Windows防火墙命令行手册

热门标签

, , , , , , ,
admin

发表文章数:3177

首页 » 网络资源 » Windows » 正文

简介


netsh advfirewall firewall 命令行在Windows Vista 和 Windows Server 2008 中可用。
它提供了用于控制 Windows 防火墙行为的功能。
在早期版本的 Windows <包含Win7>操作系统中应该使用 netsh firewall 命令。
新版本的命令行提供了更精确地控制的防火墙规则的功能,这些规则包括以下的每个配置文件设置︰
域(Domain)
私有(Private)
公共(Public)
需要以管理员身份运行
Old command 针对Win7以下版本<包含Win7>

详细信息


示例 1︰ 启用程序

Old commandNew command
netsh firewall add allowedprogram C:\MyApp\MyApp.exe “My Application” ENABLEnetsh advfirewall firewall add rule name= “My Application” dir=in action=allow program= “C:\MyApp\MyApp.exe” enable=yes
netsh firewall add allowedprogram program=C:\MyApp\MyApp.exe name= “My Application” mode=ENABLE scope=CUSTOM addresses=157.60.0.1,172.16.0.0/16,LocalSubnet profile=Domainnetsh advfirewall firewall add rule name= “My Application” dir=in action=allow program= “C:\MyApp\MyApp.exe” enable=yes remoteip=157.60.0.1,172.16.0.0/16,LocalSubnet profile=domain
netsh firewall add allowedprogram program=C:\MyApp\MyApp.exe name= “My Application” mode=ENABLE scope=CUSTOM addresses=157.60.0.1,172.16.0.0/16,LocalSubnet profile=ALLnetsh advfirewall firewall add rule name= “My Application” dir=in action=allow program=”C:\MyApp\MyApp.exe” enable=yes remoteip=157.60.0.1,172.16.0.0/16,LocalSubnet profile=domain

netsh advfirewall firewall add rule name= “My Application” dir=in action=allow program=”C:\MyApp\MyApp.exe” enable=yes remoteip=157.60.0.1,172.16.0.0/16,LocalSubnet profile=private

示例 2︰ 启用端口

Old commandNew command
netsh firewall add portopening TCP 80 “Open Port 80”netsh advfirewall firewall add rule name=”Open Port 80″ dir=in action=allow protocol=TCP localport=80

示例 3︰ 删除启用的程序或端口

Old commandNew command
netsh firewall delete allowedprogram C:\MyApp\MyApp.exenetsh advfirewall firewall delete rule name=rule nameprogram=“C:\MyApp\MyApp.exe“
delete portopening protocol=UDP port=500netsh advfirewall firewall delete rule name=rule name protocol=udp localport=500

示例 4︰ 配置 ICMP 设置

Old commandNew command
netsh firewall set icmpsetting 8netsh advfirewall firewall add rule name=“ICMP Allow incoming V4 echo request“protocol=icmpv4:8,any dir=in action=allow
netsh firewall set icmpsetting type=ALL mode=enablenetsh advfirewall firewall add rule name=“All ICMP V4” protocol=icmpv4:any,any dir=in action=allow
netsh firewall set icmpsetting 13 disable allnetsh advfirewall firewall add rule name=“Block Type 13 ICMP V4” protocol=icmpv4:13,any dir=in action=block

示例 5︰设置日志记录

Old commandNew command
netsh firewall set logging %systemroot%\system32\LogFiles\Firewall\pfirewall.log 4096 ENABLE ENABLEnetsh advfirewall set currentprofile logging filename %systemroot%\system32\LogFiles\Firewall\pfirewall.log

netsh advfirewall set currentprofile logging maxfilesize 4096
netsh advfirewall set currentprofile logging droppedconnections enable

netsh advfirewall set currentprofile logging allowedconnections enable

currentprofile 可以使用/Domainprofile/Privateprofile/Publicprofile/选项替换

示例 6︰ 启用 Windows 防火墙

Old commandNew command
netsh firewall set opmode ENABLEnetsh advfirewall set currentprofile state on
netsh firewall set opmode mode=ENABLE exceptions=enableNetsh advfirewall set currentprofile state on

netsh advfirewall set currentprofile firewallpolicy blockinboundalways,allowoutbound

netsh firewall set opmode mode=enable exceptions=disable profile=domainNetsh advfirewall set domainprofile state on

netsh advfirewall set domainprofile firewallpolicy blockinbound,allowoutbound

netsh firewall set opmode mode=enable profile=ALLnetsh advfirewall set domainprofile state on

netsh advfirewall set privateprofile state on

示例 7︰ 还原默认策略设置

Old commandNew command
netsh firewall resetnetsh advfirewall reset

示例 8︰ 启用特定服务

Old commandNew command
netsh firewall set service FileAndPrintnetsh advfirewall firewall set rule group=“File and Printer Sharing” new enable=Yes
netsh firewall set service RemoteDesktop enablenetsh advfirewall firewall set rule group=”remote desktop” new enable=Yes
netsh firewall set service RemoteDesktop enable profile=ALLnetsh advfirewall firewall set rule group=”remote desktop” new enable=Yes profile=domain

netsh advfirewall firewall set rule group=”remote desktop” new enable=Yes profile=private

未经允许不得转载:作者:admin, 转载或复制请以 超链接形式 并注明出处 夜河资源网
原文地址:《Windows防火墙命令行手册》 发布于2019-12-27

分享到:
赞(0) 打赏

评论 抢沙发

2 + 7 =


撰写不易~如果您觉得文章对您有帮助的话可以打赏我哦~谢谢亲亲~

支付宝扫一扫打赏

微信扫一扫打赏

外服网游加速器破解版
包含腾讯网游加速器、海豚网游加速器等八款知名加速器,可加速外服游戏,永久包售后包更新,不定时添加新款破解版加速器!
切换注册

登录

忘记密码 ?

切换登录

注册