Forester GT ▶即刻入主 贊助
2021-03-05 18:42:50 spawnshow

FireWall指令

Windows Defender 防火牆 封鎖連線

netsh advfirewall set domainprofile firewallpolicy blockinbound,blockoutbound
netsh advfirewall set Privateprofile firewallpolicy blockinbound,blockoutbound
netsh advfirewall set Publicprofile firewallpolicy blockinbound,blockoutbound
=====================================
輸入

允許
netsh advfirewall firewall add rule name="PORT_7888" dir=in action=allow protocol=TCP localport=7888 profile=Private,Public
### profile=Private,Public 設定指的是【網域、私人、公用】類別設定檔

禁止
netsh advfirewall firewall add rule name="PORT_7788" dir=in action=block protocol=TCP localport=7788

在例外清單中,加入連續連接埠,例如下面允許 TCP 20、21 連入
netsh advfirewall firewall add rule name="允許 TCP 20~21 連入" protocol=TCP dir=in localport=20-21 action=allow

在例外清單中,加入應用程式
netsh firewall firewall add rule name="允許 hello.exe 連入" dir=in program="c:\alexc\hello.exe" action=allow

允許 IP 位置
netsh advfirewall firewall add rule name="My Trusted In" dir=in action=allow protocol=ANY remoteip=62.9.97.12

刪除已啟用的程式或埠
netsh advfirewall firewall delete rule name= rule name program="C:\MyApp\MyApp.exe"
netsh advfirewall firewall delete rule name= rule name protocol=udp localport=500

設定 ICMP 設定
netsh advfirewall firewall add rule name="ICMP Allow incoming V4 echo request" protocol=icmpv4:8,any dir=in action=allow
netsh advfirewall firewall add rule name= "All ICMP V4" protocol=icmpv4:any,any dir=in action=allow
netsh advfirewall firewall add rule name="Block Type 13 ICMP V4" protocol=icmpv4:13,any dir=in action=block

啟用 && 停用
netsh advfirewall firewall set rule name="TestRule" new enable=yes
netsh advfirewall firewall set rule name="TestRule" new enable=no
netsh advfirewall firewall set rule name=all new enable=no
=============================================================================================
輸出
netsh advfirewall firewall add rule name="PORT_7778" dir=out action=allow protocol=TCP localport=7778
=============================================================================================
Run these 2 in admin powershell, it enables both ipv6 and ipv4 inbound pings on all networks (public/private/domain):
Set-NetFirewallRule -DisplayName "File and Printer Sharing (Echo Request - ICMPv4-In)" -enabled True
Set-NetFirewallRule -DisplayName "File and Printer Sharing (Echo Request - ICMPv6-In)" -enabled True

https://serverfault.com/questions/6046/enable-ping-in-windows-server-firewall
=============================================================================================
PowerShell set Windows defender 防火牆
-------------------------------------------------------------------------------
netsh advfirewall set allprofiles state on

PowerShell
Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled True
-------------------------------------------------------------------------------
netsh advfirewall set allprofiles firewallpolicy blockinbound,allowoutbound
netsh advfirewall set allprofiles settings inboundusernotification enable

PowerShell
Set-NetFirewallProfile -DefaultInboundAction Block -DefaultOutboundAction Allow –NotifyOnListen True -AllowUnicastResponseToMulticast True –LogFileName %SystemRoot%\System32\LogFiles\Firewall\pfirewall.log
-------------------------------------------------------------------------------
停用高級安全性的 Windows Defender 防火牆
PowerShell
Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled False
-------------------------------------------------------------------------------
建立防火牆規則
netsh advfirewall firewall add rule name="Allow Inbound Telnet" dir=in program= %SystemRoot%\System32\tlntsvr.exe remoteip=localsubnet action=allow

PowerShell
New-NetFirewallRule -DisplayName “Allow Inbound Telnet” -Direction Inbound -Program %SystemRoot%\System32\tlntsvr.exe -RemoteAddress LocalSubnet -Action Allow
-------------------------------------------------------------------------------
netsh advfirewall firewall add rule name="Block Outbound Telnet" dir=out program=%SystemRoot%\System32\telnet.exe protocol=tcp localport=23 action=block

PowerShell
New-NetFirewallRule -DisplayName “Block Outbound Telnet” -Direction Outbound -Program %SystemRoot%\System32\tlntsvr.exe –Protocol TCP –LocalPort 23 -Action Block –PolicyStore domain.contoso.com\gpo_name
-------------------------------------------------------------------------------
修改現有的防火牆規則
netsh advfirewall firewall set rule name="Allow Web 80" new remoteip=192.168.0.2

PowerShell
Set-NetFirewallRule –DisplayName “Allow Web 80” -RemoteAddress 192.168.0.2
-------------------------------------------------------------------------------
刪除防火牆規則
netsh advfirewall firewall delete rule name=“Allow Web 80”

