Have you ever needed to test if a particular firewall rule is enabled and actually functioning as expected? Of course you had! A great friend and a colleague passed this gem along to me that allows you to create a simple ‘port listener’ on any Windows machine using PowerShell.

port-listener-script-attempt

Simply click start, type in ‘PowerShell’, and run ‘Windows PowerShell’, and copy/paste this script into the ‘Windows PowerShell’ window.

$port = 9999;

$Listener = [System.Net.Sockets.TcpListener]$port;

$Listener.Start();

while($true)

$client = $Listener.AcceptTcpClient();

Write-Host "Connection on port $port from $($client.client.RemoteEndPoint.Address)";

$client.Close();

} 

Then, attempt to log access the specified port, in this case, we choose 9999 via the web browser or telnet:

port-listener-script-attempt-chrome

This will result in the following output in the PowerShell window:

 Connection on port 9999 from A.B.C.D

Where A.B.C.D is the source IP address from which the connection attempt is made. This is a great and simple way of testing firewall rules, NAT rules, Loadbalancing or even L4 hashing (across aggregated port-channels/LACP links). port-listener-script-attempt

Advertisements