Menu
▾
▴
[Oorexx-devel] Question on invoking powershell commands from REXX.
|
From: Robert G. <ro...@ga...> - 2018-01-07 14:06:24
|
I have a REXX program that runs on a timer, scanning my web server logs and
looking for evidences of people trying to 'brute force' guess passwords. It
happens a lot. Without getting too far into the details, when something is
detected the program runs a windows powershell command to add a block for
the offending IP range into the windows group policy object that controls my
windows firewall. The line of code that runs the command looks like this:
/* Update the applicable GPO */
_CMD = "powershell.exe",
"New-NetFirewallRule",
"-DisplayName "_NEWIP,
"-Direction Inbound",
"-Profile Any",
"-Action Block",
"-InterfaceType Any",
"-RemoteAddress "WORD(PARMS.IP,1)"-"WORD(PARMS.IP,2),
"-PolicyStore ...mydomain...\...firewall policy GPO name...";
_CMD;
When the code runs, it gets this response:
New-NetFirewallRule : A directory service error has occurred.
At line:1 char:1
+ New-NetFirewallRule -DisplayName 043.241.140.000 -Direction Inbound - ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified:
(MSFT_NetFirewallRule:root/standar
dcimv2/MSFT_NetFirewallRule) [New-NetFirewallRule], CimException
+ FullyQualifiedErrorId : Windows System Error 8341,New-NetFirewallRule
powershell.exe New-NetFirewallRule -DisplayName ...new rule name...
-Direction Inbound -Profile Any -Action Block -InterfaceType Any
-RemoteAddress ...IP address range... -PolicyStore
...mydomain...\...firewall policy GP name...
New-NetFirewallRule : The requested object could not be found.
What I don't understand about the situation, is that I can cut the command
from the code, paste it into a command window with no changes, and it works
perfectly.
So I must be missing something here - I just don't yet know what. I'm
hoping someone here can shed some light.
Thanks,
Robert
|