Edit FalconFirewallSetting - CrowdStrike/psfalcon GitHub Wiki
Modify Falcon Firewall Management policy settings
All fields are required to modify policy settings. PSFalcon adds missing values automatically using data from your existing policy.
If adding or removing rule groups, all rule groups must be supplied in precedence order.
Requires 'Firewall management: Write'.
| Name | Type | Description | Min | Max | Allowed | Pipeline | PipelineByName |
|---|---|---|---|---|---|---|---|
| PlatformId | String | Operating System platform identifier |
01
|
X | |||
| Enforce | Boolean | Policy enforcement status | X | ||||
| RuleGroupId | String[] | Rule group identifier | X | ||||
| DefaultInbound | String | Default action for inbound traffic |
ALLOWDENY
|
X | |||
| DefaultOutbound | String | Default action for outbound traffic |
ALLOWDENY
|
X | |||
| MonitorMode | Boolean | Override all block rules and enable monitoring | X | ||||
| LocalLogging | Boolean | Enable local logging of firewall events | X | ||||
| Id | String | Policy identifier | X |
Edit-FalconFirewallSetting [[-PlatformId] <String>] [[-Enforce] <Boolean>] [[-RuleGroupId] <String[]>] [[-DefaultInbound] <String>] [[-DefaultOutbound] <String>] [[-MonitorMode] <Boolean>] [[-LocalLogging] <Boolean>] [-Id] <String> [-WhatIf] [-Confirm] [<CommonParameters>]PUT /fwmgr/entities/policies/v2
Edit-FalconFirewallSetting -PolicyId <id> -Enforce $true -DefaultInbound DENY -DefaultOutbound ALLOW2023-04-25: PSFalcon v2.2.5
