Script to Check Current Firewall Profile

Mark Berry September 21, 2016

As mentioned in this post, I recently had a server unexpectedly show up with a Public firewall profile, which caused database connection issues. I decided to write a little script to confirm that the server has a Domain Profile.

All that the script does is execute this command:

netsh advfirewall monitor show currentprofile

then check the results for a string. The script returns 0 if “Domain Profile” is found; otherwise it returns 1001 (which will raise an error in the MaxRM dashboard if you deploy this as a Script Check).

If you prefer instead to confirm that the machine is using a “Private Profile”, for example, enclose that string in quotation marks as a parameter for the script.

Here is the script, which I named CheckCurrentFirewallProfile.cmd:

@echo off
REM ===========================================================================================
REM CheckCurrentFirewallProfile.cmd
REM Copyright (c) 2016 by MCB Systems.  All rights reserved.
REM Free for personal or commercial use.  May not be sold.
REM No warranties.  Use at your own risk.
REM ===========================================================================================
REM
REM Summary:
REM    Check the current Windows Firewall profile using netsh.
REM    If the results do not contain the parameter, return ExitCode = 1001.  Else return 0.
REM
REM Parameter:
REM    %1:  Optional.   String to search for.  By default, "Domain Profile".
REM                     Enclose entire string in quotation marks.
REM
REM ===========================================================================================
REM Change Log:
REM
REM 09/21/2016:  Initial batch file.
REM
REM ===========================================================================================

set /a ExitCode=0

REM ===========================================================================================
REM Check for parameter
REM ===========================================================================================

if ###%1###==###### goto NoParam
goto ParamFound

:NoParam
set SearchString=Domain Profile
goto CheckFirewall

:ParamFound
REM Expand param and strip surrounding quotation marks, if any.
REM For an explanation of the "magic" tilde codes, see Variable Substitution here:
REM http://technet.microsoft.com/en-us/library/bb490909.aspx
set SearchString=%~1

:CheckFirewall

REM ===========================================================================================
REM Check the firewall profile for the specified string
REM ===========================================================================================

echo Executing "netsh advfirewall monitor show currentprofile | find "%SearchString%""

netsh advfirewall monitor show currentprofile | find "%SearchString%"

set /a ExitCode=%errorlevel%
echo Command returned ExitCode = %ExitCode%

REM If command  returned an exit code = 0, string was found--exit script with 0.
if %ExitCode% EQU 0 goto End

REM Program returned an exit code <> 0 - command failed or string not found.
REM Set ExitCode to 1001 so MaxFocus will report error in dashboard.
set /a ExitCode=1001

:End
echo Exiting script with ExitCode = %ExitCode%
exit /b %ExitCode%

Leave a Reply





*