Enable/Disable Firewall Rules for 'Application Packages' using CMD?

  1. Thelps's Avatar
    Posts : 106
    Windows
       #1

    Enable/Disable Firewall Rules for 'Application Packages' using CMD?


    Hi all,

    I'm trying to use the CMD prompt command

    Netsh AdvFirewall Firewall SET RULE name="name" NEW...


    I'm trying to configure the Firewall Rules associated with the application packages found in "C:\Program Files\WindowsApps".

    However, for some reason, the usual CMD syntax to SET an existing firewall rule simply returns the error:

    No rules match the specified criteria

    This used to work in older versions of Windows 10. However, it doesn't work in Version 1909.

    Can someone explain how to use CMD Prompt to configure the pre-existing Firewall Rules that apply to Windows Apps?

    EDIT:

    The following command (using the Group= keyword) works:

    Netsh AdvFirewall Firewall Set Rule Group="3D Viewer" New Enable=no works fine.

    BUT

    Netsh AdvFirewall Firewall Set Rule Name="3D Viewer" New Enable=no

    returns 'No rules match the specfified criteria'.

    EDIT #2

    I have dumped the firewall rules to a .txt file.

    The rules that won't edit with the CMD prompt Netsh command all have names similar to the following in the .txt file:

    @{Microsoft.Microsoft3DViewer_5.1902.20012.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Microsoft3DViewer/Common.View.UWP/Resources/StoreAppName}

    When i supply these names under the Name= keyword field I still receive the No rules match the specified criteria error.

    EDIT #3

    Checking the Registry keys at:

    HKLM\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules

    Reveals that the rule I'm using as an example(3D Viewer) has the "name="field containing the above loooooong string from EDIT #2.

    Changing that stringto "3D Viewer"makes the rule editable using the syntax I've supplied (netsh AdvFirewall Firewall Set Rule).

    This doesn't solve my problem (now need to edit the registry keys for each of these 'broken' rule names) but it's a step in the right direction...
    Last edited by Thelps; 27 Mar 2020 at 07:07.
      My Computer

  2. Macboatmaster's Avatar
    Posts : 865
    10, 8.1 and 7 all Professional versions, and Linux Mint
       #2

    I realise you asked for how to use cmd prompt and I do not know yet the answer to that, but could you not establish the new rule using settings and the provided method as per my screenshot
    Settings - update and security - windows security - on main pane Firewall and network protection and then scroll to advanced settings
    Attached Thumbnails Attached Thumbnails Enable/Disable Firewall Rules for 'Application Packages' using CMD?-untitled.png  
      My Computer

  3. Thelps's Avatar
    Posts : 106
    Windows
    Thread Starter
       #3

    Macboatmaster said:
    I realise you asked for how to use cmd prompt and I do not know yet the answer to that, but could you not establish the new rule using settings and the provided method as per my screenshot
    Settings - update and security - windows security - on main pane Firewall and network protection and then scroll to advanced settings
    Yes, I know how to do it that way, but it's not an option because of what I'm trying to achieve.

    I really need a way to do it with CMD Prompt.
      My Computer

  4. Macboatmaster's Avatar
    Posts : 865
    10, 8.1 and 7 all Professional versions, and Linux Mint
       #4

    Cheers
    I wrongly surmised that you had perhaps not explored the advanced settings and therefore not seen the option to create a new rule and the sub-heading options for what type of rule etc.

    I regret I cannot offer advice on the cmd prompt for the purpose you wish, from my personal experience of it.
    However I suspect your syntax to be wrong
    Netsh AdvFirewall MainMode Commands

    please see Set rule and then scroll down as you need and parameters are explained.
      My Computer

  5. Thelps's Avatar
    Posts : 106
    Windows
    Thread Starter
       #5

    Macboatmaster said:
    Cheers
    I wrongly surmised that you had perhaps not explored the advanced settings and therefore not seen the option to create a new rule and the sub-heading options for what type of rule etc.

    I regret I cannot offer advice on the cmd prompt for the purpose you wish, from my personal experience of it.
    However I suspect your syntax to be wrong
    Netsh AdvFirewall MainMode Commands

    please see Set rule and then scroll down as you need and parameters are explained.
    The following command results in No rules match the specified criteria :

    netsh advfirewall firewall set rule name="Feedback Hub" new profile=domain,private protocol=any localport=any dir=out action=block enable=yes

    This exact syntax works for other rules, but not for rules that manage Windows Apps. For whatever reason Windows Apps report the above error message when modifying built-in rules associated with them in the firewall.
      My Computer

  6. Macboatmaster's Avatar
    Posts : 865
    10, 8.1 and 7 all Professional versions, and Linux Mint
       #6

    I thought it was NOT
    netsh advfirewall firewall set rule name="Feedback Hub"

    but

    netsh advfirewall firewall set rule "Feedback Hub"

    UNLESS I am confused and the emboldened is not actually your cmd syntax that you entered at the cmd window
    I did not know you actually typed
    name and =


    as I said before I am not an expert in this issue- and originally posted simply to offer the settings possibility
    From my brief time on this site I am sure someone with greater knowledge than me, of the correct cmd syntax will reply.

    Good luck with it.
      My Computer

  7. Thelps's Avatar
    Posts : 106
    Windows
    Thread Starter
       #7

    Macboatmaster said:
    I thought it was NOT
    netsh advfirewall firewall set rule name="Feedback Hub"

    but

    netsh advfirewall firewall set rule "Feedback Hub"

    UNLESS I am confused and the emboldened is not actually your cmd syntax that you entered at the cmd window
    I did not know you actually typed
    name and =


    as I said before I am not an expert in this issue- and originally posted simply to offer the settings possibility
    From my brief time on this site I am sure someone with greater knowledge than me, of the correct cmd syntax will reply.

    Good luck with it.
    Both syntaxes produce the same result:

    No rules match the specified criteria.
      My Computer

  8. Macboatmaster's Avatar
    Posts : 865
    10, 8.1 and 7 all Professional versions, and Linux Mint
       #8

    As I said - I hope you get it sorted
      My Computer

  9. Thelps's Avatar
    Posts : 106
    Windows
    Thread Starter
       #9

    Update:

    If I specify the rule using the group= keyword then the rule(s) update.

    Unfortunately the group= keyword only lets me enable/disable rules. It won't let me modify them in any way.

    Can anyone suggest if this indicates the cause of the problem?

    Example:

    Netsh AdvFirewall Firewall Set Rule Group="3D Viewer" New Enable=no works fine.

    BUT

    Netsh AdvFirewall Firewall Set Rule Name="3D Viewer" New Enable=no

    returns 'No rules match the specified criteria'.
    Last edited by Thelps; 25 Mar 2020 at 08:24.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 12:22.
Find Us




Windows 10 Forums