Get-NetFirewallrule|Get-Netfirewallportfilter are too slow









up vote
0
down vote

favorite












Do to much movement in Get-NetFirewallPortFilter.
IDK.. how to fastest..



$RuleCount = 0;
$total = (Get-NetFirewallRule).Count;
$testcount = 0;

Get-NetFirewallRule|ForEach-Object
$Rule = $_;
$portfilter = Get-NetFirewallPortFilter









share|improve this question























  • Define too slow.
    – Jeroen Heier
    Nov 11 at 6:08










  • at least 1min30secs..
    – Code
    Nov 11 at 7:00














up vote
0
down vote

favorite












Do to much movement in Get-NetFirewallPortFilter.
IDK.. how to fastest..



$RuleCount = 0;
$total = (Get-NetFirewallRule).Count;
$testcount = 0;

Get-NetFirewallRule|ForEach-Object
$Rule = $_;
$portfilter = Get-NetFirewallPortFilter









share|improve this question























  • Define too slow.
    – Jeroen Heier
    Nov 11 at 6:08










  • at least 1min30secs..
    – Code
    Nov 11 at 7:00












up vote
0
down vote

favorite









up vote
0
down vote

favorite











Do to much movement in Get-NetFirewallPortFilter.
IDK.. how to fastest..



$RuleCount = 0;
$total = (Get-NetFirewallRule).Count;
$testcount = 0;

Get-NetFirewallRule|ForEach-Object
$Rule = $_;
$portfilter = Get-NetFirewallPortFilter









share|improve this question















Do to much movement in Get-NetFirewallPortFilter.
IDK.. how to fastest..



$RuleCount = 0;
$total = (Get-NetFirewallRule).Count;
$testcount = 0;

Get-NetFirewallRule|ForEach-Object
$Rule = $_;
$portfilter = Get-NetFirewallPortFilter






powershell






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Nov 11 at 23:24









Ansgar Wiechers

138k12118181




138k12118181










asked Nov 11 at 6:04









Code

1




1











  • Define too slow.
    – Jeroen Heier
    Nov 11 at 6:08










  • at least 1min30secs..
    – Code
    Nov 11 at 7:00
















  • Define too slow.
    – Jeroen Heier
    Nov 11 at 6:08










  • at least 1min30secs..
    – Code
    Nov 11 at 7:00















Define too slow.
– Jeroen Heier
Nov 11 at 6:08




Define too slow.
– Jeroen Heier
Nov 11 at 6:08












at least 1min30secs..
– Code
Nov 11 at 7:00




at least 1min30secs..
– Code
Nov 11 at 7:00












1 Answer
1






active

oldest

votes

















up vote
3
down vote













You should expect this to take time, as you are asking the portfilter to check all its rules against the firewall rules, which just is checking all the rules against itself.



Example:



I don't know how many rules you are dealing with, but on my standalone system:



($total = (Get-NetFirewallRule).count)
783



($portfilter = Get-NetFirewallPortFilter).Count
783



This means that is code is running 1566 times (on my system), because you are asking the filter each one of its own rules against all 783 portfilter rules against the 783 firewall rules to create your object. ForLoops are just slow, and with 1566 passes, in my case, well you should gather how much this will add up.



If you did this for just one firewall rule, you'd get something like:



Measure-Command 
$RuleCount = 0
$testcount = 0
($total = (Get-NetFirewallRule).count)
($portfilter = Get-NetFirewallPortFilter).Count

ForEach($Rule in (Get-NetFirewallRule

Days : 0
Hours : 0
Minutes : 0
Seconds : 2 ********* * times the total needed passes
Milliseconds : 414
Ticks : 24149617
TotalDays : 2.79509456018519E-05
TotalHours : 0.000670822694444444
TotalMinutes : 0.0402493616666667
TotalSeconds : 2.4149617 **************
TotalMilliseconds : 2414.9617


If we tweak your code a bit more to show more information / progress, say like this...



