rikka0w0/only_allow_local_remote_desktop.ps

## only_allow_local_remote_desktop.ps
# Get the "Remote Desktop - User Mode (TCP-In)" rule
$rule = Get-NetFirewallRule -DisplayName "Remote Desktop - User Mode (TCP-In)"

# Get the associated firewall filter
$filter = Get-NetFirewallAddressFilter -AssociatedNetFirewallRule $rule

# Set the private IPv4 and IPv6 ranges, including full loopback and link-local addresses, for the Remote Address
Set-NetFirewallAddressFilter -InputObject $filter -RemoteAddress "10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16", "fc00::/7", "fd00::/8", "127.0.0.0/8", "169.254.0.0/16", "fe80::/10"

# Set the port to 3389
Set-NetFirewallRule -Name $rule.Name -LocalPort 3389 -RemotePort 3389
	# Get the "Remote Desktop - User Mode (TCP-In)" rule
	$rule = Get-NetFirewallRule -DisplayName "Remote Desktop - User Mode (TCP-In)"

	# Get the associated firewall filter
	$filter = Get-NetFirewallAddressFilter -AssociatedNetFirewallRule $rule

	# Set the private IPv4 and IPv6 ranges, including full loopback and link-local addresses, for the Remote Address
	Set-NetFirewallAddressFilter -InputObject $filter -RemoteAddress "10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16", "fc00::/7", "fd00::/8", "127.0.0.0/8", "169.254.0.0/16", "fe80::/10"

	# Set the port to 3389
	Set-NetFirewallRule -Name $rule.Name -LocalPort 3389 -RemotePort 3389