Windows Firewall profile entry

Operating System

https://docs.microsoft.com/en-us/previous-versions/windows/desktop/wfascimprov/msft-netfirewallprofile

Use MQL in cnspec shell or policy:

windows.firewall.profile

Min version: 5.15.0

Relationships

Operating System

2 resources · 2 relationships·Click to select, expand fields to see properties.

Fields (18)

Field	Type	Description
`allowInboundRules`required	int	Whether administrators can create firewall rules that allow unsolicited inbound traffic (if 0, such rules are ignored)
`allowLocalFirewallRules`required	int	Whether local firewall rules should merge into the effective policy along with group policy settings
`allowLocalIPsecRules`required	int	Whether local IPsec rules should merge into the effective policy along with rules from group policy
`allowUnicastResponseToMulticast`required	int	Whether to allow unicast responses to multicast traffic
`allowUserApps`required	int	Whether to respect user allowed applications created in the legacy firewall
`allowUserPorts`required	int	Whether to respect globally opened ports created in the legacy firewall
`defaultInboundAction`required	int	Default action for inbound traffic
`defaultOutboundAction`required	int	Default action for outbound traffic
`enabled`required	int	Whether the firewall is enabled on this profile
`enableStealthModeForIPsec`required	int	Whether to use stealth mode for IPsec-protected traffic
`instanceID`required	string	-
`logAllowed`required	int	Whether to log allowed packets
`logBlocked`required	int	Whether to log blocked traffic
`logFileName`required	string	Filename in which to store the firewall log
`logIgnored`required	int	Whether to log an event when rules are ignored
`logMaxSizeKilobytes`required	int	Maximum size the log file can reach before being rotated
`name`required	string	Name of the profile
`notifyOnListen`required	int	Whether to notify users when an application listens on a port that is closed