msfw – a simple CLI solution to configuring the Windows Firewall.

msfw is A simple CLI solution to configuring the Windows Firewall
Goal: Provide a simple command line interface to the built-in Windows Firewall Why?
1. No complete command line solution for configuring or monitoring the Windows firewall
+-+ “netsh advfirewall” solution does not list rule results in a tabular format
+-+ “netsh advfirewall” does not work with group policy
-+++- If group policy enables firewall, “netsh” does not show firewall as running
-+++- If group policy pushes down rules, “netsh” does not show those rules
+-+ Missing search features (“find rules with any/any local ports and any/any remote ports” criteria)
2. Incomplete Logging features
+-+ Built-in firewall logging is disabled by default
+-+ Built-in firewall logging does not show executable associated with a blocked packet
+-+ No command line access to logs in a reasonable format

Note: in This Screen Capture we build and test Using Linux, but it running on windows 7 – 10

Requirements:
* Windows 7 or newer with .NET 3.5+
* For some functions, administrative privileges are required.
* Visual Studio for build from source.

Getting Started
On Windows, a network connection is assigned a “profile”: Domain, Private, or Public. The Microsoft firewall can be enabled/disabled for any or all profiles. Similarly, rules can be configured for any or all profiles.

> msfw -h
  status          Display firewall status.
  interface       Display included/excluded network interfaces.
  log             Display firewall log.
  rule            Display firewall rules.
  addrule         Add firewall rules.
  delrule         Delete firewall rules.
  updinterface    Update included/excluded interfaces.
  updlog          Enable/Disable firewall log.
  updstatus       Change firewall status.

> msfw status -h
  -p, --profile      (Default: ) Firewall profile.
  -i, --interface    (Default: False) List status by interface

> msfw interface -h
  -n, --interfacename    (Default: ) Interface Name

> msfw rule -h
  -l, --list        (Default: False) List out rules
  -c, --count       (Default: False) Count rules
  --scope           (Default: ) Include local and/or group policy rules
  --shortapp        (Default: False) Display executable name only in log output
  --string          (Default: False) Display rule as a string
  -p, --profile     (Default: ) Firewall profile.
  -n, --rulename    (Default: ) Rule Name
  --dir             (Default: ) Rule Direction [in, out]
  --status          (Default: enabled) Rule Status [enabled,disabled,all]
  --action          (Default: ) Rule Action [allow, block]
  --local           (Default: System.String[]) Rule Local Address and Ports
  --remote          (Default: System.String[]) Rule Remote Address and Ports
  --protocol        (Default: ) Rule Protocol
  --app             (Default: ) Rule Application or Service
  --ext             (Default: ) Rule Extended attributes

$ msfw log -h
  -s, --status    (Default: False) Display Status
  -l, --list      (Default: False) Display Blocked Connections
  -t, --tail      (Default: False) Tail Blocked Connections events
  --since         (Default: ) Filter by time since datetime string
  --last          (Default: ) Filter by time in last seconds, minutes, or hours
  --shortapp      (Default: False) Display executable name only in log output

> msfw addrule -h
  -p, --profile     (Default: ) Firewall profile.
  -n, --rulename    (Default: ) Rule Name. REQUIRED.
  --action          (Default: ) Rule Action [allow, block]. REQUIRED.
  --app             (Default: ) Rule Application or Service
  --dir             (Default: ) Rule Direction [in, out]. REQUIRED.
  --local           (Default: System.String[]) Rule Local Address and Ports
  --protocol        (Default: ) Rule Protocol
  --remote          (Default: System.String[]) Rule Remote Address and Ports
  --status          (Default: enabled) Rule Status [enabled,disabled,all]
  --scope           (Default: ) Include local and/or group policy rules

$ msfw delrule -h
  -n, --rulename        (Default: ) Rule Name
  --alllocaldisabled    (Default: False) Delete all local disabled rules

> msfw updinterface -h
  -p, --profile          (Default: ) Firewall profile.
  -n, --interfacename    (Default: ) Interface Name
  -e, --exclude          (Default: False) Exclude this interface
  -i, --include          (Default: False) Include this interface

$ msfw updlog -h
  -e, --enable     (Default: False) Enable log
  -d, --disable    (Default: False) Disable log  

> msfw updstatus -h
  -p, --profile     (Default: ) Firewall profile.
  -s, --status      (Default: ) TODO: Enabled/Disable Firewall [enable,disable]
  -i, --inbound     (Default: ) Set default inbound action [allow,block]
  -o, --outbound    (Default: ) Set default outbound action [allow,block]

Build and Download from source:

git clone https://github.com/caesarshift/msfw
cd msfw

right click msfw.sln and Open with Visual Studio
Build Solution
or

Download Stable Version: 0.2.zip
Source: https://github.com/caesarshift