connections, listening ports, processes, etc. using the netstat command in Windows.

https://technet.microsoft.com/en-us/library/ff961504.aspx

For your script, you could combine netstat it with some PowerShell to do the filtering and parsing and build your firewall commands. For example, this script takes the netstat command and extends it to provide process names and filtering.

https://gallery.technet.microsoft.com/scriptcenter/Get-NetworkStatistics-66057d71


Changing firewall rules will affect established connections. see this answer Do new Windows firewall rules affect currently open connections?

it is time to leave windows, linux iptables is magic.

Related

MYSQL: Many slave servers with smaller resources or less with larger resources
nginx redirect based on $request_uri
How to get a chart for memory usage in AWS Elastic Beanstalk?
redis server does not create socket file
What is the state of AppArmor network rules in the latest kernel?
How to renew VMware certificate in Veeam
docker node ls is showing only master node in Azure
mount nfs as another folder on home
What is the meaning of the values of the Protocols field from Get-TlsCipherSuite Output?
Ratelimit IPs for UDP traffic in ipset list before being sent over GRE tunnel
Dovecot not listening on any port
Users cleaning in debian