PowerShell NetSh
Sometimes when you add 1 + 1 the result is greater than two. What I really means is that NetSh will teach you about PowerShell, and PowerShell will help you get the most from NetSh. As a bonus we are going to make sure the firewall is enabled.
Topics for PowerShell and NetSh
- Our Mission
- Example 1: NetSh and PowerShell.
Smoke and mirrors or the real deal? - Example 2: NetSh and PowerShell. Putting PowerShell to Work
- Example 3: Enable Remote Administration
♣
Our Mission – What is NetSh?
Network Shell, or NetSh is a built-in program, which interrogates the operating system for information about network objects. My examples will concentrate on just one aspect of NetSh, namely the firewall. However, NetSh has other useful ‘contexts’, for example, IpSec, interface, and NAP.
Let us step back, and take an overview of PowerShell and NetSh. In the examples on this page, PowerShell has only a minor role, it merely acts a ‘Shell’ to run NetSh commands. We could equally run NetSh in a cmd DOS box. Now the benefit of choosing PowerShell is that while we do some useful work setting the firewall, we can get to know the rhythm of its commands.
My thinking is that if you can just get started by using familiar operating system command in PowerShell, then you will be intrigued to know more, and gradually you will pick up PowerShell skills as you go about everyday tasks.
PowerShell Objectives
- To see how easy it is to create $variables.
- To appreciate the rhythm of the Verb-Noun cmdlets.
- To add simple error-correcting code.
Guy’s Advice
Either start with the basics in Example 1 (recommended), or else if you are in a hurry, cut to the chase, and head for Example 2.
PowerShell Pre-requisites and Checklist
In the case of Windows 7 and later, you don’t need to download any extra files, just: ‘Add Feature’ –> Windows PowerShell. However, for older operating systems, there are different versions of PowerShell for XP, Windows Server 2003 and Vista. For such legacy systems only, you need to download PowerShell from Microsoft’s site.
Once you have installed PowerShell 2.0 or later, I recommend choosing the ISE (Integrated Scripting Engine) version, it will save buying a text editor.
Example 1: NetSh and PowerShell. Smoke and mirrors or the real deal?
I have deliberately chosen NetSh as the vehicle for these simple PowerShell script, because I want to emphasise how easy it is to make the transition from the CMD ‘DOS box’, to PowerShell. Cynics would say we don’t PowerShell to configure the firewall, or even to use NetSh. My reply is that I would rather a script that did real work, than a vacuous ‘Hello World’ example.
# PowerShell NetSh command
Clear-Host
netsh firewall show opmode
Learning Points
Note 1: The key NetSh verb in this example is ‘show’, in the next example we are going to ‘Set’ the firewall’s operation mode.
Guy Recommends: A Free Trial of the Network Performance Monitor (NPM)
v11.5
SolarWinds’ Network Performance Monitor will help you discover what’s happening on your network. This utility will also guide you through troubleshooting; the dashboard will indicate whether the root cause is a broken link, faulty equipment or resource overload.
What I like best is the way NPM suggests solutions to network problems. Its also has the ability to monitor the health of individual VMware virtual machines. If you are interested in troubleshooting, and creating network maps, then I recommend that you try NPM now.
Download a free trial of Solarwinds’ Network Performance Monitor
Example 2: NetSh and PowerShell. Putting PowerShell to Work
In this example we are actually going to enable the firewall. We could have taken the same approach as Example 1 and just used one line of code:
netsh firewall set opmode enable enable (The first ‘enable’ is for the Domain Configuration, the second ‘enable’ is for the Standard Profile Configuration.)
However, I wanted to add simple error checking code courtesy of the if and ElseIf statements. To achieve this objective I put PowerShell to work and created the variable $Fw
# PowerShell Script to enable Remote Administration
Clear-Host
Write-Host "Firewall configuration for $env:computername"
$Fw = netsh firewall set opmode enable enable
$Fw
if($Fw -Match ‘ok’){write-Host "$env:username’s job is done"}
ElseIf($Fw -Match ‘requires elevation’) {write-Host "Call for an administrator"}
else{write-Host "Nothing happened"}
netsh firewall show opmode
Learning Points
Note 1: Observe the structure of PowerShell’s commands Verb-Noun cmdlets, for example, write-Host.
