加速powershell的remove-netfirewallrule

时间:2016-11-15 22:10:09

标签: powershell firewall

我需要使用PowerShell删除Windows 10中许多与Metro应用程序相关的防火墙规则。与netsh或regedit相比,它似乎非常缓慢。无论如何要加快速度?

# clean firewall rules, deleting profile doesn't get rid of them

# string (sid) 45 in length, no existing profiles
# 9000 rules take about 90 minutes to delete    

$profiles = get-wmiobject -class win32_userprofile

# I'm only dumping to a file to convert pscustomobject to string for sort
get-netfirewallrule -all | select-object -property owner > out

$list = get-content out | sort-object | get-unique | where-object { $_.trim().length -eq 45  -and $profiles.sid -notcontains $_ }

foreach($i in $list) {$i 
  remove-netfirewallrule -owner $i}

# about 65 rules per user here
echo ConfigurableServiceStore
get-netfirewallrule -all -policystore configurableservicestore | select-object -property owner > out

$list = get-content out | sort-object | get-unique | where-object { $_.trim().length -eq 45  -and $profiles.sid -notcontains $_ }

foreach($i in $list) {$i 
  remove-netfirewallrule -policystore configurableservicestore -owner $i}

3 个答案:

答案 0 :(得分:3)

编辑:我已将Select-Object -Property Owner更新为Select-Object -ExpandProperty Owner$_仅包含所有者属性:

$SID = (get-wmiobject -class win32_userprofile).SID

Write-Host "Getting Firewall Rules"
$Rules = Get-NetFirewallRule -All | Select-Object -ExpandProperty Owner -Unique | Where-Object { $SID -notcontains $_ }

Write-Host "Getting Firewall Rules from ConfigurableServiceStore Store"
$ConfigurableServiceStore = Get-NetFirewallRule -All -PolicyStore ConfigurableServiceStore | Select-Object -ExpandProperty Owner -Unique | Where-Object { $SID -notcontains $_ }

Write-Host "Deleting Firewall Rules:" -ForegroundColor Green
foreach($Owner in $Rules) {
    Write-Host "Deleting Rules with Owner: $Owner"
    Remove-NetFirewallRule -Owner $Owner
}

Write-Host "Deleting Firewall Rules from ConfigurableServiceStore Store:" -ForegroundColor Green
foreach($Rule in $ConfigurableServiceStore) {
    Write-Host "Deleting Rules with Owner: $Owner"
    Remove-NetFirewallRule -PolicyStore ConfigurableServiceStore -Owner $Owner
}

答案 1 :(得分:0)

感谢您的帮助。但在这种情况下,remove-netfirewallrule只是不切实际(slowww)。对我来说,唯一的解决方案是使用remove-itemproperty(注册表)代替。这是我正在使用的当前脚本。进度条让我有点疯狂。差异是一小时与天。我可能会删除10,000 - 100,000个防火墙规则!

编辑:在最新版本的Windows 10中,“HKLM:\ System \ CurrentControlSet \ Services \ SharedAccess \ Parameters \ FirewallPolicy \ RestrictedServices \ Configurable \ System”已更改为:“HKLM:\ SYSTEM \ CurrentControlSet \ Services \ SharedAccess \参数\ FirewallPolicy \ RestrictedServices \ AppIso \ FirewallRules“并且无法通过get-netfirewallrule检索。

EDIT2:如果该AppIso注册表项太大,搜索和开始菜单就会中断。

$profiles = get-wmiobject -class win32_userprofile

Write-Host "Getting Firewall Rules"

# deleting rules with no owner would be disastrous
$Rules = Get-NetFirewallRule -All | 
  Where-Object {$profiles.sid -notcontains $_.owner -and $_.owner }

Write-Host "Getting Firewall Rules from ConfigurableServiceStore Store"

$rules2 = Get-NetFirewallRule -All -PolicyStore ConfigurableServiceStore | 
  Where-Object { $profiles.sid -notcontains $_.owner -and $_.owner }

$total = $rules.count + $rules2.count
Write-Host "Deleting" $total "Firewall Rules:" -ForegroundColor Green

$result = measure-command {

  # tracking
  $start = Get-Date; $i = 0.0 ; 
  # $total = $rules.Count

  foreach($rule in $rules){

    # action
    remove-itemproperty -path "HKLM:\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules" -name $rule.name

    # progress
    $i = $i + 1.0
    $prct = $i / $total * 100.0
    $elapsed = (Get-Date) - $start; 
    $totaltime = ($elapsed.TotalSeconds) / ($prct / 100.0)
    $remain = $totaltime - $elapsed.TotalSeconds
    $eta = (Get-Date).AddSeconds($remain)

    # display
    $prctnice = [math]::round($prct,2) 
    $elapsednice = $([string]::Format("{0:d2}:{1:d2}:{2:d2}", $elapsed.hours, $elapsed.minutes, $elapsed.seconds))
    $speed = $i/$elapsed.totalminutes
    $speednice = [math]::round($speed,2) 
    Write-Progress -Activity "Deleting rules ETA $eta elapsed $elapsednice loops/min $speednice" -Status "$prctnice" -PercentComplete $prct -secondsremaining $remain
  }


  # tracking
  # $start = Get-Date; $i = 0 ; $total = $rules2.Count

  foreach($rule2 in $rules2) {

    # action  
    remove-itemproperty -path "HKLM:\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable\System" -name $rule2.name

    # progress
    $i = $i + 1.0
    $prct = $i / $total * 100.0
    $elapse = (Get-Date) - $start; 
    $totaltime = ($elapsed.TotalSeconds) / ($prct / 100.0)
    $remain = $totaltime - $elapsed.TotalSeconds
    $eta = (Get-Date).AddSeconds($remain)

    # display
    $prctnice = [math]::round($prct,2) 
    $elapsednice = $([string]::Format("{0:d2}:{1:d2}:{2:d2}", $elapsed.hours, $elapsed.minutes, $elapsed.seconds))
    $speed = $i/$elapsed.totalminutes
    $speednice = [math]::round($speed,2) 
    Write-Progress -Activity "Deleting rules2 ETA $eta elapsed $elapsednice loops/min $speednice" -Status "$prctnice" -PercentComplete $prct -secondsremaining $remain
  }
}

$end = get-date
write-host end $end 
write-host eta $eta

write-host $result.minutes min $result.seconds sec

答案 2 :(得分:0)

如果太多的防火墙规则无法处理规则2,那么您将摆脱服务器2016上的存储错误。

首先删除注册表项,然后在事实解决后使用此脚本进行维护。

相关问题
最新问题