The Windows Firewall can not only
be confi gured through the Security
Center but also through the prompt
or batch script. You have already used
this option on XP. But Microsoft has
reportedly changed some commands
with the more recent versions. What are
the things you need to keep in mind?
The control of the Firewall using the command line has changed from Windows Vista onwards. But the old commands also work on Windows 7. But Microsoft wants to change this. Thus, the best thing for you to do is to upgrade to the new commands. The advantage: this gives you additional configuration options.
In Vista and Windows 7, the Firewall
is controlled using ‘netsh’ in the ‘netsh
advfirewall firewall’ context instead of
the ‘netsh firewall’ earlier. Moreover, you
have upgraded command options here.
On account of the User Account Control,
all actions from a command line must
run with administrator rights. Type ‘cmd’
in the search field of the Start menu for
starting, right-click ‘cmd.exe’ and select
‘Run as administrator’. You can save
yourself some of the typing effort if you
directly switch to the desired context.
Enter ‘netsh advfirewall’ for this and
press Enter. The prompt displays this
latest context in case of further actions.
You can always obtain help on entering a
question mark and the ‘reset’ command
helps in resetting all Firewall settings to
standard values. You can activate and
deactivate using ‘set current profile state
on’ and ‘set current profile state off ’.
Type ‘firewall’ in order to reach the ‘netsh advfirewall firewall’ context for configuring individual rules. You can use ‘add rule’ to define each authorization or block for a program or port. The syntax that it follows is a little more complicated but follows a systematic structure. The parameters ‘dir=in’ or ‘dir=out’ and ‘action=allow’ and ‘action=block’ must be specified in each case in order to specify the direction as in or out and the type of rule as allowed or blocked. Moreover, each rule requires a clear name that you can assign using the parameter ‘name=’Example of a name’’ and subsequently use again for accessing this rule. All other parameters depend on the concrete task. Here, you can use ‘program=‘C:\test\example.exe’’, ‘protocol=TCP’ or ‘localport=80’ for instance. An example of a complete command for opening Port 80 for the TCP protocol would then be as follows:
add rule name- ‘Port 80 off nen’ dir-in action-allow protocol-TCP localport-80
The ‘add rule ?’ command provides help for all the rule options. Make sure that you always specify the complete context for the Firewall programming in scripts. All commands must start with the string ‘netsh advfi rewall fi rewall’.
The control of the Firewall using the command line has changed from Windows Vista onwards. But the old commands also work on Windows 7. But Microsoft wants to change this. Thus, the best thing for you to do is to upgrade to the new commands. The advantage: this gives you additional configuration options.
Type ‘firewall’ in order to reach the ‘netsh advfirewall firewall’ context for configuring individual rules. You can use ‘add rule’ to define each authorization or block for a program or port. The syntax that it follows is a little more complicated but follows a systematic structure. The parameters ‘dir=in’ or ‘dir=out’ and ‘action=allow’ and ‘action=block’ must be specified in each case in order to specify the direction as in or out and the type of rule as allowed or blocked. Moreover, each rule requires a clear name that you can assign using the parameter ‘name=’Example of a name’’ and subsequently use again for accessing this rule. All other parameters depend on the concrete task. Here, you can use ‘program=‘C:\test\example.exe’’, ‘protocol=TCP’ or ‘localport=80’ for instance. An example of a complete command for opening Port 80 for the TCP protocol would then be as follows:
add rule name- ‘Port 80 off nen’ dir-in action-allow protocol-TCP localport-80
The ‘add rule ?’ command provides help for all the rule options. Make sure that you always specify the complete context for the Firewall programming in scripts. All commands must start with the string ‘netsh advfi rewall fi rewall’.
0 comments:
Post a Comment
please write your comment
Note: Only a member of this blog may post a comment.