查看当前防火墙状态:netsh advfirewall show allprofiles
关闭防火墙:netsh advfirewall set allprofiles state off
开启防火墙:netsh advfirewall set allprofiles state on
修改防火墙前,先备份防火墙配置。
导出命令:netsh advfirewall export "c:\firewall.pol"
导入命令:import "c:\firewall.pol"
禁用135-139,445,3389等端口,允许指定ip访问3389端口
netsh advfirewall set allprofile state on
netsh advfirewall firewall add rule name=禁用TCP端口 dir=in action=block protocol=TCP localport="135-139,445,3389"
netsh advfirewall firewall add rule name=禁用UDP端口 dir=in action=block protocol=UDP localport="135-139,445"
netsh advfirewall firewall add rule name=允许指定IP访问3389 dir=in action=allow protocol=TCP localport="3389" remoteip="aip,bip,cip"
备注用法:
netsh advfirewall help
netsh advfirewall firewall help
