- 📢 Scan Windows Firewall Rules to find "Inbound" rules.
- 🎵 If an "inbound" rule is found, an alert/pop-up is sent to the user.
- 🎤 Best used in scenarios for Group Policy login/out scripts or with the Task Scheduler.
- 🎷 Task Scheduler: On Event (Microsoft-Windows-Windows Firewall With Advanced Security/Firewall/2004-2005-2006)
- 2004 - A rule has been added to the Windows Defender Firewall exception list.
- 2005 - A rule has been modified in the Windows Defender Firewall exception list.
- 2006 - A rule has been deleted in the Windows Defender Firewall exception list.
- If any of these events happens, the above script can be used to send the user a pop-up.
- Requires no external programs and the pop-up can pop instantly when a change is made.
-
I added the batch script to make it work under "Task Scheduler", thanks to Stack Overflow.
-
Edit the .batch_script to run the \Path\Popup.ps1 then you can add it (run.bat) in Task Scheduler.
-
Anytime a rule is found in the inbound section, you'll get a pop-up to verify it, if it's ok, don't make any changes to it.
-
Message me for any question/features that you may want me to add-in!
- Place the Popup.ps1 script somewhere you can access & copy the path.
- Right-click on "run-ps-startup.bat", Edit.
- Use the path you copied earlier.
- Paste the path to Popup.ps1 inside the batch file
- (replace the line after -File) ""%SYSTEMROOT%\System32\GroupPolicy\User\Scripts\Logon\Popup.ps1""
- Schedule a task OR a login/out job for the Policy & test the magic!
- I kept getting inbound rules added/modified silently in the background and found that annoying. Here's a simple, no download, fix to it. You can copy/paste the code if that's more convenient.