Working on the command-line makes me feel productive and more engineer-like. I guess this is because when I’m on the command-line, what I do follows what I think. This isn’t the case with GUI in which I usually click more buttons than needed before I click on the right one. A study says that the engineers who use GUI often get exhausted by the constant drift in their focus and momentum as the menus and buttons beg their attention. Whereas on the command-line, you gotta think before you enter a command failing of which could prove to be fatal. This virtual living-at-the-edge on the command-line overtime rewards the engineer with focus and clarity of thought. Thereby enabling him to solve problems quickly and brilliantly. All because of his companionship with the command-line. Hence start getting comfortable with the discomfort of command-line.
Windows does provide us with the command-line counterpart to its popular GUI components. Though the commands are not as efficiently designed as in Linux, they are nevertheless handy. Especially for checking service and status info.
To check the Windows Firewall status for instance, it would be wiser and faster to enter the following commands on the command-line than to navigate Control Panel –> System and Security –> Windows Firewall.
To see whether the Windows Firewall is On or Off, keyboard the advanced firewall option of netsh command.
netsh advfirewall show all state
It displays the firewall status of all the three profiles — domain, private and public. You can see the individual firewall profile status by replacing all by domain, private or public.
netsh advfirewall show domain|private|public state
You can see the status of currently active firewall profile like so:
netsh advfirewall show currentprofile
As you can see, along with the firewall status the command also gives the firewall policy and logging details.
If you want to be a bit more geekier, you can get the firewall status by reading the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\
C:\Users\Deepak>reg query HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile EnableFirewall REG_DWORD 0x1 DisableNotifications REG_DWORD 0x0 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging
The EnableFirewall REG_DWORD 0x1 indicates that the firewall is on. For Off state it’s value would be 0x0.
One nice thing about querying the registry key is that you can see the firewall status of another PC on the network.
reg query \\IP_Address\HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
Also note that the Windows Firewall may not be the only firewall active on the machine. Plus it might be controlled by an anti-virus such as Symantec, Bitdefender etc.
In rare cases, you may have to troubleshoot the firewall service itself. The Windows firewall service is called MpsSvc, the service status of which can be seen by running
sc query mpssvc
The netsh command provides options to configure the firewall policy as well. However, it’s productive and wise to configure Windows Firewall from its Advanced Firewall Settings window, which can be launched by running the applet “firewall.cpl” on the run prompt (Win+R).