Test if Windows server firewall is disabled with Pester in Chef

First of all, be aware that is a very BAD practice to disable the firewall; do so only for test purposes or a short period of time.

The following code was tested under Windows Server 2008 R2, but it should also work for Windows Server 2012.
Under your cookbook folder you must add the file test\integration\default\pester\firewall.tests.ps1.
It will contain the following PowerShell code sequence:

describe “disable firewall” {

  $publicFwEnabled = (Invoke-Command -ScriptBlock {[Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey(“LocalMachine”, $env:COMPUTERNAME).OpenSubKey(“System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile”).GetValue(“EnableFirewall”)})

  it “should disable public firewall” {
    $publicFwEnabled | Should Be 0

  $domainFwEnabled = (Invoke-Command -ScriptBlock {[Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey(“LocalMachine”, $env:COMPUTERNAME).OpenSubKey(“System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile”).GetValue(“EnableFirewall”)})

  it “should disable domain firewall” {
    $domainFwEnabled | Should Be 0

  $privateFwEnabled = (Invoke-Command -ScriptBlock {[Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey(“LocalMachine”, $env:COMPUTERNAME).OpenSubKey(“System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile”).GetValue(“EnableFirewall”)})

  it “should disable private firewall” {
    $privateFwEnabled | Should Be 0

Then, in your cookbook folder, you can check if tests passed after running kitchen verify command.

Note 1: Credits go to StackOverflow, IT blogs and alike, sites that helped me with the code when searching for solutions.
Note 2: Be aware that when copy-pasting, the quotes and possibly other characters get messed up by WordPress, you’ll have to replace them.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: