Get-NetFirewallrule|Get-Netfirewallportfilter are too slow
up vote
0
down vote
favorite
Do to much movement in Get-NetFirewallPortFilter.
IDK.. how to fastest..
$RuleCount = 0;
$total = (Get-NetFirewallRule).Count;
$testcount = 0;
Get-NetFirewallRule|ForEach-Object
$Rule = $_;
$portfilter = Get-NetFirewallPortFilter
powershell
edited Nov 11 at 23:24
Ansgar Wiechers
138k12118181
asked Nov 11 at 6:04
Code
1
add a comment |
up vote
0
down vote
favorite
Do to much movement in Get-NetFirewallPortFilter.
IDK.. how to fastest..
$RuleCount = 0;
$total = (Get-NetFirewallRule).Count;
$testcount = 0;
Get-NetFirewallRule|ForEach-Object
$Rule = $_;
$portfilter = Get-NetFirewallPortFilter
powershell
edited Nov 11 at 23:24
Ansgar Wiechers
138k12118181
asked Nov 11 at 6:04
Code
1
Define too slow.
– Jeroen Heier
Nov 11 at 6:08
at least 1min30secs..
– Code
Nov 11 at 7:00
add a comment |
up vote
0
down vote
favorite
up vote
0
down vote
favorite
Do to much movement in Get-NetFirewallPortFilter.
IDK.. how to fastest..
$RuleCount = 0;
$total = (Get-NetFirewallRule).Count;
$testcount = 0;
Get-NetFirewallRule|ForEach-Object
$Rule = $_;
$portfilter = Get-NetFirewallPortFilter
powershell
edited Nov 11 at 23:24
Ansgar Wiechers
138k12118181
asked Nov 11 at 6:04
Code
1
Do to much movement in Get-NetFirewallPortFilter.
IDK.. how to fastest..
$RuleCount = 0;
$total = (Get-NetFirewallRule).Count;
$testcount = 0;
Get-NetFirewallRule|ForEach-Object
$Rule = $_;
$portfilter = Get-NetFirewallPortFilter
powershell
powershell
edited Nov 11 at 23:24
Ansgar Wiechers
138k12118181
asked Nov 11 at 6:04
Code
1
edited Nov 11 at 23:24
Ansgar Wiechers
138k12118181
asked Nov 11 at 6:04
Code
1
edited Nov 11 at 23:24
Ansgar Wiechers
138k12118181
edited Nov 11 at 23:24
Ansgar Wiechers
138k12118181
edited Nov 11 at 23:24
Ansgar Wiechers
138k12118181
138k12118181
asked Nov 11 at 6:04
Code
1
asked Nov 11 at 6:04
Code
1
asked Nov 11 at 6:04
Code
1
1
Define too slow.
– Jeroen Heier
Nov 11 at 6:08
at least 1min30secs..
– Code
Nov 11 at 7:00
add a comment |
Define too slow.
– Jeroen Heier
Nov 11 at 6:08
at least 1min30secs..
– Code
Nov 11 at 7:00
Define too slow.
– Jeroen Heier
Nov 11 at 6:08
Define too slow.
– Jeroen Heier
Nov 11 at 6:08
at least 1min30secs..
– Code
Nov 11 at 7:00
at least 1min30secs..
– Code
Nov 11 at 7:00
add a comment |
1 Answer
1
active
oldest
votes
up vote
3
down vote
You should expect this to take time, as you are asking the portfilter to check all its rules against the firewall rules, which just is checking all the rules against itself.
Example:
I don't know how many rules you are dealing with, but on my standalone system:
($total = (Get-NetFirewallRule).count)
783
($portfilter = Get-NetFirewallPortFilter).Count
783
This means that is code is running 1566 times (on my system), because you are asking the filter each one of its own rules against all 783 portfilter rules against the 783 firewall rules to create your object. ForLoops are just slow, and with 1566 passes, in my case, well you should gather how much this will add up.
