https://github.com/ismaolen/wsl2-hyperv-firewall
One-liner: Manage Hyper-V firewall rules from WSL for ROS/ROS2 (DDS, TCP/UDP/ICMP) – safe, scoped, CLI.
https://github.com/ismaolen/wsl2-hyperv-firewall
cli command-line-tool dds dds-discovery firewall hyper-v network-automation-python networking powershell python robotics ros ros2 windows windows-firewall windows-subsystem-for-linux wsl wsl2
Last synced: 4 months ago
JSON representation
One-liner: Manage Hyper-V firewall rules from WSL for ROS/ROS2 (DDS, TCP/UDP/ICMP) – safe, scoped, CLI.
- Host: GitHub
- URL: https://github.com/ismaolen/wsl2-hyperv-firewall
- Owner: Ismaolen
- License: mit
- Created: 2025-10-16T00:45:59.000Z (4 months ago)
- Default Branch: main
- Last Pushed: 2025-10-17T00:19:56.000Z (4 months ago)
- Last Synced: 2025-10-17T04:01:27.164Z (4 months ago)
- Topics: cli, command-line-tool, dds, dds-discovery, firewall, hyper-v, network-automation-python, networking, powershell, python, robotics, ros, ros2, windows, windows-firewall, windows-subsystem-for-linux, wsl, wsl2
- Language: Python
- Homepage: https://ismaolen.github.io/wsl2-hyperv-firewall/
- Size: 81.1 KB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Contributing: .github/CONTRIBUTING.md
- License: LICENSE
- Code of conduct: .github/CODE_OF_CONDUCT.md
Awesome Lists containing this project
README
# WSL2 Hyper-V Firewall (CLI)
Live Demo ·
Quick start ·
Features ·
Notes
Manage Windows **Hyper-V** firewall rules from **WSL**. One command to create/search/delete TCP/UDP/ICMP rules for specific IPs — no GUI, no guesswork.
> Script: `wsl_ros2_hv_firewall.py` (run inside WSL; it calls `powershell.exe` on Windows)
---
## Why this is useful (ROS / ROS 2)
If your robot is on the LAN and your nodes run in **WSL2**, Windows’ Hyper-V firewall often blocks:
* **ROS 2 DDS discovery** (multicast/broadcast over UDP)
* **ROS 1 master / services** (TCP ports like `11311`)
* Simple reachability (**ICMP/ping**)
This tool opens the right paths between **WSL ↔ Windows ↔ your robot’s IP(s)** so discovery works, topics show up, and connections stop timing out — without disabling the firewall or allowing the whole subnet.
---
## Networking note (required for ROS)
Enable WSL’s **mirrored networking** so DDS/multicast and inbound traffic reach WSL correctly:
```ini
# %UserProfile%\.wslconfig
[wsl2]
networkingMode=mirrored
```
Then restart WSL:
```bash
wsl --shutdown
```
(These rules target Hyper-V in mirrored mode and play nicely with ROS.)
---
## Features
* Create / delete / search Hyper-V firewall rules
* TCP / UDP / ICMPv4, **inbound / outbound / both**
* Multiple IPs, custom local/remote ports
* **Idempotent** (won’t duplicate)
* `--dry-run` to preview
* Optional JSON snapshot with `--db`
* Safety guard for mass deletes (override with `--all`)
---
## Requirements
* Windows 10/11 with Hyper-V (admin rights for firewall changes)
* WSL (Ubuntu etc.), Python 3
* `powershell.exe` reachable from WSL
---
## Quick start
```bash
# Help
python3 wsl_ros2_hv_firewall.py -h
# ROS/ROS2: allow all protocols IN+OUT for a robot IP (scoped to a single host)
python3 wsl_ros2_hv_firewall.py create --ip 192.168.0.213
# ROS1 (tighter): allow TCP IN for ports 11311,8080 only
python3 wsl_ros2_hv_firewall.py create \
--ip 192.168.0.213 \
--protocol tcp \
--direction in \
--local-ports 11311,8080 \
--remote-ports 11311,8080
# Search rules (and also write a JSON snapshot)
python3 wsl_ros2_hv_firewall.py --db search
# Delete by exact/wildcard name (dry run first)
python3 wsl_ros2_hv_firewall.py delete --name 'WSL-ROS2-*' --dry-run
# More examples
python3 wsl_ros2_hv_firewall.py examples
```
---
### Notes
* **Persistence is off by default.** Add `--db` (before or after the subcommand) to write `wsl_ros2_firewall_rules.json`.
* Mass deletes are limited; pass `--all` to confirm large removals.
---
If this helped your ROS setup in WSL, a ⭐️ would be awesome.
Spotted a bug or have an idea? **Issues and PRs welcome!**