Clear-Host
$total = (Get-NetFirewallRule).count
$total1 = (Get-NetFirewallPortFilter).Count

$RuleCount = 0

ForEach($Rule in (Get-NetFirewallRule | Select -First 3))

ForEach-Object
Write-host "Processing port rule $($_.Name)" -ForegroundColor Yellow

$testcount++
$perc1 = [Int]($testcount/$total1*100)
Write-Progress -Activity 'My Important Port rules' -PercentComplete $perc1 -Status $perc1 -Id 2

Write-Warning -Message "$testcount "



Processing firewall rule vm-monitoring-dcom
Processing port rule
...
WARNING: 783
Processing firewall rule vm-monitoring-icmpv4
Processing port rule
...
WARNING: 783
Processing firewall rule vm-monitoring-icmpv6
Processing port rule
...
WARNING: 783


… it should further illustrate what I am trying to say.



Then you have the limitations of your system itself, processor speed, memory resources / speed, any other processes you are running on your machine.



See this similar Q&A discussion:



How can I speed up PowerShell to get firewall rules on windows 10?



#Using a registry approach

param
(
[switch]$Local,
[switch]$GPO
)

# If no switches are set the script will default to local firewall rules
if (!($Local) -and !($Gpo))
$Local = $true

$RegistryKeys = @()

if ($Local) $RegistryKeys += 'Registry::HKLMSystemCurrentControlSetServicesSharedAccessParametersFirewallPolicyFirewallRules'
if ($GPO) $RegistryKeys += 'Registry::HKLMSoftwarePoliciesMicrosoftWindowsFirewallFirewallRules'

Foreach ($Key in $RegistryKeys)

if (Test-Path -Path $Key)

(Get-ItemProperty -Path $Key).PSObject.Members



and the link from that post as to:



2.2.2.19 Firewall Rule and the Firewall Rule Grammar Rule






share|improve this answer






















    Your Answer






    StackExchange.ifUsing("editor", function ()
    StackExchange.using("externalEditor", function ()
    StackExchange.using("snippets", function ()
    StackExchange.snippets.init();
    );
    );
    , "code-snippets");

    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "1"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader:
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    ,
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );













    draft saved

    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53246271%2fget-netfirewallruleget-netfirewallportfilter-are-too-slow%23new-answer', 'question_page');

    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes








    up vote
    3
    down vote













    You should expect this to take time, as you are asking the portfilter to check all its rules against the firewall rules, which just is checking all the rules against itself.



    Example:



    I don't know how many rules you are dealing with, but on my standalone system:



    ($total = (Get-NetFirewallRule).count)
    783



    ($portfilter = Get-NetFirewallPortFilter).Count
    783



    This means that is code is running 1566 times (on my system), because you are asking the filter each one of its own rules against all 783 portfilter rules against the 783 firewall rules to create your object. ForLoops are just slow, and with 1566 passes, in my case, well you should gather how much this will add up.



    If you did this for just one firewall rule, you'd get something like:



    Measure-Command 
    $RuleCount = 0
    $testcount = 0
    ($total = (Get-NetFirewallRule).count)
    ($portfilter = Get-NetFirewallPortFilter).Count

    ForEach($Rule in (Get-NetFirewallRule

    Days : 0
    Hours : 0
    Minutes : 0
    Seconds : 2 ********* * times the total needed passes
    Milliseconds : 414
    Ticks : 24149617
    TotalDays : 2.79509456018519E-05
    TotalHours : 0.000670822694444444
    TotalMinutes : 0.0402493616666667
    TotalSeconds : 2.4149617 **************
    TotalMilliseconds : 2414.9617


    If we tweak your code a bit more to show more information / progress, say like this...



    Clear-Host
    $total = (Get-NetFirewallRule).count
    $total1 = (Get-NetFirewallPortFilter).Count

    $RuleCount = 0

    ForEach($Rule in (Get-NetFirewallRule | Select -First 3))

    ForEach-Object
    Write-host "Processing port rule $($_.Name)" -ForegroundColor Yellow

    $testcount++
    $perc1 = [Int]($testcount/$total1*100)
    Write-Progress -Activity 'My Important Port rules' -PercentComplete $perc1 -Status $perc1 -Id 2

    Write-Warning -Message "$testcount "



    Processing firewall rule vm-monitoring-dcom
    Processing port rule
    ...
    WARNING: 783
    Processing firewall rule vm-monitoring-icmpv4
    Processing port rule
    ...
    WARNING: 783
    Processing firewall rule vm-monitoring-icmpv6
    Processing port rule
    ...
    WARNING: 783


    … it should further illustrate what I am trying to say.



