Use registry to see ICMP type settings

Question

I would like to see which ICMP types are allowed / enabled on my system.

I've found this where you can set up your ICMP but is there a possibility to see these settings in registry or to get them through powershell commands?

score 0 · Accepted Answer · answered Aug 28 '18 at 12:33

Use Get-NetFirewallRule to enumerate the firewall rules. Use Get-NetFirewallPortFilter to get details about what these rules are filtering. Filter the output for ICMP protocol rules, then select the ICMP type.

Get-NetFirewallRule -Enabled True -Action Allow |
    Get-NetFirewallPortFilter |
    Where-Object { $_.Protocol -in 'icmpv4', 'icmpv6' } |
    Select-Object -Expand IcmpType -Unique

Replace Allow with Block to enumerate blocking rules.

If Get-NetFirewallRule can't find a rule it will throw an error. You can suppress that by adding -ErrorAction SilentlyContinue to the command.

Note that the *-NetFirewall* cmdlets were introduced with Windows Server 2012 and are not available in earlier versions. For those you need to work with the netsh command. Use something like this to enumerate firewall rules

netsh advfirewall firewall show rule all

and parse the output for the relevant information.

This helps me a lot. Thank you! Can you also tell me what I should do with `advfirewall` to get the same result like using `netsh firewall show icmpsetting`? — Wi3l4nd, Sep 03 '18 at 08:30
Like I said, you'd need to parse the output of `netsh advfirewall firewall show rule all`. — Ansgar Wiechers, Sep 03 '18 at 09:02

Use registry to see ICMP type settings

1 Answers1