The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 4,182 other subscribers

Archive for the ‘PowerShell’ Category

llamasoft/polyshell: A Bash/Batch/PowerShell polyglot!

Posted by jpluimers on 2023/03/16

PolyShell is a script that’s simultaneously valid in Bash, Windows Batch, and PowerShell (i.e. a polyglot).

[Wayback/Archive] llamasoft/polyshell: A Bash/Batch/PowerShell polyglot!

Need to check this out, as often I have scripts that have to go from one language to the other or vice versa.

Maybe it enables one language to bootstrap functionality in the other?

The quest

The above polyglot started with a quest to see if I can could include some PowerShell statements in a batch file with two goals:

  1. if the batch file started from the PowerShell command prompt, then execute the PowerShell code
  2. if the batch file started from the cmd.exe command prompt, then have it start PowerShell with the same command-line arguments

The reasoning is simple:

  1. PowerShell scripts will start from the PATH only when PowerShell is already running
  2. Batch files start from the path when either cmd.exe or PowerShell are running

Lots of users still live in the cmd.exe world, but PowerShell scripts are way more powerful, and since PowerShell is integrated in Windows since version 7, so having a batch file bootstrap PowerShell still makes sense.

Since my guess was about quoting parameters the right way, my initial search for the link below was [Wayback/Archive] powershell execute statement from batch file quoting – Google Search.

I have dug not yet into this, so there are still…

Many links to read

These should give me a good idea how to implement a polyglot batch file/PowerShell script.

–jeroen

Posted in *nix, *nix-tools, bash, bash, Batch-Files, Development, JavaScript/ECMAScript, Perl, Polyglot, Power User, PowerShell, Scripting, Software Development | Leave a Comment »

PowerShell: working around Get-NetFirewallRule not showing all the fields that Set-NetFirewallRule allows you to set

Posted by jpluimers on 2022/10/26

With APIs, you always hope that Get and Set methods mirror each other. More often than not, they don’t.

Take for instance these two:

They are far from symmetric: [Wayback/Archive] Get-NetFirewallRule shows far less than [Wayback/Archive] Set-NetFirewallRule allows you to set (first and foremost the various port related properties). It can be worked around though.

There are a few posts discussing this, of which I think these two are the most important:

Both above posts via [Wayback/Archive] “Get-NetFirewallRule” “LocalPort” – Google Search.

This is what I was after:

PowerShell "Get-NetFirewallRule -Name 'RemoteDesktop-UserMode-In-TCP' | Select-Object Name,DisplayName,Enabled,Direction,@{Name='Protocol';Expression={($PSItem | Get-NetFirewallPortFilter).Protocol}},Action,@{Name='LocalPort';Expression={($PSItem | Get-NetFirewallPortFilter).LocalPort}}"

Or actually:

PowerShell "Get-NetFirewallRule -Name 'RemoteDesktop-UserMode-In-TCP' -ErrorAction SilentlyContinue | Select-Object Name,DisplayName,Enabled,Direction,@{Name='Protocol';Expression={($PSItem | Get-NetFirewallPortFilter).Protocol}},Action,@{Name='LocalPort';Expression={($PSItem | Get-NetFirewallPortFilter).LocalPort}}"

Let me explain this:

  1. Get-NetFirewallRule gets a firewall rule with a specific name, but can only get you a few properties that can be set through Set-NetFirewallRule. Name,DisplayName,Enabled,Direction are properties it understands. Protocol and LocalPort aren’t, but are often of interest.
  2. Get-NetFirewallPortFilter can get you both Protocol and LocalPort.
  3. There are more functions named like Get-NetFirewall*Filter, all of which require an -AssociatedNetFirewallRule <CimInstance> (or an -All) parameter which is what Get-NetFirewallRule returns. This way you can retrieve details not provided by Get-NetFirewallRule.
  4. The portions like @{Name='Protocol';Expression={($PSItem | Get-NetFirewallPortFilter).Protocol}} returns one property, in this case the Protocol property from Get-NetFirewallPortFilter returned as Protocol (the latter can be different if you want; the former needs to be Protocol).
  5. The -ErrorAction SilentlyContinue bit is to prevent this kind of exception when no -Name matches:
    Get-NetFirewallRule : No MSFT_NetFirewallRule objects found with property 'InstanceID' equal to
    'RemoteDesktop-UserMode-In-TCP_'.  Verify the value of the property and retry.
    At line:1 char:1
    + Get-NetFirewallRule -Name 'RemoteDesktop-UserMode-In-TCP_'
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : ObjectNotFound: (RemoteDesktop-UserMode-In-TCP_:String) [Get-NetFirewallRule], CimJobExc
       eption
        + FullyQualifiedErrorId : CmdletizationQuery_NotFound_InstanceID,Get-NetFirewallRule
    When the exception occurs, the execution continues, but since no object is returned the | pipe will not execute and no details are returned.

