If you want to remove duplicate Windows Firewall rules, this article is for you. Sometimes, the firewall recreates rules after an update, after some configurations, or after installing a program on your Windows computer. This happens even after manually deleting these rules, which is quite annoying.
Windows Firewall rules are essential for network administrators who would like to manage access to the network. With these rules, you can regulate what gets in or out of our network. For instance, you can prevent certain files from getting into your network. So if the rules duplicate themselves or recreate after deleting, then there is a problem. Keep reading for the best solutions.
Why does Windows Firewall duplicate rules?
There is no distinct reason why your PC has duplicated rules. However, it can happen because you have tweaked certain Firewall settings or because there is a program that you recently installed that causes your firewall to behave abnormally.
We cannot rule out the possibility of bugs after the Windows update, which may cause many issues on your PC. There could also be instances of viruses or malware affecting your Windows security section. Let us now see how we can resolve this issue.
How to Remove Duplicate Windows Firewall Rules
If you want to remove duplicate Windows Firewall rules or if they are recreated after deleting them, our troubleshooting experts recommend the following solutions:
- Perform preliminary steps
- Remove rules manually
- Use a script to remove rules
Let us now look at these solutions in detail.
1] Perform preliminary steps
Before you start removing the rules, our experts advise that you perform some workarounds to prevent the firewall from recreating or duplicating your policies. Do the following:
- Check your firewall settings. Sometimes, you might have made the wrong changes, and that could be the reason you have duplicated Windows Firewall rules. Ensure your settings are properly configured.
- You can temporarily disable any third-party antivirus software or any other software that you recently installed. If this’s not the case, enable or reinstall the program.
- If the issues happen after upgrading or updating your system, you can revert to the previous version and see if the firewall has stopped duplicating your rules automatically.
After that, you can now explore the ways to delete your rules below
2] Remove rules manually
To remove Windows rules manually, follow the steps below:
- Search for the Windows Security app using the search bar, and click Open.
- Locate and select Firewall & network protection.
- At the bottom of the window, click Advanced settings. You will get the Use Account Control prompt; select Yes to continue. This will open a new window named Windows Defender Firewall with Advanced Security.
- On the left side, you can select two options, one by one: Inbound Rules and Outbound Rules.
- Next, click one duplicated rule and use the Ctrl or Shift button to select multiple rules.
- Once you are satisfied with your selection, right-click on them and select Delete.
- You will get a prompt to confirm your action; click Yes.
- Finally, restart your PC and see if the rules are there.
If that does work, you can try the next step.
Related: How to manage Windows Firewall Rules with PowerShell
3] Use a script to remove rules
You can also use a script to remove duplicate Windows Firewall rules. First, you need to save the script in Windows Notepad.
Open Notepad and copy-paste the following code sourced from SuperUser
# Here we use `netsh advfirewall firewall show` to get all firewall rules, since it's way faster than Get-NetFirewallRule!!!!!!!
$output = (netsh advfirewall firewall show rule name=all verbose | Out-String).Trim() -split '\r?\n\s*\r?\n'
$propertyNames = [System.Collections.Generic.List[string]]::new()
$objects = @( $(foreach($section in $output ) {
$obj = @{}
foreach( $line in ($section -split '\r?\n') ) {
if( $line -match '^\-+$' ) { continue }
$name, $value = $line -split ':\s*', 2
$name = $name -replace " ", ""
$obj.$name = $value
if($propertyNames -notcontains $name) {
$propertyNames.Add( $name )
}
}
$obj
}) | % {
foreach( $prop in $propertyNames ) {
if( $_.Keys -notcontains $prop ) {
$_.$prop = $null
}
}
[PSCustomObject]$_
})
$r = $objects | Group-Object -Property RuleName, Program, Action, Profiles, RemoteIP, RemotePort, LocalIP, LocalPort, Enabled, Protocol, Direction
# If you want to take a look
# $r | ?{$_.Count -gt 1} | Select-Object -ExpandProperty group | Out-GridView
$r | ?{$_.Count -gt 1} | %{
$name = $_ | Select-Object -ExpandProperty group | Select-Object -ExpandProperty RuleName -First 1
# Here we have to use this cmdlet, since `netsh advfirewall firewall delete` can't differentiate rules with the same names and will delte them all!
Get-NetFirewallRule -DisplayName $name | Select-Object -Skip 1 | Remove-NetFirewallRule
}
Save the file as firewall.ps1.
The next thing is to open Windows PowerShell as an administrator, then paste the folder path of the firewall.ps1 file as a command prompt. It is something like this: cd C:\Users\<username>\Documents.
Finally, type the script title, i.e., firewall.ps1, and press Enter.
The script will start running and remove all duplicate Windows Firewall rules.
NOTE: There is also another script on Reddit that you can take a look at.
# firewall.ps1
# Get-NetFirewallRule >> x.txt to see what the empty paths are referencing.
ForEach($rule In Get-NetFirewallRule | Get-NetFirewallApplicationFilter) {
If(-not $rule.AppPath) { # UWP apps have no paths.
If($rule.CreationClassName.Substring(0, 22) -ne 'MSFT|FW|FirewallRule|{') { # Crude check for Windows 10 apps.
Write-Host 'REMOVING ID: ' $rule.InstanceID
Get-NetFirewallRule $rule.InstanceID | Remove-NetFirewallRule
#} else {
#Write-Host $rule.CreationClassName
#Get-NetFirewallRule $rule.InstanceID | Format-List Platform
}
} else { # Firewall rule contains a path.
If(-not (Test-Path $rule.AppPath) -and $rule.AppPath -ne 'System') { # Crude check for Windows 10 itself.
Write-Host 'REMOVING APP:' $rule.AppPath
Get-NetFirewallRule $rule.InstanceID | Remove-NetFirewallRule
}
}
}
Removing some rules might affect your network and related configuration. Only perform these steps with caution. Some rules might seem identical, but there is a slight difference. Remove them if you know what you are doing.
We hope you find something valuable here.
Read: Windows Firewall is preventing or blocking your connections
How do I write a firewall rule in Windows?
To write or create a firewall rule in Windows, open the Windows Firewall with Advanced Security option in the Windows Security app and select Inbound Rules or Outbound Rules. Click Action, and select New rule. On the Rule Type section, select Custom and then Next. Follow the on-screen directions to customize your rule the way you want.
Read: Windows Firewall Control Configure and Manage Windows Firewall settings
How to disable a Windows Firewall rule
To disable a Windows Firewall rule, go to the Windows Security app and select Firewall & network protection. At the bottom, click Advanced settings to open Windows Defender Firewall with Advanced Security. Here, select either Inbound Rules or Outbound Rules. You will see a long list of rules. Search for the one you want to disable, click it, and on the left side pane, select Disable Rule. In some instances, disabling a rule can be a better option than deleting it.
Read: Windows Firewall is preventing or blocking your connections
