Windows命令行防火墙管理

#Windows #CMD #笔记

查看状态

netsh advfirewall show currentprofile

启动和关闭防火墙

netsh advfirewall set allprofiles state on

netsh advfirewall set allprofiles state off

! Windows XP建议用下面的命令:
netsh firewall set opmode mode=enable
netsh firewall set opmode mode=disable

配置规则

阻止远程地址10.10.10.0/24的网络访问

netsh advfirewall firewall add rule name="FireMan" dir=in action=block remoteip=10.10.10.0/24

禁止访问本地TCP协议8080端口

netsh advfirewall firewall add rule name="FireMan" dir=in action=block protocol=TCP localport=8080

查看规则

netsh advfirewall firewall show rule name="FireMan"

删除创建的规则

netsh advfirewall firewall delete rule name="FireMan"

常见操作

netsh advfirewall reset

netsh advfirewall set allprofiles firewallpolicy allowinbound,allowoutbound

以上是设置为允许,如果设置为拒绝使用 blockinbound,blockoutbound

netsh advfirewall firewall add rule name=”deny tcp 139″ dir=in protocol=tcp localport=139 action=block

netsh advfirewall firewall add rule name=”deny udp 139″ dir=in protocol=udp localport=139 action=block

netsh advfirewall show allprofiles

netsh advfirewall firewall add rule name="<名称>" dir=<in | out> program="<程序路径>" action=<allow | block>

防火墙禁用高危端口的脚本

@echo off
@echo.
@echo 以管理员身份运行
%1 mshta vbscript:CreateObject("Shell.Application").ShellExecute("cmd.exe","/c "^&chr(34)^&"%~s0"^&chr(34)^&" ::","%cd%","runas",1)(window.close)&&exit
cd /d "%~dp0"
@echo.
@echo 正在开启防火墙
netsh advfirewall set currentprofile state on
@echo 正在关闭并禁用135、138、137、139、445端口
@echo 关闭135端口
netsh advfirewall firewall add rule name="sec135" dir=in protocol=tcp localport=135 action=block
@echo 关闭137端口
netsh advfirewall firewall add rule name="sec137" dir=in protocol=tcp localport=137 action=block
@echo 关闭138端口
netsh advfirewall firewall add rule name="sec138" dir=in protocol=tcp localport=138 action=block
@echo 关闭139端口
netsh advfirewall firewall add rule name="sec139" dir=in protocol=tcp localport=139 action=block
@echo 关闭445端口
netsh advfirewall firewall add rule name="sec445" dir=in protocol=tcp localport=445 action=block

pause