How to check if port or program is allowed in Windows 2008 firewall using netsh advfirewall commands

1.1k Views Asked by At

I'm trying to write a post-install script that will be used to validate the install and configuration of a BladeLogic RSCD Agent on a server. One of the things I need to check is if the Windows Firewall is enabled and if the port TCP 4750 -or- executable named RSCD.exe is allowed (inbound) in the firewall.

Since Windows 2008, the netsh firewall show all command is deprecated and doesn't show all the information I need. I've been trying to use the new netsh advfirewall set of commands but I can only either list a very basic summary of each firewall profile, or list rules using their name (which I'd need to know). Since the rules can be created by system administrators installing the agent, I need another way to check if there's a rule either for the port, or the program itself with any name.

I haven't been able to find examples online on how to do this. Would anyone have an idea? Whatever method is used has to be fullproof and dynamic enough to detect it regardless of the name of the rule or location of the agent (could be installed in different places).

Note: I can't use Powershell, this has to be pure Batch language only.

1

There are 1 best solutions below

1
On

Yanick,

Is the reason you can't use PowerShell down to the restrictions in BladeLogic? If so, we've developed a workaround for calling Powershell scripts from BladeLogic! :)

-John.