    Then you have the limitations of your system itself, processor speed, memory resources / speed, any other processes you are running on your machine.



    See this similar Q&A discussion:



    How can I speed up PowerShell to get firewall rules on windows 10?



    #Using a registry approach

    param
    (
    [switch]$Local,
    [switch]$GPO
    )

    # If no switches are set the script will default to local firewall rules
    if (!($Local) -and !($Gpo))
    $Local = $true

    $RegistryKeys = @()

    if ($Local) $RegistryKeys += 'Registry::HKLMSystemCurrentControlSetServicesSharedAccessParametersFirewallPolicyFirewallRules'
    if ($GPO) $RegistryKeys += 'Registry::HKLMSoftwarePoliciesMicrosoftWindowsFirewallFirewallRules'

    Foreach ($Key in $RegistryKeys)

    if (Test-Path -Path $Key)

    (Get-ItemProperty -Path $Key).PSObject.Members



    and the link from that post as to:



    2.2.2.19 Firewall Rule and the Firewall Rule Grammar Rule






    share|improve this answer


























      up vote
      3
      down vote













      You should expect this to take time, as you are asking the portfilter to check all its rules against the firewall rules, which just is checking all the rules against itself.



      Example:



      I don't know how many rules you are dealing with, but on my standalone system:



      ($total = (Get-NetFirewallRule).count)
      783



      ($portfilter = Get-NetFirewallPortFilter).Count
      783



      This means that is code is running 1566 times (on my system), because you are asking the filter each one of its own rules against all 783 portfilter rules against the 783 firewall rules to create your object. ForLoops are just slow, and with 1566 passes, in my case, well you should gather how much this will add up.



      If you did this for just one firewall rule, you'd get something like:



      Measure-Command 
      $RuleCount = 0
      $testcount = 0
      ($total = (Get-NetFirewallRule).count)
      ($portfilter = Get-NetFirewallPortFilter).Count

      ForEach($Rule in (Get-NetFirewallRule

      Days : 0
      Hours : 0
      Minutes : 0
      Seconds : 2 ********* * times the total needed passes
      Milliseconds : 414
      Ticks : 24149617
      TotalDays : 2.79509456018519E-05
      TotalHours : 0.000670822694444444
      TotalMinutes : 0.0402493616666667
      TotalSeconds : 2.4149617 **************
      TotalMilliseconds : 2414.9617


      If we tweak your code a bit more to show more information / progress, say like this...



      Clear-Host
      $total = (Get-NetFirewallRule).count
      $total1 = (Get-NetFirewallPortFilter).Count

      $RuleCount = 0

      ForEach($Rule in (Get-NetFirewallRule | Select -First 3))

      ForEach-Object
      Write-host "Processing port rule $($_.Name)" -ForegroundColor Yellow

      $testcount++
      $perc1 = [Int]($testcount/$total1*100)
      Write-Progress -Activity 'My Important Port rules' -PercentComplete $perc1 -Status $perc1 -Id 2

      Write-Warning -Message "$testcount "



      Processing firewall rule vm-monitoring-dcom
      Processing port rule
      ...
      WARNING: 783
      Processing firewall rule vm-monitoring-icmpv4
      Processing port rule
      ...
      WARNING: 783
      Processing firewall rule vm-monitoring-icmpv6
      Processing port rule
      ...
      WARNING: 783


      … it should further illustrate what I am trying to say.



      Then you have the limitations of your system itself, processor speed, memory resources / speed, any other processes you are running on your machine.



      See this similar Q&A discussion:



      How can I speed up PowerShell to get firewall rules on windows 10?