PowerShell
Remove-NetFirewallRule –DisplayName “Allow Web 80” -Profile Domain
-------------------------------------------------------------------------------
powershell  pause
Read-Host -Prompt "Press any key to continue"

powershell  也可以使用 CMD "ECHO 顯示"
powershell  ECHO
echo "filesizecounter : $filesizecounter"

####################################################################
####################################################################
CMD 檔案名稱:[00-PowerShell_Firewall.cmd]
內容
%windir%\system32\WindowsPowerShell\v1.0\powershell.exe -noexit -ExecutionPolicy remotesigned ".\00-PowerShell_Firewall.ps1"

呼叫poweshell執行
Powershell 檔案名稱:[00-PowerShell_Firewall.ps1]
內容
if (!([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) { Start-Process powershell.exe "-NoProfile -ExecutionPolicy Bypass -File `"$PSCommandPath`"" -Verb RunAs; exit }


echo ====================================
echo     FireWall_Export_file.wfw
echo ====================================
netsh advfirewall export "D:\MIS\FireWall_Export_Rules_${env:COMPUTERNAME}.wfw"

echo ====================================
echo     Set--FireWall_Defender
echo ====================================
netsh advfirewall set domainprofile firewallpolicy blockinbound,blockoutbound
netsh advfirewall set Publicprofile firewallpolicy blockinbound,blockoutbound
netsh advfirewall set Privateprofile firewallpolicy blockinbound,blockoutbound
echo ====================================
echo     In_and_Out_Set_Disable
echo ====================================
netsh advfirewall firewall set rule name=all dir=in new enable=no
netsh advfirewall firewall set rule name=all dir=out new enable=no
echo ====================================
echo  Enable--Network_Core-In_rule
echo ====================================
Set-NetFirewallRule -DisplayName "核心網路功能 - IPHTTPS (TCP-In)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - IPv6 (IPv6-In)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - IPv6 的動態主機設定通訊協定 (DHCPV6-In)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - Teredo (UDP-In)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - 多點傳送接聽程式已完成 (ICMPv6-In)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - 多點傳送接聽程式查詢 (ICMPv6-In)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - 多點傳送接聽程式報告 (ICMPv6-In)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - 多點傳送接聽程式報告 v2 (ICMPv6-In)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - 芳鄰探索通告 (ICMPv6-In)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - 芳鄰探索請求 (ICMPv6-In)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - 封包太大 (ICMPv6-In)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - 動態主機設定通訊協定 (DHCP-In)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - 參數問題 (ICMPv6-In)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - 無法與目的地取得連線 (ICMPv6-In)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - 超過時間 (ICMPv6-In)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - 路由器通告 (ICMPv6-In)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - 路由器請求 (ICMPv6-In)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - 網際網路群組管理通訊協定 (IGMP-In)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - 需要無法與目的地取得連線片段 (ICMPv4-In)" -enabled true

Set-NetFirewallRule -DisplayName "檔案及印表機共用 (SMB-In)" -Profile Domain -enabled true
Set-NetFirewallRule -DisplayName "檔案及印表機共用 (回應要求 - ICMPv4-In)" -Profile Domain -enabled true
echo ====================================
echo  Enable--Network_Core-Out_rule
echo ====================================
Set-NetFirewallRule -DisplayName "核心網路功能 - DNS (UDP-Out)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - IPHTTPS (TCP-Out)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - IPv6 (IPv6-Out)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - IPv6 的動態主機設定通訊協定 (DHCPV6-Out)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - Teredo (UDP-Out)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - 多點傳送接聽程式已完成 (ICMPv6-Out)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - 多點傳送接聽程式查詢 (ICMPv6-Out)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - 多點傳送接聽程式報告 (ICMPv6-Out)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - 多點傳送接聽程式報告 v2 (ICMPv6-Out)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - 芳鄰探索通告 (ICMPv6-Out)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - 芳鄰探索請求 (ICMPv6-Out)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - 封包太大 (ICMPv6-Out)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - 動態主機設定通訊協定 (DHCP-Out)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - 參數問題 (ICMPv6-Out)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - 超過時間 (ICMPv6-Out)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - 群組原則 (LSASS-Out)" -Profile Domain,Public,Private -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - 群組原則 (NP-Out)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - 群組原則 (TCP-Out)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - 路由器通告 (ICMPv6-Out)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - 路由器請求 (ICMPv6-Out)" -enabled true
Set-NetFirewallRule -DisplayName "核心網路功能 - 網際網路群組管理通訊協定 (IGMP-Out)" -enabled true

Set-NetFirewallRule -DisplayName "檔案及印表機共用 (SMB-Out)" -Profile Domain -enabled true
Set-NetFirewallRule -DisplayName "檔案及印表機共用 (回應要求 - ICMPv4-Out)" -Profile Domain,Public,Private -enabled true
echo ====================================
echo    Open_FireWall_Defender
echo ====================================
wf.msc