If you did this for just one firewall rule, you'd get something like:
Measure-Command
$RuleCount = 0
$testcount = 0
($total = (Get-NetFirewallRule).count)
($portfilter = Get-NetFirewallPortFilter).Count
ForEach($Rule in (Get-NetFirewallRule
Days : 0
Hours : 0
Minutes : 0
Seconds : 2 ********* * times the total needed passes
Milliseconds : 414
Ticks : 24149617
TotalDays : 2.79509456018519E-05
TotalHours : 0.000670822694444444
TotalMinutes : 0.0402493616666667
TotalSeconds : 2.4149617 **************
TotalMilliseconds : 2414.9617
If we tweak your code a bit more to show more information / progress, say like this...
Clear-Host
$total = (Get-NetFirewallRule).count
$total1 = (Get-NetFirewallPortFilter).Count
$RuleCount = 0
ForEach($Rule in (Get-NetFirewallRule | Select -First 3))
ForEach-Object
Write-host "Processing port rule $($_.Name)" -ForegroundColor Yellow
$testcount++
$perc1 = [Int]($testcount/$total1*100)
Write-Progress -Activity 'My Important Port rules' -PercentComplete $perc1 -Status $perc1 -Id 2
Write-Warning -Message "$testcount "
Processing firewall rule vm-monitoring-dcom
Processing port rule
...
WARNING: 783
Processing firewall rule vm-monitoring-icmpv4
Processing port rule
...
WARNING: 783
Processing firewall rule vm-monitoring-icmpv6
Processing port rule
...
WARNING: 783
… it should further illustrate what I am trying to say.
Then you have the limitations of your system itself, processor speed, memory resources / speed, any other processes you are running on your machine.
See this similar Q&A discussion:
How can I speed up PowerShell to get firewall rules on windows 10?
#Using a registry approach
param
(
[switch]$Local,
[switch]$GPO
)
# If no switches are set the script will default to local firewall rules
if (!($Local) -and !($Gpo))
$Local = $true
$RegistryKeys = @()
if ($Local) $RegistryKeys += 'Registry::HKLMSystemCurrentControlSetServicesSharedAccessParametersFirewallPolicyFirewallRules'
if ($GPO) $RegistryKeys += 'Registry::HKLMSoftwarePoliciesMicrosoftWindowsFirewallFirewallRules'
Foreach ($Key in $RegistryKeys)
if (Test-Path -Path $Key)
(Get-ItemProperty -Path $Key).PSObject.Members
and the link from that post as to:
2.2.2.19 Firewall Rule and the Firewall Rule Grammar Rule
answered Nov 11 at 8:30
postanote
2,8631310
add a comment |
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
3
down vote
You should expect this to take time, as you are asking the portfilter to check all its rules against the firewall rules, which just is checking all the rules against itself.
Example:
I don't know how many rules you are dealing with, but on my standalone system:
($total = (Get-NetFirewallRule).count)
783
($portfilter = Get-NetFirewallPortFilter).Count
783
This means that is code is running 1566 times (on my system), because you are asking the filter each one of its own rules against all 783 portfilter rules against the 783 firewall rules to create your object. ForLoops are just slow, and with 1566 passes, in my case, well you should gather how much this will add up.
If you did this for just one firewall rule, you'd get something like:
Measure-Command
$RuleCount = 0
$testcount = 0
($total = (Get-NetFirewallRule).count)
($portfilter = Get-NetFirewallPortFilter).Count
ForEach($Rule in (Get-NetFirewallRule
Days : 0
Hours : 0
Minutes : 0
Seconds : 2 ********* * times the total needed passes
Milliseconds : 414
Ticks : 24149617
TotalDays : 2.79509456018519E-05
TotalHours : 0.000670822694444444
TotalMinutes : 0.0402493616666667
TotalSeconds : 2.4149617 **************
TotalMilliseconds : 2414.9617
If we tweak your code a bit more to show more information / progress, say like this...
