Clean unused firewall rules using PowerShell

In Windows, firewall rules can be easily cumulated over time. Every time a new application is launched, the user will be prompted to create a new firewall rule for the app. However, when applications get uninstalled, most of them would not remove the firewall rule it has created.

Once there are more than just a few unused firewall rules, the system becomes less secure due to the exposed protocols and ports. A mocked application at the exact same file path can easily take advantage of existing firewall rules created and make the system vulnerable.

Unused firewall rules can be cleaned up with just 3 lines of PowerShell commands, under elevated command prompt:

$unusedFilters = Get-NetFirewallApplicationFilter | Where-Object {$_.Program -notin ("Any", "System")} | Where-Object {-not (Test-Path ([System.Environment]::ExpandEnvironmentVariables($_.Program)))}

$unusedRules = Get-NetFirewallRule | Where-Object {$_.Name -in $unusedFilters.InstanceId}

$unusedRules | Remove-NetFirewallRule -Verbose
PSPrompt customized using oh-my-posh

发表评论

您的电子邮箱地址不会被公开。 必填项已用*标注