How can I use netsh to find a rule using a pattern

Question

I'm wondering whether anyone in Microsoft has ever come to a situation where they can't remember a rule's name!
The netsh advfirewall firewall show rule only accepts 1 name and no pattern matching facility is available on netsh to help find a rule using a pattern like "SQL*" or ^SQL.+$
using show and name=all it is possible to list all rules but I was unable to find a solid command-line grep tool for windows.

I want to be able to run a command like this:

netsh advfirewall firewall show rule name=sql*

Is this possible?

score 13 · Accepted Answer · edited Sep 14 '17 at 16:42

13

In PowerShell run:

$fw=New-object -comObject HNetCfg.FwPolicy2    
$fw.rules | findstr /i "whaturlookingfor"

better yet:

$fw.rules | select name | select-string "sql"

edited Sep 14 '17 at 16:42

I say Reinstate Monica

3,142

answered Aug 08 '12 at 17:05

tony roth

3,952
20
14

score 8 · Answer 2 · edited Jun 04 '14 at 00:03

8

This is best I could do. Anyone know how to take it further? Like remove/subtract the Rule Name from the results?

netsh advfirewall firewall show rule name=all | find "Rule Name:" | find "NameLookingFor"

edited Jun 04 '14 at 00:03

HopelessN00b

54,273

answered Jun 03 '14 at 22:22

Ben

81

bcody · Answer 3 · 2017-06-27T06:14:04.090

On Windows 10 I get a warning when I execute netsh advfirewall, saying that future Windows versions may not support that feature anymore and one should use PowerShell instead. Luckily, what the OP wanted to do is easy in PowerShell:

Get-NetFirewallRule -DisplayName "SQL*"

I had 1000+ firewall rules that were created by a randomly-named executable that I wanted to remove. The following command made this easy to do:

Remove-NetFirewallRule -DisplayName "*mongod.exe"

score 5 · Answer 4 · edited Jun 03 '14 at 23:47

5

You can try Select-String:

netsh advfirewall firewall show rule name=all | select-string -pattern "Hyper-V"

edited Jun 03 '14 at 23:47

Cristian Ciupitu

6,460

answered May 24 '13 at 19:38

Loul G.

159

score 2 · Answer 5 · edited Sep 14 '17 at 16:43

2

Without PowerShell you can simply use regex with findstr:

netsh advfirewall firewall show rule name=all | findstr /R "sql.*"

edited Sep 14 '17 at 16:43

I say Reinstate Monica

3,142

answered Jan 10 '17 at 15:10

SDK

121

score 1 · Answer 6 · answered Apr 11 '18 at 23:19

This is admittedly a coat-tails answer but a comment would obscure the point.

This is also admittedly answering a slightly different question: how can I not use netsh and still find rules? :-)

I think it's best to stay in the PowerShell idiom if you're there already, and you can use the full pattern matching capability including regexes therein.

For the sake of it, I included some conditionals and mutation to show how all PowerShell constructs are embeddable in the functional-style blocks.

Final caveat that mutations must be run with Administrative rights where as reads need not.

(New-Object -ComObject HNetCfg.FwPolicy2).rules |
    Where-Object { $_.Name -match '^SQL.+$' } |
    ForEach-Object { Write-Output "Checking $($_.Name)"
      if ( $_.Enabled ) { Write-Output "$($_.Name) already enabled" }
      else { Write-Output "$($_.Name) enabled"; $_.Enabled = $true }
    }

score 0 · Answer 7 · answered Sep 24 '24 at 20:13

To add to what @Ben said a decade ago (oof), by installing Cygwin you can get quite a good amount of Unix tools ready to run on Windows, including grep.

Then you could run the following command from any terminal (just don't run it from within the netsh interface):

netsh advfirewall firewall show rule name=all verbose | grep -i -n -A 9 -B 6 -e "youRegex"

Cygwin is so nice but for a more native Linux experience there's also WSL now. If I recall correctly you'd just need to prepend wsl to that command.

Thanks again to @Ben who pointed me in the right direction in order to solve my own problem which I had just run into ten years after he did!

How can I use netsh to find a rule using a pattern

7 Answers7