Clear-Host
$total = (Get-NetFirewallRule).count
$total1 = (Get-NetFirewallPortFilter).Count
$RuleCount = 0
ForEach($Rule in (Get-NetFirewallRule | Select -First 3))
ForEach-Object
Write-host "Processing port rule $($_.Name)" -ForegroundColor Yellow
$testcount++
$perc1 = [Int]($testcount/$total1*100)
Write-Progress -Activity 'My Important Port rules' -PercentComplete $perc1 -Status $perc1 -Id 2
Write-Warning -Message "$testcount "
Processing firewall rule vm-monitoring-dcom
Processing port rule
...
WARNING: 783
Processing firewall rule vm-monitoring-icmpv4
Processing port rule
...
WARNING: 783
Processing firewall rule vm-monitoring-icmpv6
Processing port rule
...
WARNING: 783
… it should further illustrate what I am trying to say.
Then you have the limitations of your system itself, processor speed, memory resources / speed, any other processes you are running on your machine.
See this similar Q&A discussion:
How can I speed up PowerShell to get firewall rules on windows 10?
#Using a registry approach
param
(
[switch]$Local,
[switch]$GPO
)
# If no switches are set the script will default to local firewall rules
if (!($Local) -and !($Gpo))
$Local = $true
$RegistryKeys = @()
if ($Local) $RegistryKeys += 'Registry::HKLMSystemCurrentControlSetServicesSharedAccessParametersFirewallPolicyFirewallRules'
if ($GPO) $RegistryKeys += 'Registry::HKLMSoftwarePoliciesMicrosoftWindowsFirewallFirewallRules'
Foreach ($Key in $RegistryKeys)
if (Test-Path -Path $Key)
(Get-ItemProperty -Path $Key).PSObject.Members
and the link from that post as to:
2.2.2.19 Firewall Rule and the Firewall Rule Grammar Rule
answered Nov 11 at 8:30
postanote
2,8631310
add a comment |
up vote
3
down vote
You should expect this to take time, as you are asking the portfilter to check all its rules against the firewall rules, which just is checking all the rules against itself.
Example:
I don't know how many rules you are dealing with, but on my standalone system:
($total = (Get-NetFirewallRule).count)
783
($portfilter = Get-NetFirewallPortFilter).Count
783
This means that is code is running 1566 times (on my system), because you are asking the filter each one of its own rules against all 783 portfilter rules against the 783 firewall rules to create your object. ForLoops are just slow, and with 1566 passes, in my case, well you should gather how much this will add up.
If you did this for just one firewall rule, you'd get something like:
Measure-Command
$RuleCount = 0
$testcount = 0
($total = (Get-NetFirewallRule).count)
($portfilter = Get-NetFirewallPortFilter).Count
ForEach($Rule in (Get-NetFirewallRule
Days : 0
Hours : 0
Minutes : 0
Seconds : 2 ********* * times the total needed passes
Milliseconds : 414
Ticks : 24149617
TotalDays : 2.79509456018519E-05
TotalHours : 0.000670822694444444
TotalMinutes : 0.0402493616666667
TotalSeconds : 2.4149617 **************
TotalMilliseconds : 2414.9617
If we tweak your code a bit more to show more information / progress, say like this...
Clear-Host
$total = (Get-NetFirewallRule).count
$total1 = (Get-NetFirewallPortFilter).Count
$RuleCount = 0
ForEach($Rule in (Get-NetFirewallRule | Select -First 3))
ForEach-Object
Write-host "Processing port rule $($_.Name)" -ForegroundColor Yellow
$testcount++
$perc1 = [Int]($testcount/$total1*100)
Write-Progress -Activity 'My Important Port rules' -PercentComplete $perc1 -Status $perc1 -Id 2
Write-Warning -Message "$testcount "
Processing firewall rule vm-monitoring-dcom
Processing port rule
...
WARNING: 783
Processing firewall rule vm-monitoring-icmpv4
Processing port rule
...
WARNING: 783
Processing firewall rule vm-monitoring-icmpv6
Processing port rule
...
WARNING: 783
… it should further illustrate what I am trying to say.
