lib/core/icingaagent/firewall/Enable-IcingaFirewall.psm1
|
function Enable-IcingaFirewall() { param( [int]$IcingaPort = 5665, [switch]$Force ); $FirewallConfig = Get-IcingaFirewallConfig -NoOutput; if ($FirewallConfig.IcingaFirewall -And $Force -eq $FALSE) { Write-Host 'Icinga Firewall is already enabled' return; } if ($Force) { Disable-IcingaFirewall; } $IcingaBinary = Get-IcingaAgentBinary; [string]$FirewallRule = [string]::Format( 'advfirewall firewall add rule dir=in action=allow program="{0}" name="{1}" description="{2}" enable=yes remoteip=any localip=any localport={3} protocol=tcp', $IcingaBinary, 'Icinga Agent Inbound', 'Inbound Firewall Rule to allow Icinga 2 masters / satellites to connect to the Icinga 2 Agent installed on this system.', $IcingaPort ); $FirewallResult = Start-IcingaProcess -Executable 'netsh' -Arguments $FirewallRule; if ($FirewallResult.ExitCode -ne 0) { Write-Host ([string]::Format('Failed to open Icinga firewall for port "{0}": {1}[2}', $IcingaPort, $FirewallResult.Message, $FirewallResult.Error)); } else { Write-Host ([string]::Format('Successfully enabled firewall for port "{0}"', $IcingaPort)); } } |