Need help with syntax of Action Script

Hi everybody. Will be appreciate for any help to correct the actions script of custom fixlet.
The script has several errors and I don't know how to resolve them. I'm not a programmer.
To be honest, several variants give an AI, I combined them because all of them was wrong too ).

I'd like to create a fixlet to create a custom windows firewall rules. Create a form with parameters. And now I need to do correct action script to read them and create a firewall rule.

Shot 22-02-2026 at 17.261584×844 121 KB

Script v1: The error in IF function prevents the file from being saved

// ------------------------------------------------
// Parameters coming from the form
// ------------------------------------------------
parameter "rule_name" of action
parameter "direction" of action
parameter "protocol" of action
parameter "port" of action
parameter "action" of action

// Normalize values for netsh
set "_dir" = {if (parameter "direction" of action as lowercase starts with "in") then "in" else "out"}
set "_proto" = {parameter "protocol" of action as lowercase}
set "_act" = {if (parameter "action" of action as lowercase starts with "allow") then "allow" else "block"}
set "_port" = {parameter "port" of action}

// Rule name (cleaned a bit)
set "rulename" = {concatenation of (characters of (parameter "rule_name" of action) whose (it is alphanumeric or it is one of " -"))}

// ------------------------------------------------
// Idempotency check - does this exact rule already exist?
// ------------------------------------------------
if {not exists lines whose (
(ERROR it contains ("Rule Name:") and it contains _rulename and
it contains ("Direction:") and it contains (if _dir = "in" then "In" else "Out") and
it contains ("Action:") and it contains (if _act = "allow" then "Allow" else "Block") and
it contains ("Protocol:") and it contains (_proto as uppercase)
) of (it as string as trimmed string) of result of command "netsh advfirewall firewall show rule name=all"}

// ------------------------------------------------
// Create the rule
// ------------------------------------------------
waithidden cmd /c netsh advfirewall firewall add rule name="%_rulename%" dir=%_dir% action=%_act% protocol=%_proto% localport="%_port%" profile=any enable=yes

// Report result
appendfile Firewall rule created: %_rulename%
copy __appendfile c:\windows\temp\firewall-custom-rule.log append

else
appendfile Firewall rule already exists: %_rulename%
copy __appendfile c:\windows\temp\firewall-custom-rule.log append
endif

(ERROR) prefetch success

Script v2: The Fixlet saved ok, but there is an error when take action from the first string

Shot 22-02-2026 at 17.361892×1152 416 KB

// =============================================================================
// Add Windows Firewall Rule to ALL Profiles (Domain + Private + Public)
// Parameters from form: rule_name, direction, protocol, port, action
// =============================================================================

// --- Normalize parameters ----------------------------------------------------
parameter "rule_name" of action as trimmed string -> "_rule_name"

(ERROR) set "_rule_name_lc" = {lowercase of _rule_name}

set "_dir" = {if (parameter "direction" of action as lowercase starts with "in") then "in" else "out"}
set "_proto" = {parameter "protocol" of action as lowercase}
set "_act" = {if (parameter "action" of action as lowercase starts with "allow") then "allow" else "block"}
set "_port" = {parameter "port" of action as trimmed string}

// --- Idempotency check -------------------------------------------------------
// If any rule with this exact name already exists skip everything
if {exists lines whose (it as lowercase contains "Rule Name:" and it as lowercase contains _rule_name_lc) of result of command "netsh advfirewall firewall show rule name=all"}

delete __appendfile
appendfile [SKIP] Firewall rule already exists (name: {_rule_name})
appendfile   Direction: {parameter "direction" of action}
appendfile   Protocol : {parameter "protocol" of action}
appendfile   Ports    : {_port}
appendfile   Action   : {parameter "action" of action}
appendfile   Time     : {now}
copy __appendfile "C:\Windows\Temp\firewall_custom.log" append

// action succeeded "Rule already exists, no changes made"

// To force "Failed" status with message (visible in console action status)
//action failed "Rule already exists, no changes made"

// To force "Successful" with custom note (rarely needed)
(ERROR) prefetch success // or just end script normally

else

// --- Create the rule in ALL THREE profiles ---------------------------
// Domain profile
waithidden netsh advfirewall firewall add rule name="{_rule_name}" profile=domain dir={_dir} action={_act} protocol={_proto} localport="{_port}" enable=yes

// Private profile
waithidden netsh advfirewall firewall add rule name="{_rule_name}" profile=private dir={_dir}  action={_act} protocol={_proto} localport="{_port}" enable=yes

// Public profile
waithidden netsh advfirewall firewall add rule name="{_rule_name}" profile=public dir={_dir} action={_act} protocol={_proto} localport="{_port}" enable=yes

// --- Log success --------------------------------------------
delete __appendfile
appendfile [CREATED] Firewall rule added to ALL profiles
appendfile   Name      : {_rule_name}
appendfile   Direction : {parameter "direction" of action}
appendfile   Protocol  : {parameter "protocol" of action}
appendfile   Ports     : {_port}
appendfile   Action    : {parameter "action" of action}
appendfile   Time      : {now}
copy __appendfile "C:\Windows\Temp\firewall_custom.log" append

// To force "Successful" with custom note (rarely needed)
(ERROR) prefetch success // or just end script normally

endif

You’re almost there with script v2.

There’s no set command for variables in action script; just make these a parameter like the others you’re using. Format to set them is parameter “name”=”value” (the quotes are required), and then reference the value as parameter “name” like you’re already doing with some of them.

Example: parameter "_proto" = “{parameter "protocol" of action as lowercase}”

Regarding _rule_name_lc there’s no lowercase of property – just cast it using as lowercase like you did with the others: parameter "_rule_name_lc" = “{parameter “_rule_name” as lowercase}”

append at end of copy command is ignored / not needed

prefetch is only used for downloads. prefetch success is not an action script command; you should remove these

Like this, am I correct?

parameter "_rule_name" = "{parameter "rule_name" of action as lowercase}"
parameter "_dir" = "{if (parameter "direction" of action as lowercase starts with "in") then "in" else "out"}"
parameter "_proto" = "{parameter "protocol" of action as lowercase}"
parameter "_act" = "{if (parameter "action" of action as lowercase starts with "allow") then "allow" else "block"}"
parameter "_port" = "{parameter "port" of action as string}"

Well, status of Action Failed on the first string

Failed: parameter "_rule_name" = "{parameter "rule_name" of action as lowercase}"

Shot 22-02-2026 at 20.461494×1366 143 KB

The syntax is correct i believe the parameter rule_name is coming as blank

image982×352 12.4 KB

I Think you are right. I guess the problem with parameters in the form, not on the script.

Are you able to share your exported BES file with the community?

I think yes, no problem. I'm ok, even if someone else takes it.
The main thing is that if the fixlet will be good, it should work and help others.

I created it for the first time and create a simple table.
And the problem is that I do something wrong and I didn't transfer the fields data to variables.

Also, I have noticed another structure in the fixlets. People use MIME to describe variable.

If some one can help with it will be cool.

Custom Windows Firewall Rule (In All Profiles) v2.bes (9.7 KB)

Either the parameters aren't available in the fixlet/task or you're redeclaring them when they already exist.

For example, the first line passes and the second line fails:

parameter "Test" = "True"
parameter "Test" = "False"

If the UI portion of your action script is working properly, you don't need to declare the variable as it's already there.

However, I'd recommend checking out creating parameterized fixlets. Download the document on the page and go through it. Seems to be a much easier way to do your UI and will pass your parameters into the action script properly.

I don't have access to this doc with my account name.

I updated the link. Looks like there was an error with it.