Then you have the limitations of your system itself, processor speed, memory resources / speed, any other processes you are running on your machine.
See this similar Q&A discussion:
How can I speed up PowerShell to get firewall rules on windows 10?
#Using a registry approach
param
(
[switch]$Local,
[switch]$GPO
)
# If no switches are set the script will default to local firewall rules
if (!($Local) -and !($Gpo))
$Local = $true
$RegistryKeys = @()
if ($Local) $RegistryKeys += 'Registry::HKLMSystemCurrentControlSetServicesSharedAccessParametersFirewallPolicyFirewallRules'
if ($GPO) $RegistryKeys += 'Registry::HKLMSoftwarePoliciesMicrosoftWindowsFirewallFirewallRules'
Foreach ($Key in $RegistryKeys)
if (Test-Path -Path $Key)
(Get-ItemProperty -Path $Key).PSObject.Members
and the link from that post as to:
2.2.2.19 Firewall Rule and the Firewall Rule Grammar Rule
answered Nov 11 at 8:30
postanote
2,8631310
add a comment |
up vote
3
down vote
up vote
3
down vote
You should expect this to take time, as you are asking the portfilter to check all its rules against the firewall rules, which just is checking all the rules against itself.
Example:
I don't know how many rules you are dealing with, but on my standalone system:
($total = (Get-NetFirewallRule).count)
783
($portfilter = Get-NetFirewallPortFilter).Count
783
This means that is code is running 1566 times (on my system), because you are asking the filter each one of its own rules against all 783 portfilter rules against the 783 firewall rules to create your object. ForLoops are just slow, and with 1566 passes, in my case, well you should gather how much this will add up.
If you did this for just one firewall rule, you'd get something like:
Measure-Command
$RuleCount = 0
$testcount = 0
($total = (Get-NetFirewallRule).count)
($portfilter = Get-NetFirewallPortFilter).Count
ForEach($Rule in (Get-NetFirewallRule
Days : 0
Hours : 0
Minutes : 0
Seconds : 2 ********* * times the total needed passes
Milliseconds : 414
Ticks : 24149617
TotalDays : 2.79509456018519E-05
TotalHours : 0.000670822694444444
TotalMinutes : 0.0402493616666667
TotalSeconds : 2.4149617 **************
TotalMilliseconds : 2414.9617
If we tweak your code a bit more to show more information / progress, say like this...
Clear-Host
$total = (Get-NetFirewallRule).count
$total1 = (Get-NetFirewallPortFilter).Count
$RuleCount = 0
ForEach($Rule in (Get-NetFirewallRule | Select -First 3))
ForEach-Object
Write-host "Processing port rule $($_.Name)" -ForegroundColor Yellow
$testcount++
$perc1 = [Int]($testcount/$total1*100)
Write-Progress -Activity 'My Important Port rules' -PercentComplete $perc1 -Status $perc1 -Id 2
Write-Warning -Message "$testcount "
Processing firewall rule vm-monitoring-dcom
Processing port rule
...
WARNING: 783
Processing firewall rule vm-monitoring-icmpv4
Processing port rule
...
WARNING: 783
Processing firewall rule vm-monitoring-icmpv6
Processing port rule
...
WARNING: 783
… it should further illustrate what I am trying to say.
Then you have the limitations of your system itself, processor speed, memory resources / speed, any other processes you are running on your machine.
See this similar Q&A discussion:
How can I speed up PowerShell to get firewall rules on windows 10?
#Using a registry approach
param
(
[switch]$Local,
[switch]$GPO
)
# If no switches are set the script will default to local firewall rules
if (!($Local) -and !($Gpo))
$Local = $true
$RegistryKeys = @()
if ($Local) $RegistryKeys += 'Registry::HKLMSystemCurrentControlSetServicesSharedAccessParametersFirewallPolicyFirewallRules'
if ($GPO) $RegistryKeys += 'Registry::HKLMSoftwarePoliciesMicrosoftWindowsFirewallFirewallRules'
Foreach ($Key in $RegistryKeys)
if (Test-Path -Path $Key)
(Get-ItemProperty -Path $Key).PSObject.Members
and the link from that post as to:
2.2.2.19 Firewall Rule and the Firewall Rule Grammar Rule
answered Nov 11 at 8:30
postanote
2,8631310
You should expect this to take time, as you are asking the portfilter to check all its rules against the firewall rules, which just is checking all the rules against itself.