    I got this trick from [Wayback/Archive] firewall РHow can I stop the Powershell command `Get-NetFirewallRule` from throwing an error? РStack Overflow (thanks [Wayback/Archive] Pure.Krome and [Wayback/Archive] arco444)

Notes:

  • 3. also allows Get-NetFirewallRule to search for a group, then get all the firewall rules out of them, for instance with
    Get-NetFirewallRule -DisplayGroup "File and Printer Sharing" | ForEach-Object { Write-Host $_.DisplayName ; Get-NetFirewallAddressFilter -AssociatedNetFirewallRule $_ }
  • 4. also works the other way around, but only if you have elevated using an administrative token. The below lists all firewall rules involving port 3389 (Remote Desktop Protocol):
    PowerShell "Get-NetFirewallPortFilter | Where LocalPort -eq 3389 | Get-NetFirewallRule"

    Even a plain Get-NetFirewallPortFilter will get you an error without elevation:

    Get-NetFirewallPortFilter : Access is denied.
    At line:1 char:1
    + Get-NetFirewallPortFilter
    + ~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : PermissionDenied: (MSFT_NetProtocolPortFilter:root/standardci...tocolPortFilter) [Get-Ne
       tFirewallPortFilter], CimException
        + FullyQualifiedErrorId : Windows System Error 5,Get-NetFirewallPortFilter

You might want to return more details than just Protocol and Localport, so I dug around and made the below table to document the asymmetry.

Read the rest of this entry »

Posted in CommandLine, Development, Power User, PowerShell, PowerShell, Remote Desktop Protocol/MSTSC/Terminal Services, Scripting, Software Development, Windows | Leave a Comment »

In some countries @archiveis redirect their domains using http-302 which can have trouble with multi-WAN

Posted by jpluimers on 2022/08/12

From [Wayback¬†Archive.is blog ‚ÄĒ Why has the URL “archive-li” changed to…:

Why has the URL “archive-li” changed to “archive-ph”, and will this affect saved bookmarks at any time in the future?

Anonymous

This is temporary and only for some countries. All 7 domains work, so you do not need to change the bookmarks.

In The Netherlands all Archive Today domains redirect to archive.ph using a HTTP 302 redirect.

This caused trouble at my home location, but not at my brother, so I searched for local issues.

In the end, it was because I have dual WAN as network load balancing at home.

TL;DR

Modifying the routing table so traffic for 54.37.18.234 goes to WAN1 was my solution.

Finding the destination address

Read the rest of this entry »

Posted in .NET, Development, Hardware, Network-and-equipment, Power User, PowerShell, routers, Scripting, Software Development | Leave a Comment »

Hardware MAC address formats (which I need for Wake-on-LAN.ps1)

Posted by jpluimers on 2022/07/06

Early june, I blogged about Wake-on-LAN from a Windows machine.

My plan was to adopt [Wayback/Archive.is] Wake.ps1 into Wake-on-LAN.ps1 (as naming is important).

One of the goals was to support multiple hardware MAC address formats, especially as Wake.ps1 had the below comment, but did support the AA-BB-CC-DD-EE-FF, though not the AA:BB:CC:DD:EE:FF hardware MAC address format:

<#
...
.NOTES
Make sure the MAC addresses supplied don't contain "-" or ".".
#>

A colon separated hardware MAC address would result in this error inside the call to the [Wayback/Archive.is] PhysicalAddress.Parse Method (System.Net.NetworkInformation) | Microsoft Docs:

Send-Packet : Exception calling "Parse" with "1" argument(s): "An invalid physical address was specified."

So I did some digging, starting inside the above mentioned blog post, and adding more:

  1. Wake.ps1 uses the [Wayback/Archive.is] Parse method in the [Wayback/Archive.is] PhysicalAddress.cs source code in C# .NET,  which contains code like this:
                //has dashes? 
                if (address.IndexOf('-') >= 0 ){ 
                    hasDashes = true;
                    buffer = new byte[(address.Length+1)/3]; 
                }
  2. The Perl script at [Wayback/Archive.is] wakeonlan/wakeonlan at master · jpoliv/wakeonlan that started my first blog post in this series which mentions:
    • xx:xx:xx:xx:xx:xx (canonical)
    • xx-xx-xx-xx-xx-xx (Windows)
    • xxxxxx-xxxxxx (Hewlett-Packard switches)
    • xxxxxxxxxxxx (Intel Landesk)

    I should rename the first one IEEE 802, as per this:

