使用DSC資源啓用ICMP xFirewall創建新規則

Question

以下DSC語句複製現有的Windows防火牆規則，而不是僅更新已存在的相同規則。我寧願更新而不是重複。由於

xFirewall EnableV4PingIn{ 
    Name = 'File and Printer Sharing (Echo Request - ICMPv4-In)' 
    Group= 'File and Printer Sharing' 
    Protocol = 'ICMPv4' 
    Ensure='Present' 
    Enabled='True' 
    Direction='Inbound' 
    PsDscRunAsCredential = $DomainAdminCredential 

} 
xFirewall EnableV4PingOut{ 
    Name = 'File and Printer Sharing (Echo Request - ICMPv4-Out)' 
    Group= 'File and Printer Sharing' 
    Protocol = 'ICMPv4' 
    Ensure='Present' 
    Enabled='True' 
    Direction='Outbound' 
    PsDscRunAsCredential = $DomainAdminCredential 
} 

xFirewall EnableV6PingIn{ 
    Name = 'File and Printer Sharing (Echo Request - ICMPv6-In)' 
    Group= 'File and Printer Sharing' 
    Protocol = 'ICMPv6' 
    Ensure='Present' 
    Enabled='True' 
    Direction='Inbound' 
    PsDscRunAsCredential = $DomainAdminCredential 

} 
xFirewall EnableV6PingOut{ 
    Name = 'File and Printer Sharing (Echo Request - ICMPv6-Out)' 
    Group= 'File and Printer Sharing' 
    Protocol = 'ICMPv6' 
    Ensure='Present' 
    Enabled='True' 
    Direction='Outbound' 
    PsDscRunAsCredential = $DomainAdminCredential 
} 

Answer 1

我想通了:)

事實證明，在「名稱」中xFirewall不映射到圖形用戶界面的Windows防火牆中所示的「名稱」。

您可以運行下面的命令來查看可用的規則（和他們的真實「姓名」）：

Get-NetFirewallRule |ft 

所以，你的上面可以簡化爲以下（對於V4）：

xFirewall EnableV4PingIn 
{ 
    Name = "FPS-ICMP4-ERQ-In" 
    Enabled = "True" 
} 

xFirewall EnableV4PingOut 
{ 
    Name = "FPS-ICMP4-ERQ-Out" 
    Enabled = "True" 
}