How to Use Wildcards with netsh advfirewall to Find Rules by Name Pattern in Windows


3 views

Windows' netsh advfirewall firewall commands provide powerful firewall management capabilities, but they lack pattern matching functionality when searching for rules. The standard syntax only allows exact rule name matching:

netsh advfirewall firewall show rule name="Exact Rule Name"

This becomes problematic when you need to:

  • Find all SQL-related rules without knowing exact names
  • Locate rules with similar naming conventions
  • Manage bulk rules matching specific patterns

While netsh doesn't support wildcards directly, here are effective workarounds:

Method 1: PowerShell Pipeline Filtering

The most robust solution combines netsh with PowerShell's filtering capabilities:

netsh advfirewall firewall show rule name=all | Select-String "SQL"

For more advanced pattern matching:

netsh advfirewall firewall show rule name=all | 
Where-Object { $_ -match "SQL.*Port" }

Method 2: findstr Command

For basic pattern matching without PowerShell:

netsh advfirewall firewall show rule name=all | findstr /i "sql"

Key flags:

  • /i - case insensitive matching
  • /r - enable regex patterns

Exporting and Processing Rules

For complex rule management:

netsh advfirewall firewall show rule name=all > rules.txt
# Then process with preferred text editor/search tool

Using Windows Firewall with Advanced Security MMC

For GUI users:

  1. Run wf.msc
  2. Use the filter/search functionality

Finding All Rules for a Specific Application

netsh advfirewall firewall show rule name=all | 
Where-Object { $_ -match "chrome.exe" }

Listing Rules by Port Number

netsh advfirewall firewall show rule name=all | 
findstr "3389"

For frequent use, create a PowerShell function:

function Find-FirewallRule {
    param (
        [string]$Pattern
    )
    $rules = netsh advfirewall firewall show rule name=all
    $rules -split "rnrn" | Where-Object { $_ -match $Pattern }
}

# Usage:
Find-FirewallRule -Pattern "SQL.*TCP"

If you've worked with Windows Firewall rules through netsh advfirewall, you've probably encountered this limitation: the show rule command only accepts exact rule names. There's no built-in support for wildcards or regex patterns when querying firewall rules.

netsh advfirewall firewall show rule name="SQL Server"  # Works
netsh advfirewall firewall show rule name="SQL*"        # Fails

The most practical solution is to pipe the full rules list through Windows' findstr command:

netsh advfirewall firewall show rule name=all | findstr /i "sql"

This command:

  • Lists all firewall rules (name=all)
  • Pipes the output to findstr
  • Uses /i for case-insensitive matching
  • Searches for "sql" anywhere in the rule details

For more complex pattern matching, findstr supports basic regex:

# Match rules starting with "SQL"
netsh advfirewall firewall show rule name=all | findstr /i /r "\

If you have PowerShell available, you can use more sophisticated filtering:

Get-NetFirewallRule | Where-Object {$_.DisplayName -like "*SQL*"} | Format-Table -AutoSize

Or with regex matching:

Get-NetFirewallRule | Where-Object {$_.DisplayName -match "^SQL.*Server$"} | Format-List *

For frequent use, create a batch file (findfwrule.bat):

@echo off
if "%1"=="" (
    echo Usage: findfwrule [search_pattern]
    exit /b 1
)
netsh advfirewall firewall show rule name=all | findstr /i "%1"

Usage examples:

findfwrule "SQL"
findfwrule "Remote Desktop"
findfwrule "TCP.*1433"