MSFT_NetFirewallRule class
Represents a Windows firewall rule.
The following syntax is simplified from Managed Object Format (MOF) code and includes all of the inherited properties.
Syntax
class MSFT_NetFirewallRule : CIM_PolicyRule
{
uint16 Profiles;
boolean LooseSourceMapping;
boolean LocalOnlyMapping;
string RuleGroup;
string DisplayName;
string DisplayGroup;
uint16 EdgeTraversalPolicy;
string Platforms[];
uint16 Direction;
uint16 Action;
uint16 PrimaryStatus;
uint32 StatusCode;
string Status;
uint16 EnforcementStatus[];
uint16 PolicyStoreSourceType;
string PolicyStoreSource;
string Owner;
string SystemCreationClassName;
string SystemName;
string CreationClassName;
string PolicyRuleName;
uint16 ConditionListType;
string RuleUsage;
uint16 Priority;
boolean Mandatory;
uint16 SequencedActions;
uint16 ExecutionStrategy;
uint16 PolicyDecisionStrategy;
string PolicyRoles[];
uint16 Enabled = 1;
string CommonName;
string PolicyKeywords[];
string InstanceID;
string Caption;
string Description;
string ElementName;
};
Members
The MSFT_NetFirewallRule class has these types of members:
Methods
The MSFT_NetFirewallRule class has these methods.
| Method | Description |
|---|---|
| CloneObject | Copy this rule. |
| Disable | Disable this rule. |
| Enable | Enable this rule. |
| EnumerateFull | Desc |
| Rename | Rename this rule. |
Properties
The MSFT_NetFirewallRule class has these properties.
-
Action
-
-
Data type: uint16
-
Access type: Read-only
Specifies the action to take on traffic that matches this rule.
-
Allow (2)
-
AllowBypass (3)
-
Block (4 )
-
-
Caption
-
-
Data type: string
-
Access type: Read-only
-
Qualifiers: Override, MaxLen ( 64 )
The Caption property is a short textual description (one- line string) of the object.
-
-
CommonName
-
-
Data type: string
-
Access type: Read-only
This field is ignored.
-
-
ConditionListType
-
-
Data type: uint16
-
Access type: Read-only
This field is ignored.
-
-
CreationClassName
-
-
Data type: string
-
Access type: Read-only
Reserved for internal use by the WMI provider only.
-
-
Description
-
-
Data type: string
-
Access type: Read-only
A brief description of the rule. May be an indirect string. If it is an indirect string, then it may not be overwritten.
-
-
Direction
-
-
Data type: uint16
-
Access type: Read-only
Specifies which direction of traffic to match with this rule.
-
Inbound (1)
-
Outbound (2 )
-
-
DisplayGroup
-
-
Data type: string
-
Access type: Read-only
The group that this rule belongs to. This field is based on the value of RuleGroup and changes to this field are ignored.
-
-
DisplayName
-
-
Data type: string
-
Access type: Read-only
The localized name of this rule. This field's value is based on the value of ElementName. Changes to this field are ignored.
-
-
EdgeTraversalPolicy
-
-
Data type: uint16
-
Access type: Read-only
Specifies how this firewall rule will handle edge traversal cases.
-
Block (0)
-
Allow (1)
-
Defer to User (2)
-
Defer to App (3 )
-
-
ElementName
-
-
Data type: string
-
Access type: Read-only
The locale-independent name of the rule. May be an indirect string.
-
-
Enabled
-
-
Data type: uint16
-
Access type: Read-only
Indicates whether this rule is administratively enabled or disabled.
-
Enabled (1)
-
Disabled (2 )
-
-
EnforcementStatus
-
-
Data type: uint16 array
-
Access type: Read-only
If this object is retrieved from the ActiveStore, describes the current enforcement status of the rule.
-
Invalid (0)
-
Full (1)
-
FirewallOffInProfile (2)
-
CategoryOff (3)
-
DisabledObject (4)
-
InactiveProfile (5)
-
LocalAddressResolutionEmpty (6)
-
RemoteAddressResolutionEmpty (7)
-
LocalPortResolutionEmpty (8)
-
RemotePortResolutionEmpty (9)
-
InterfaceResolutionEmpty (10)
-
ApplicationResolutionEmpty (11)
-
RemoteMachineEmpty (12)
-
RemoteUserEmpty (13)
-
LocalGlobalOpenPortsDisallowed (14)
-
LocalAuthorizedApplicationsDisallowed (15)
-
LocalFirewallRulesDisallowed (16)
-
LocalConsecRulesDisallowed (17)
-
NotTargetPlatform (18)
-
OptimizedOut (19)
-
LocalUserEmpty (20)
-
TransportMachinesEmpty (21)
-
TunnelMachinesEmpty (22)
-
TupleResolutionEmpty (23 )
-
-
ExecutionStrategy
-
-
Data type: uint16
-
Access type: Read-only
This field is ignored.
