Bat小脚本

NeverAgain 2020-03-27

一、防火墙相关
配置“高级安全Windows防火墙”都可以使用:netsh advfirewall firewall。
dir=in|out,入站/出站规则

action=allow|block|bypass,设定这个规则是允许还是阻断或者是跳过

program=<program path>],为某应用程序设定规则

[service=<service short name>|any],为某系统服务设定规则

[description=<string>],为这个规则加一个说明描述

[localip=any|<IPv4 address>|<IPv6 address>|<subnet>|<range>|<list>],指定本端IP地址

[remoteip=any|localsubnet|dns|dhcp|wins|defaultgateway|<IPv4 address>|<IPv6 address>|<subnet>|<range>|<list>],指定远端IP地址

[localport=0-65535|<port range>[,...]|RPC|RPC-EPMap|IPHTTPS|any (default=any)],指定本端端口号,默认为所有端口

[remoteport=0-65535|<port range>[,...]|any (default=any)],指定远端端口号,默认为所有端口

[protocol=0-255|icmpv4|icmpv6|icmpv4:type,code|icmpv6:type,code|tcp|udp|any (default=any)],指定协议类型,默认为所有协议

[interfacetype=wireless|lan|ras|any],可选参数,指定接口类型

[security=authenticate|authenc|authdynenc|authnoencap|notrequired(default=notrequired)],可选参数,指定加密访问方式

关闭445端口,关闭其他端口,修改localport。
start=auto,MpsSvc服务开机启动
state on,开启防火墙
icmpsetting 8,放行ICMP

@echo off
color 0A

echo "state on firewall......"
sc config MpsSvc start=auto
netsh advfirewall set allprofiles state on

echo "start ICMP...."
netsh firewall set icmpsetting 8 

echo "add port 445......"
netsh advfirewall firewall add rule name="close445tcp"   protocol=TCP dir=in localport=445 action=block
netsh advfirewall firewall add rule name="close445udp"   protocol=UDP dir=in localport=445 action=block

pause

相关推荐

xiaobaichen / 0评论 2013-06-06