Example:
I don't know how many rules you are dealing with, but on my standalone system:
($total = (Get-NetFirewallRule).count)
783
($portfilter = Get-NetFirewallPortFilter).Count
783
This means that is code is running 1566 times (on my system), because you are asking the filter each one of its own rules against all 783 portfilter rules against the 783 firewall rules to create your object. ForLoops are just slow, and with 1566 passes, in my case, well you should gather how much this will add up.
If you did this for just one firewall rule, you'd get something like:
Measure-Command
$RuleCount = 0
$testcount = 0
($total = (Get-NetFirewallRule).count)
($portfilter = Get-NetFirewallPortFilter).Count
ForEach($Rule in (Get-NetFirewallRule
Days : 0
Hours : 0
Minutes : 0
Seconds : 2 ********* * times the total needed passes
Milliseconds : 414
Ticks : 24149617
TotalDays : 2.79509456018519E-05
TotalHours : 0.000670822694444444
TotalMinutes : 0.0402493616666667
TotalSeconds : 2.4149617 **************
TotalMilliseconds : 2414.9617
If we tweak your code a bit more to show more information / progress, say like this...
Clear-Host
$total = (Get-NetFirewallRule).count
$total1 = (Get-NetFirewallPortFilter).Count
$RuleCount = 0
ForEach($Rule in (Get-NetFirewallRule | Select -First 3))
ForEach-Object
Write-host "Processing port rule $($_.Name)" -ForegroundColor Yellow
$testcount++
$perc1 = [Int]($testcount/$total1*100)
Write-Progress -Activity 'My Important Port rules' -PercentComplete $perc1 -Status $perc1 -Id 2
Write-Warning -Message "$testcount "
Processing firewall rule vm-monitoring-dcom
Processing port rule
...
WARNING: 783
Processing firewall rule vm-monitoring-icmpv4
Processing port rule
...
WARNING: 783
Processing firewall rule vm-monitoring-icmpv6
Processing port rule
...
WARNING: 783
… it should further illustrate what I am trying to say.
Then you have the limitations of your system itself, processor speed, memory resources / speed, any other processes you are running on your machine.
See this similar Q&A discussion:
How can I speed up PowerShell to get firewall rules on windows 10?
#Using a registry approach
param
(
[switch]$Local,
[switch]$GPO
)
# If no switches are set the script will default to local firewall rules
if (!($Local) -and !($Gpo))
$Local = $true
$RegistryKeys = @()
if ($Local) $RegistryKeys += 'Registry::HKLMSystemCurrentControlSetServicesSharedAccessParametersFirewallPolicyFirewallRules'
if ($GPO) $RegistryKeys += 'Registry::HKLMSoftwarePoliciesMicrosoftWindowsFirewallFirewallRules'
Foreach ($Key in $RegistryKeys)
if (Test-Path -Path $Key)
(Get-ItemProperty -Path $Key).PSObject.Members
and the link from that post as to:
2.2.2.19 Firewall Rule and the Firewall Rule Grammar Rule
answered Nov 11 at 8:30
postanote
2,8631310
edited Nov 11 at 10:05
answered Nov 11 at 8:30
postanote
2,8631310
answered Nov 11 at 8:30
postanote
2,8631310
answered Nov 11 at 8:30
postanote
2,8631310
2,8631310
add a comment |
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53246271%2fget-netfirewallruleget-netfirewallportfilter-are-too-slow%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Define too slow.
– Jeroen Heier
Nov 11 at 6:08
at least 1min30secs..
– Code
Nov 11 at 7:00