[英]Enhancement of PowerShell script to query ports on GPO within AsBuiltReport Framework
I got the current script (from this answer ) which I want to improve.我得到了我想要改进的当前脚本(来自这个答案)。
The script should retrieve the desired ports if they are enabled and allowed within the inbound direction.如果在入站方向内启用并允许,脚本应该检索所需的端口。 Filters for Action/Enabled/Direction work perfectly but I still need that the filters for the Local ports will retrieve only unique results within the defined ports but still show other ports as well.
Action/Enabled/Direction 的过滤器工作得很好,但我仍然需要 Local 端口的过滤器将仅检索定义端口内的唯一结果,但仍显示其他端口。
Additional question:附加问题:
` `
Get-NetFirewallRule -Action Allow -Enabled True -Direction Inbound |
Where-Object {
$portFilter = $PSItem | Get-NetFirewallPortFilter | Select-Object -Unique
$portFilter.LocalPort -match '^(80|135|139|445|5985|5986)$' -or
($portFilter.LocalPort -ge 49152 -and $portFilter.LocalPort -le 65535)} |
Format-Table Name,Profile,
Enabled,
Direction,
Action,
@{Name='Protocol';Expression={($PSItem | Get-NetFirewallPortFilter).Protocol}},
@{ Name='LocalPort'; Expression={$portFilter.LocalPort | Select-Object -Unique}},
@{Name='RemotePort';Expression={($PSItem | Get-NetFirewallPortFilter).RemotePort}}
` `
Thanks谢谢
I put the Select-Object -Unique before the filters to get only unique results.我将 Select-Object -Unique 放在过滤器之前以获得唯一的结果。
I put -match before the relevant ports and conditions for the range port.我将 -match 放在范围端口的相关端口和条件之前。
I expect the query to result unique values with the coming ports Ports 80 or 135 or 139 or 445 or 5985 or 5986 or range between 49152 and 65535我希望查询结果与即将到来的端口端口 80 或 135 或 139 或 445 或 5985 或 5986 或范围在 49152 和 65535 之间的唯一值
Here's how I would do it.这是我会怎么做。 Takes about 8 seconds.
大约需要 8 秒。 With invoke-command, pscomputername has the hostname, and there's also a runspaceid.
使用 invoke-command,pscomputername 有主机名,还有一个 runspaceid。 -pv is pipelinevariable.
-pv 是管道变量。 I have to put get.netfirewallrule inside % or foreach-object so it runs for every instance of the port info.
我必须将 get.netfirewallrule 放在 % 或 foreach-object 中,以便它针对端口信息的每个实例运行。
Annoying how localport can be an object array or a string with dashes or a word like 'Any'.令人恼火的是 localport 可以是 object 数组或带破折号的字符串或像“Any”这样的词。 Filtering them numerically is problemmatic.
用数字过滤它们是有问题的。
LocalPort type
--------- ----
546 System.String
{554, 8554-8558} System.Object[]
5000-5020 System.String
{554, 8554, 8555, 8556...} System.Object[]
{80, 443} System.Object[]
Any System.String
IPHTTPSIn System.String
PlayToDiscovery System.String
RPC System.String
RPCEPMap System.String
Teredo System.String
1024-65535
5000-5020
8554-8558
7200-17210
invoke-command localhost { Get-NetFirewallPortFilter |
? {
80 -in $_.localport -or
135 -in $_.localport -or
139 -in $_.localport -or
445 -in $_.localport -or
5985 -in $_.localport -or
5986 -in $_.localport -or
$(if($_.localport -as 'int') { ([int]$_.LocalPort -ge 49152 -and
[int]$_.LocalPort -le 65535) } )
} -pv port |
% { $_ | Get-NetFirewallRule } |
? { $_.action -eq 'allow' -and $_.enabled -eq $true -and
$_.direction -eq 'inbound' } |
select Name,Profile,Enabled,Direction,Action,
@{n='Protocol';e={$port.Protocol}},
@{n='Localport';e={$port.Localport}},
@{n='Remoteport';e={$port.Remoteport}} } | ft -a
Name Profile Enabled Direction Action Protocol Localport Remoteport PSComputerName RunspaceId
---- ------- ------- --------- ------ -------- --------- ---------- -------------- ----------
WINRM-HTTP-In-TCP-NoScope Domain, Private True Inbound Allow TCP 5985 Any localhost 8366c72c-e868-4e50-adb5-85c4deea3583
WINRM-HTTP-In-TCP Public True Inbound Allow TCP 5985 Any localhost 8366c72c-e868-4e50-adb5-85c4deea3583
IIS-WebServerRole-HTTP-In-TCP Any True Inbound Allow TCP 80 Any localhost 8366c72c-e868-4e50-adb5-85c4deea3583
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.