NeverAgain 2020-03-27
action=allow|block|bypass,设定这个规则是允许还是阻断或者是跳过
program=<program path>],为某应用程序设定规则
[service=<service short name>|any],为某系统服务设定规则
[description=<string>],为这个规则加一个说明描述
[localip=any|<IPv4 address>|<IPv6 address>|<subnet>|<range>|<list>],指定本端IP地址
[remoteip=any|localsubnet|dns|dhcp|wins|defaultgateway|<IPv4 address>|<IPv6 address>|<subnet>|<range>|<list>],指定远端IP地址
[localport=0-65535|<port range>[,...]|RPC|RPC-EPMap|IPHTTPS|any (default=any)],指定本端端口号,默认为所有端口
[remoteport=0-65535|<port range>[,...]|any (default=any)],指定远端端口号,默认为所有端口
[protocol=0-255|icmpv4|icmpv6|icmpv4:type,code|icmpv6:type,code|tcp|udp|any (default=any)],指定协议类型,默认为所有协议
[interfacetype=wireless|lan|ras|any],可选参数,指定接口类型
[security=authenticate|authenc|authdynenc|authnoencap|notrequired(default=notrequired)],可选参数,指定加密访问方式
关闭445端口,关闭其他端口,修改localport。 start=auto,MpsSvc服务开机启动 state on,开启防火墙 icmpsetting 8,放行ICMP @echo off color 0A echo "state on firewall......" sc config MpsSvc start=auto netsh advfirewall set allprofiles state on echo "start ICMP...." netsh firewall set icmpsetting 8 echo "add port 445......" netsh advfirewall firewall add rule name="close445tcp" protocol=TCP dir=in localport=445 action=block netsh advfirewall firewall add rule name="close445udp" protocol=UDP dir=in localport=445 action=block pause