      #Using a registry approach

      param
      (
      [switch]$Local,
      [switch]$GPO
      )

      # If no switches are set the script will default to local firewall rules
      if (!($Local) -and !($Gpo))
      $Local = $true

      $RegistryKeys = @()

      if ($Local) $RegistryKeys += 'Registry::HKLMSystemCurrentControlSetServicesSharedAccessParametersFirewallPolicyFirewallRules'
      if ($GPO) $RegistryKeys += 'Registry::HKLMSoftwarePoliciesMicrosoftWindowsFirewallFirewallRules'

      Foreach ($Key in $RegistryKeys)

      if (Test-Path -Path $Key)

      (Get-ItemProperty -Path $Key).PSObject.Members



      and the link from that post as to:



      2.2.2.19 Firewall Rule and the Firewall Rule Grammar Rule






      share|improve this answer
























        up vote
        3
        down vote










        up vote
        3
        down vote









        You should expect this to take time, as you are asking the portfilter to check all its rules against the firewall rules, which just is checking all the rules against itself.



        Example:



        I don't know how many rules you are dealing with, but on my standalone system:



        ($total = (Get-NetFirewallRule).count)
        783



        ($portfilter = Get-NetFirewallPortFilter).Count
        783



        This means that is code is running 1566 times (on my system), because you are asking the filter each one of its own rules against all 783 portfilter rules against the 783 firewall rules to create your object. ForLoops are just slow, and with 1566 passes, in my case, well you should gather how much this will add up.



        If you did this for just one firewall rule, you'd get something like:



        Measure-Command 
        $RuleCount = 0
        $testcount = 0
        ($total = (Get-NetFirewallRule).count)
        ($portfilter = Get-NetFirewallPortFilter).Count

        ForEach($Rule in (Get-NetFirewallRule

        Days : 0
        Hours : 0
        Minutes : 0
        Seconds : 2 ********* * times the total needed passes
        Milliseconds : 414
        Ticks : 24149617
        TotalDays : 2.79509456018519E-05
        TotalHours : 0.000670822694444444
        TotalMinutes : 0.0402493616666667
        TotalSeconds : 2.4149617 **************
        TotalMilliseconds : 2414.9617


        If we tweak your code a bit more to show more information / progress, say like this...



        Clear-Host
        $total = (Get-NetFirewallRule).count
        $total1 = (Get-NetFirewallPortFilter).Count

        $RuleCount = 0

        ForEach($Rule in (Get-NetFirewallRule | Select -First 3))

        ForEach-Object
        Write-host "Processing port rule $($_.Name)" -ForegroundColor Yellow

        $testcount++
        $perc1 = [Int]($testcount/$total1*100)
        Write-Progress -Activity 'My Important Port rules' -PercentComplete $perc1 -Status $perc1 -Id 2

        Write-Warning -Message "$testcount "



        Processing firewall rule vm-monitoring-dcom
        Processing port rule
        ...
        WARNING: 783
        Processing firewall rule vm-monitoring-icmpv4
        Processing port rule
        ...
        WARNING: 783
        Processing firewall rule vm-monitoring-icmpv6
        Processing port rule
        ...
        WARNING: 783


        … it should further illustrate what I am trying to say.



        Then you have the limitations of your system itself, processor speed, memory resources / speed, any other processes you are running on your machine.



        See this similar Q&A discussion:



        How can I speed up PowerShell to get firewall rules on windows 10?



        #Using a registry approach

        param
        (
        [switch]$Local,
        [switch]$GPO
        )

        # If no switches are set the script will default to local firewall rules
        if (!($Local) -and !($Gpo))
        $Local = $true

        $RegistryKeys = @()

        if ($Local) $RegistryKeys += 'Registry::HKLMSystemCurrentControlSetServicesSharedAccessParametersFirewallPolicyFirewallRules'
        if ($GPO) $RegistryKeys += 'Registry::HKLMSoftwarePoliciesMicrosoftWindowsFirewallFirewallRules'

        Foreach ($Key in $RegistryKeys)

        if (Test-Path -Path $Key)

        (Get-ItemProperty -Path $Key).PSObject.Members



        and the link from that post as to:



        2.2.2.19 Firewall Rule and the Firewall Rule Grammar Rule






        share|improve this answer














        You should expect this to take time, as you are asking the portfilter to check all its rules against the firewall rules, which just is checking all the rules against itself.



