使用命令行配置防火墙
Windows 10 / Windows 8 / Windows 7 / Server 2008 / Vista:
在这几个系统版本中,我们可以用netsh advfirewall
命令来配置防火墙。三种网络(域,专用,公共)的防火墙设置都不相同。因此,根据要启用/禁用的网络防火墙,命令将有所不同。
-
为当前网络配置防火墙(与域/专用/公用网络无关)
-
打开当前网络防火墙
netsh advfirewall set currentprofile state on
-
关闭当前网络防火墙
netsh advfirewall set currentprofile state off
-
-
域网络
-
打开域网络防火墙
netsh advfirewall set domainprofile state on
-
关闭域网络防火墙
netsh advfirewall set domainprofile state off
-
-
专用网络
-
打开专用网络防火墙
netsh advfirewall set privateprofile state on
-
关闭专用网络防火墙
netsh advfirewall set privateprofile state off
-
-
公用网络
-
打开公用网络防火墙
netsh advfirewall set publicprofile state on
-
关闭公用网络防火墙
netsh advfirewall set publicprofile state off
-
-
所有网络
-
打开所有网络防火墙
netsh advfirewall set allprofiles state on
-
关闭所有网络防火墙
netsh advfirewall set allprofiles state off
-
-
较旧的Windows版本 – XP / Server 2003
-
启用防火墙
netsh firewall set opmode mode=ENABLE
-
禁用防火墙
netsh firewall set opmode mode=DISABLE
-
-
端口配置
::常用端口 netsh advfirewall firewall add rule name="Allow Ping" dir=in protocol=icmpv4 action=allow netsh advfirewall firewall add rule name="FTP" protocol=TCP dir=in localport=20 action=allow netsh advfirewall firewall add rule name="FTP" protocol=TCP dir=in localport=21 action=allow netsh advfirewall firewall add rule name="SSH" protocol=TCP dir=in localport=22 action=allow netsh advfirewall firewall add rule name="Telnet" protocol=TCP dir=in localport=23 action=allow netsh advfirewall firewall add rule name="SMTP" protocol=TCP dir=in localport=25 action=allow netsh advfirewall firewall add rule name="TFTP" protocol=UDP dir=in localport=69 action=allow netsh advfirewall firewall add rule name="POP3" protocol=TCP dir=in localport=110 action=allow netsh advfirewall firewall add rule name="HTTPS" protocol=TCP dir=in localport=443 action=allow netsh advfirewall firewall add rule name="Netbios-ns" protocol=UDP dir=in localport=137 action=allow netsh advfirewall firewall add rule name="Netbios-dgm" protocol=UDP dir=in localport=138 action=allow netsh advfirewall firewall add rule name="Netbios-ssn" protocol=TCP dir=in localport=139 action=allow netsh advfirewall firewall add rule name="Netbios-ds" protocol=TCP dir=in localport=445 action=allow netsh advfirewall firewall add rule name="HTTP" protocol=TCP dir=in localport=80 action=allow netsh advfirewall firewall add rule name="HTTP" protocol=TCP dir=in localport=8080 action=allow
使用命令行打开远程桌面
- 设置远程桌面端口
reg add “HKLM\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp” /t REG_DWORD /v portnumber /d 3389 /f
这里通过写改注册表来打开3389 - 开启远程桌面
wmic RDTOGGLE WHERE ServerName=’%COMPUTERNAME%’ call SetAllowTSConnections 1
- 关闭远程桌面
wmic RDTOGGLE WHERE ServerName=’%COMPUTERNAME%’ call SetAllowTSConnections 0
- 清楚3389登陆痕迹
@echo off @reg delete "HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\Default" /va /f @del "%USERPROFILE%\My Documents\Default.rdp" /a @exit
Comments | NOTHING