Denying all incoming traffic and allowing only the necessary ports
We will first ensure that the firewall is running. After this, we will apply some rules to enable some ports and disable others.
To ensure that the firewall is running, we need to first ensure that the profiles are enabled and second, the firewall service is enabled and running. We have already mentioned how to enable firewall profiles in the topic Chapter 4, Puppet Forge Modules for Windows in the Managing the registry section. The following screenshot shows the code from that section.
For the changes to take effect, we restart the firewall service. For this purpose, the firewall service will be notified for each registry change. Thus, whenever one of the profiles is changed from disabled to enabled, the firewall service will restart to activate the changes.
The new module name is winfirewall and the following screenshot shows its structure:
The following screenshot shows the details after the inclusion of the service details...