Note 2: Creating variables is easy, merely precede the name with the dollar sign. $Pw, in PowerShell there is no need to declare variables. Talking of variables $env corresponds to the built-in environmental variables, hence COMPUTERNAME or USERNAME.
Note 3: Trace how cleverly PowerShell interprets the variable in the speech marks. It always impresses me the way that the script engine interprets $env:username and then seamlessly let me add the apostrophe.
Guy Recommends: SolarWinds Engineer’s Toolset v10
This Engineer’s Toolset v10 provides a comprehensive console of 50 utilities for troubleshooting computer problems. Guy says it helps me monitor what’s occurring on the network, and each tool teaches me more about how the underlying system operates.
There are so many good gadgets; it’s like having free rein of a sweetshop. Thankfully the utilities are displayed logically: monitoring, network discovery, diagnostic, and Cisco tools. Try the SolarWinds Engineer’s Toolset now!
Download your fully functional trial copy of the Engineer’s Toolset v10
Example 3: Enable Remote Administration
NetSh also has the ability to configure services such as Remote Administration. Please investigate with this command: netsh firewall show service. There are two further pieces of information that we need to create this script. Firstly, the verb, or method ‘set’, secondly knowledge that the name of the service is precisely: remoteAdmin.
# PowerShell Script to enable Remote Administration
Clear-Host
Write-Host "Firewall Remote Administration for $env:computername"
$Fw = netsh firewall set service remoteAdmin enable
$Fw
if($Fw -Match ‘ok’){write-Host "$env:username’s job is done"}
ElseIf($Fw -Match ‘requires elevation’) {write-Host "Call for an administrator"}
else{write-Host "Failed to configure Remote Administration"}
netsh firewall show service
Learning Points
Note 1: When you study the output, be aware of two columns, the first column called ‘Mode’, and the second column called ‘Customized’. My point is that the ‘Mode’ is always enabled, whereas the ‘Customized’ maybe say ‘No’, meaning not customized.
Note 2: My greatest joy is if you modify this script to suit your own needs. There are dozens of ways of creating the same objective, not to mention zillions of ways of satisfying similar objectives. For example, scripts which disable instead of enable, working with different services.
Guy Recommends: Response Time Viewer for Wireshark
Here is a free tool to troubleshoot network connection and latency problems. Key concept: this is a free tool from SolarWinds that analyzes network packets captured by Wireshark (also a free tool).
When you inspect the data in the Response Time Dashboard, if you hover over an application such as Teredo or TCP, then you get an orange box showing a breakdown of network and application response times, note the 'Peak value' in addition to the 'Average'.
Download your free trial of SolarWinds Response Time Viewer for Wireshark
Where Next With NetSh?
The main purpose of this page is to get you started with PowerShell. I firmly believe that once you get success from a few simple command, you will be curiosity to achieve more with PowerShell. My second purpose is to provide examples to get you started scripting NetSh.
- The next step for NetSh is to investigate other ‘contexts’. Try researching with NetSh ?
- Apply what you have learned here to other built-in commands, for example IpConfig.
- As for PowerShell, expand your repertoire of commands by investigating objects such as Get-Process or Get-WmiObject -class xyz.
- See how to disable Windows 8 firewalls with a Group Policy.
- See more on firewall browsers.
Summary of PowerShell and NetSh
NetSh can help you learn about PowerShell, and PowerShell will help you get the most from NetSh As a bonus, I hope that you have identified way of using NetSh in your scripts and on your network.
If you like this page then please share it with your friends
See More Windows PowerShell Examples of Real-life Tasks
• PowerShell Tutorials • PowerShell Examples • IpConfig • Get-Counter • PowerShell NetSh
• Monitor Performance – PowerShell • PowerShell temp • PowerShell Delete Temporary files
• PowerShell WOL (Wake-on-Lan) • Services • Change Computer Description Registry
Please email me if you have a better example script. Also please report any factual mistakes, grammatical errors or broken links, I will be happy to correct the fault.