        Example:



        I don't know how many rules you are dealing with, but on my standalone system:



        ($total = (Get-NetFirewallRule).count)
        783



        ($portfilter = Get-NetFirewallPortFilter).Count
        783



        This means that is code is running 1566 times (on my system), because you are asking the filter each one of its own rules against all 783 portfilter rules against the 783 firewall rules to create your object. ForLoops are just slow, and with 1566 passes, in my case, well you should gather how much this will add up.



        If you did this for just one firewall rule, you'd get something like:



        Measure-Command 
        $RuleCount = 0
        $testcount = 0
        ($total = (Get-NetFirewallRule).count)
        ($portfilter = Get-NetFirewallPortFilter).Count

        ForEach($Rule in (Get-NetFirewallRule

        Days : 0
        Hours : 0
        Minutes : 0
        Seconds : 2 ********* * times the total needed passes
        Milliseconds : 414
        Ticks : 24149617
        TotalDays : 2.79509456018519E-05
        TotalHours : 0.000670822694444444
        TotalMinutes : 0.0402493616666667
        TotalSeconds : 2.4149617 **************
        TotalMilliseconds : 2414.9617


        If we tweak your code a bit more to show more information / progress, say like this...



        Clear-Host
        $total = (Get-NetFirewallRule).count
        $total1 = (Get-NetFirewallPortFilter).Count

        $RuleCount = 0

        ForEach($Rule in (Get-NetFirewallRule | Select -First 3))

        ForEach-Object
        Write-host "Processing port rule $($_.Name)" -ForegroundColor Yellow

        $testcount++
        $perc1 = [Int]($testcount/$total1*100)
        Write-Progress -Activity 'My Important Port rules' -PercentComplete $perc1 -Status $perc1 -Id 2

        Write-Warning -Message "$testcount "



        Processing firewall rule vm-monitoring-dcom
        Processing port rule
        ...
        WARNING: 783
        Processing firewall rule vm-monitoring-icmpv4
        Processing port rule
        ...
        WARNING: 783
        Processing firewall rule vm-monitoring-icmpv6
        Processing port rule
        ...
        WARNING: 783


        … it should further illustrate what I am trying to say.



        Then you have the limitations of your system itself, processor speed, memory resources / speed, any other processes you are running on your machine.



        See this similar Q&A discussion:



        How can I speed up PowerShell to get firewall rules on windows 10?



        #Using a registry approach

        param
        (
        [switch]$Local,
        [switch]$GPO
        )

        # If no switches are set the script will default to local firewall rules
        if (!($Local) -and !($Gpo))
        $Local = $true

        $RegistryKeys = @()

        if ($Local) $RegistryKeys += 'Registry::HKLMSystemCurrentControlSetServicesSharedAccessParametersFirewallPolicyFirewallRules'
        if ($GPO) $RegistryKeys += 'Registry::HKLMSoftwarePoliciesMicrosoftWindowsFirewallFirewallRules'

        Foreach ($Key in $RegistryKeys)

        if (Test-Path -Path $Key)

        (Get-ItemProperty -Path $Key).PSObject.Members



        and the link from that post as to:



        2.2.2.19 Firewall Rule and the Firewall Rule Grammar Rule







        share|improve this answer














        share|improve this answer



        share|improve this answer








        edited Nov 11 at 10:05

























        answered Nov 11 at 8:30









        postanote

        2,8631310




        2,8631310



























            draft saved

            draft discarded
















































            Thanks for contributing an answer to Stack Overflow!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid


            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.

            To learn more, see our tips on writing great answers.





            Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


            Please pay close attention to the following guidance:


            • Please be sure to answer the question. Provide details and share your research!

            But avoid


            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.

            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53246271%2fget-netfirewallruleget-netfirewallportfilter-are-too-slow%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            這個網誌中的熱門文章

            How to read a connectionString WITH PROVIDER in .NET Core?

            Node.js Script on GitHub Pages or Amazon S3

            Museum of Modern and Contemporary Art of Trento and Rovereto