Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ BUG ] New-FalconFirewallGroup will not create a group following wiki example in PowerShell 5.1 #246

Closed
bk-cs opened this issue Sep 30, 2022 · 2 comments
Closed

[ BUG ] New-FalconFirewallGroup will not create a group following wiki example in PowerShell 5.1 #246

bk-cs opened this issue Sep 30, 2022 · 2 comments
Assignees
@bk-cs
Labels
bug Something isn't working

Comments

@bk-cs
Copy link
Collaborator

bk-cs commented Sep 30, 2022

Describe the bug
Errors are generated when you attempt to copy/paste the example to create a new firewall group with a rule within PowerShell 5.1.

To Reproduce
Use PowerShell 5.1 and follow the wiki example.

Expected behavior
A clear and concise description of what you expected to happen.

Environment (please complete the following information):

  • OS: Windows 10
  • PowerShell: 5.1
  • PSFalcon: 2.2.1
@bk-cs bk-cs added the bug Something isn't working label Sep 30, 2022
@bk-cs bk-cs self-assigned this Sep 30, 2022
@bk-cs
Copy link
Collaborator Author

bk-cs commented Sep 30, 2022
edited
Loading

These errors are generated because of a difference in how PowerShell Desktop and PowerShell Core treat [PSCustomObject] and [hashtable] objects. In PowerShell Core, a [hashtable] can be used with Select-Object in the same way that [PSCustomObject] can, but in PowerShell Desktop, this doesn't work.

To work around this problem until PSFalcon is updated, force [hashtable] objects to be [PSCustomObjects]. For instance, with the Firewall example, change $Rules from:

$Rules = @(
    @{
        name = 'Block IP'
        description = 'Block outbound to example.com IP address'
        platform_ids = @( '0' )
        enabled = $true
        action = 'DENY'
        direction = 'OUT'
        address_family = 'IP4'
        protocol = '*'
        fields = @(
            @{
                name = 'network_location'
                type = 'set'
                values = @( 'ANY' )
            }
        )
        local_address = @(@{ address = '*'; netmask = 0 })
        remote_address = @(@{ address = '93.184.216.34'; netmask = 32 })
    }
)

To this instead:

$Rules = @(
    [PSCustomObject]@{
        name = 'Block IP'
        description = 'Block outbound to example.com IP address'
        platform_ids = @( '0' )
        enabled = $true
        action = 'DENY'
        direction = 'OUT'
        address_family = 'IP4'
        protocol = '*'
        fields = @(
            @{
                name = 'network_location'
                type = 'set'
                values = @( 'ANY' )
            }
        )
        local_address = @(@{ address = '*'; netmask = 0 })
        remote_address = @(@{ address = '93.184.216.34'; netmask = 32 })
    }
)

bk-cs added a commit that referenced this issue Oct 7, 2022
@bk-cs
Created 'Confirm-Property'
022dbfc 
Created 'Confirm-Property' private function to filter [hashtable] and [PSCustomObject] into pre-defined properties containing values.

Issue #246: Created 'Confirm-Property' function to properly filter 'Rule' content for both [hashtable] and [PSCustomObject] rules. This will eliminate errors caused by [hashtable] objects being improperly filtered in PowerShell 5.1.
@bk-cs bk-cs mentioned this issue Oct 31, 2022
Merged
2 tasks
@bk-cs
Copy link
Collaborator Author

bk-cs commented Nov 15, 2022

Resolved with v2.2.3 release

@bk-cs bk-cs closed this as completed Nov 15, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@bk-cs bk-cs

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@bk-cs