-
-
InstanceID
-
-
Data type: string
-
Access type: Read-only
A string that uniquely identifies this instance within the PolicyStore.
-
-
LocalOnlyMapping
-
-
Data type: boolean
-
Access type: Read-only
Whether to group UDP packets into conversations based only upon the local address and port. Applies only to UDP.
-
-
LooseSourceMapping
-
-
Data type: boolean
-
Access type: Read-only
Whether to group UDP packets into conversations based upon the local address, local port, and remote port. Applies only to UDP.
-
-
Mandatory
-
-
Data type: boolean
-
Access type: Read-only
This field is ignored.
-
-
Owner
-
-
Data type: string
-
Access type: Read-only
The owner of the firewall rule, as a SID.
-
-
Platforms
-
-
Data type: string array
-
Access type: Read-only
Specifies which platforms the rule is applicable on. If null, the rule applies to all platforms (the default). Each entry takes the form Major.Minor+, for instance 6.0, 6.1+, or 6.2. If + is specified, then it means that the rule applies to that version or greater. For instance, Windows Vista could be represented as 6 or 6.0, and Windows 7 or later would be represented as 6.1+. + may only be attached to the final item in the list. 6.0+ is not valid because it means the same thing as null (all platforms).
-
-
PolicyDecisionStrategy
-
-
Data type: uint16
-
Access type: Read-only
This field is ignored.
-
-
PolicyKeywords
-
-
Data type: string array
-
Access type: Read-only
This field is ignored.
-
-
PolicyRoles
-
-
Data type: string array
-
Access type: Read-only
This field is ignored.
-
-
PolicyRuleName
-
-
Data type: string
-
Access type: Read-only
Reserved for internal use by the WMI provider only.
-
-
PolicyStoreSource
-
-
Data type: string
-
Access type: Read-only
If this object is retrieved from the ActiveStore, with the TracePolicyStoreSource option set, contains the path to the PolicyStore where this rule originally came from.
-
-
PolicyStoreSourceType
-
-
Data type: uint16
-
Access type: Read-only
If this object is retrieved from the ActiveStore, with the TracePolicyStoreSource option set, describes the type of PolicyStore where this rule originally came from.
-
-
PrimaryStatus
-
-
Data type: uint16
-
Access type: Read-only
PrimaryStatus provides a high level status value, intended to align with Red-Yellow-Green type representation of status. It should be used in conjunction with DetailedStatus to provide high level and detailed health status of the ManagedElement and its subcomponents. PrimaryStatus consists of one of the following values: Unknown, OK, Degraded or Error. "Unknown" indicates the implementation is in general capable of returning this property, but is unable to do so at this time. "OK" indicates the ManagedElement is functioning normally. "Degraded" indicates the ManagedElement is functioning below normal. "Error" indicates the ManagedElement is in an Error condition.
-
Unknown (0)
-
OK (1)
-
Degraded (2)
-
Error (3)
-
DMTF Reserved (..)
-
Vendor Reserved (0x8000.. )
-
-
Priority
-
-
Data type: uint16
-
Access type: Read-only
This field is ignored.
-
-
Profiles
-
-
Data type: uint16
-
Access type: Read-only
Which profiles this rule is active on.
-
Any (0)
-
Public (0x4)
-
Private (0x2)
-
Domain (0x1 )
-
-
RuleGroup
-
-
Data type: string
-
Access type: Read-only
The locale-independent name for the group that this rule belongs to. If this field is non-null, then Windows Firewall with Advanced Security assumes that this rule belongs to a Windows component or an installed application, and some parts of the rule are protected (including but not limited to the Name, Description, Program, and Service).
-
-
RuleUsage
-
-
Data type: string
-
Access type: Read-only
This field is ignored.
-
-
SequencedActions
-
-
Data type: uint16
-
Access type: Read-only
This field is ignored.
-
-
Status
-
-
Data type: string
-
Access type: Read-only
The detailed status of the rule, as a string.
-
-
StatusCode
-
-
Data type: uint32
-
Access type: Read-only
The detailed status of the rule, as a numeric error code.
-
-
SystemCreationClassName
-
-
Data type: string
-
Access type: Read-only
Reserved for internal use by the WMI provider only.
-
-
SystemName
-
-
Data type: string
-
Access type: Read-only
Reserved for internal use by the WMI provider only.
-
Requirements
| Minimum supported client |
Windows 8 |
| Minimum supported server |
Windows Server 2012 |
| Namespace |
Root\StandardCimv2 |
| MOF |
|
| DLL |
|