  3. The MAC address: Notational conventions – Wikipedia

    The standard (IEEE 802) format for printing EUI-48 addresses in human-friendly form is six groups of two hexadecimal digits, separated by hyphens (-) in transmission order (e.g. 01-23-45-67-89-AB). This form is also commonly used for EUI-64 (e.g. 01-23-45-67-89-AB-CD-EF).[2] Other conventions include six groups of two hexadecimal digits separated by colons (:) (e.g. 01:23:45:67:89:AB), and three groups of four hexadecimal digits separated by dots (.) (e.g. 0123.4567.89AB); again in transmission order.[30]

    The latter is used by Cisco (see for instance [Wayback/Archive.is] Cisco DCNM Security Configuration Guide, Release 4.0 – Configuring MAC ACLs [Support] – Cisco and [Wayback/Archive.is] Cisco IOS LAN Switching Command Reference – mac address-group through revision [Support] – Cisco), so another format to add:

    • xxxx.xxxx.xxxx (Cisco)
  4. [Wayback/Archive.is] PhysicalAddress.Parse Method (System.Net.NetworkInformation) | Microsoft Docs remarks:

    The address parameter must contain a string that can only consist of numbers and letters as hexadecimal digits. Some examples of string formats that are acceptable are as follows:

    • 001122334455
    • 00-11-22-33-44-55
    • 0011.2233.4455
    • 00:11:22:33:44:55
    • F0-E1-D2-C3-B4-A5
    • f0-e1-d2-c3-b4-a5

    Use the GetAddressBytes method to retrieve the address from an existing PhysicalAddress instance.

  5. After a bit more digging via¬†[Wayback/Archive.is] “three groups of four hexadecimal digits separated by dots” – Google Search¬†, I found that even more hardware MAC address formats are in use as per [Wayback/Archive.is] What are the various standard and industry practice ways to express a 48-bit MAC address? – Network Engineering Stack Exchange.

    I really do not have all the sources for the various representations for 48-bit MAC addresses, but I have seen them variously used:

    AA-BB-CC-DD-EE-FF
    AA.BB.CC.DD.EE.FF
    AA:BB:CC:DD:EE:FF
    AAA-BBB-CCC-DDD
    AAA.BBB.CCC.DDD
    AAA:BBB:CCC:DDD
    AAAA-BBBB-CCCC
    AAAA.BBBB.CCCC
    AAAA:BBBB:CCCC
    AAAAAA-BBBBBB
    AAAAAA.BBBBBB
    AAAAAA:BBBBBB

From the last list, which is far more complete than the others, I recognise quite a few from tools I used in the past, but too forgot the actual sources, so I took the full list from there and tried to name them in parenthesis after the links I found above and what I remembered:

  • AABBCCDDEEFF (Bare / Landesk)
  • AA-BB-CC-DD-EE-FF (IEEE 802 / Windows)
  • AA.BB.CC.DD.EE.FF (???)
  • AA:BB:CC:DD:EE:FF (Linux / BSD / MacOS)
  • AAA-BBB-CCC-DDD (???)
  • AAA.BBB.CCC.DDD (Cisco?)
  • AAA:BBB:CCC:DDD (???)
  • AAAA-BBBB-CCCC (???)
  • AAAA.BBBB.CCCC (Cisco / Brocade)
  • AAAA:BBBB:CCCC (???)
  • AAAAAA-BBBBBB (Hewlett-Packard networking)
  • AAAAAA.BBBBBB (???)
  • AAAAAA:BBBBBB (???)

Some additional links in addition to the ones above:

–jeroen

Posted in .NET, CommandLine, Development, Encoding, HEX encoding, Network-and-equipment, Power User, PowerShell, PowerShell, Scripting, Software Development | Leave a Comment »

Powershell code formatting and coding style and style guides: some links and elaboration

Posted by jpluimers on 2022/07/05

I started doing occasional PowerShell “work” long before Visual Studio Code came along with its [Wayback] PowerShell Extension.

Back then, my tool of choice was PowerGUI: Settling on PowerGUI for PowerShell development. Before that it was PowerShell ISE.

Since then, I fiddled around a bit with Visual Studio Code, but not much. Then I got treated for rectum cancer, and when writing this, I’m back to Visual Studio code with the PowerShell Extension and already figured out a lot has improved.

One of the things is code formatting. Back some 7 years ago, this was all not set in stone. Now it is, so it is important to adhere to.

I already posted Code Layout and Formatting: Indentation · PowerShell Practice and Style last year, so now it is good repeat the link in it and add some more.

For my link archive:

Read the rest of this entry »

Posted in Development, PowerShell, Scripting, Software Development, Technical Debt | Leave a Comment »

 
%d bloggers like this: