Sometimes when you add 1 + 1 the result is greater than two. What I really means is that NetSh will teach you about PowerShell, and PowerShell will help you get the most from NetSh. As a bonus we are going to make sure the firewall is enabled.
Our Mission - What is NetSh?
Network Shell, or NetSh is a built-in program, which interrogates the operating system for information about network objects. My examples will concentrate on just one aspect of NetSh, namely the firewall. However, NetSh has other useful 'contexts', for example, IpSec, interface, and NAP.
Let us step back, and take an overview of PowerShell and NetSh. In the examples on this page, PowerShell has only a minor role, it merely acts a 'Shell' to run NetSh commands. We could equally run NetSh in a cmd DOS box. Now the benefit of choosing PowerShell is that while we do some useful work setting the firewall, we can get to know the rhythm of its commands.
My thinking is that if you can just get started by using familiar operating system command in PowerShell, then you will be intrigued to know more, and gradually you will pick up PowerShell skills as you go about everyday tasks.
PowerShell Objectives
- To see how easy it is to create $variables.
- To appreciate the rhythm of the verb-Noun cmdlets.
- To add simple error-correcting code.
Guy's Advice
Either start with the basics in Example 1 (recommended), or else if you are in a hurry, cut to the chase, and head for Example 2.
Example 1: NetSh and PowerShell. Smoke and mirrors or the real deal?
I have deliberately chosen NetSh as the vehicle for these simple PowerShell script, because I want to emphasise how easy it is to make the transition from the CMD 'DOS box', to PowerShell. Cynics would say we don't PowerShell to configure the firewall, or even to use NetSh. My reply is that I would rather a script that did real work, than a vacuous 'Hello World' example.
# PowerShell NetSh command
Clear-Host
netsh firewall show opmode
Learning Points
Note 1: The key NetSh verb in this example is 'show', in the next example we are going to 'Set' the firewall's operation mode.
Example 2: NetSh and PowerShell. Putting PowerShell to Work
In this example we are actually going to enable the firewall. We could have taken the same approach as Example 1 and just used one line of code:
netsh firewall set opmode enable enable (The first 'enable' is for the Domain Configuration, the second 'enable' is for the Standard Profile Configuration.)
netsh firewall set opmode enable enable (The first 'enable' is for the Domain Configuration, the second 'enable' is for the Standard Profile Configuration.)
However, I wanted to add simple error checking code courtesy of the if and elseif statements. To achieve this objective I put PowerShell to work and created the variable $Fw
# PowerShell Script to enable Remote Administration
Clear-Host
Write-Host "Firewall configuration for $env:computername"
$Fw = netsh firewall set opmode enable enable
$Fw
if($Fw -match 'ok'){write-Host "$env:username's job is done"}
if($Fw -match 'ok'){write-Host "$env:username's job is done"}
elseif($Fw -match 'requires elevation') {write-Host "Call for an
administrator"}
else{write-Host "Nothing happened"}
netsh firewall show opmode
Learning Points
Note 1: Observe the structure of PowerShell's commands verb-Noun cmdlets, for example, write-Host.
Note 2: Creating variables is easy, merely precede the name with the dollar sign. $Pw, in PowerShell there is no need to declare variables. Talking of variables $env corresponds to the built-in environmental variables, hence COMPUTERNAME or USERNAME.
Note 3: Trace how cleverly PowerShell interprets the variable in the speech marks. It always impresses me the way that the script engine interprets $env:username and then seamlessly let me add the apostrophe.
Example 3: Enable Remote Administration
NetSh also has the ability to configure services such as Remote Administration. Please investigate with this command: netsh firewall show service. There are two further pieces of information that we need to create this script. Firstly, the verb, or method 'set', secondly knowledge that the name of the service is precisely: remoteAdmin.
# PowerShell Script to enable Remote Administration
Clear-Host
Write-Host "Firewall Remote Administration for $env:computername"
$Fw = netsh firewall set service remoteAdmin enable
$Fw
if($Fw -match 'ok'){write-Host "$env:username's job is done"}
elseif($Fw -match 'requires elevation') {write-Host "Call for an administrator"}
else{write-Host "Failed to configure Remote Administration"}
netsh firewall show service
Learning Points
Note 1: When you study the output, be aware of two columns, the first column called 'Mode', and the second column called 'Customized'. My point is that the 'Mode' is always enabled, whereas the 'Customized' maybe say 'No', meaning not customized.
Note 2: My greatest joy is if you modify this script to suit your own needs. There are dozens of ways of creating the same objective, not to mention zillions of ways of satisfying similar objectives. For example, scripts which disable instead of enable, working with different services.
Where Next With NetSh?
The main purpose of this page is to get you started with PowerShell. I firmly believe that once you get success from a few simple command, you will be curiosity to achieve more with PowerShell. My second purpose is to provide examples to get you started scripting NetSh.
* The next step for NetSh is to investigate other 'contexts'. Try researching with NetSh ?
* Apply what you have learned here to other built-in commands, for example IpConfig.
* As for PowerShell, expand your repertoire of commands by investigating objects such as Get-Process or Get-WmiObject -class xyz.