语法
用法: set rule group=<string> | name=<string> [dir=in|out] [profile=public|private|domain|any[,...]] [program=<program path>] [service=service short name|any] [localip=any|<IPv4 address>|<IPv6 address>|<subnet>|<range>|<list>] [remoteip=any|localsubnet|dns|dhcp|wins|defaultgateway|<IPv4 address>|<IPv6 address>|<subnet>|<range>|<list>] [localport=0-65535|<port range>[,...]|RPC|RPC-EPMap|IPHTTPS|any] [remoteport=0-65535|<port range>[,...]|any] [protocol=0-255|icmpv4|icmpv6|icmpv4:type,code|icmpv6:type,code|tcp|udp|any] new [name=<string>] [dir=in|out] [program=<program path> [service=<service short name>|any] [action=allow|block|bypass] [description=<string>] [enable=yes|no] [profile=public|private|domain|any[,...]] [localip=any|<IPv4 address>|<IPv6 address>|<subnet>|<range>|<list>] [remoteip=any|localsubnet|dns|dhcp|wins|defaultgateway|<IPv4 address>|<IPv6 address>|<subnet>|<range>|<list>] [localport=0-65535|RPC|RPC-EPMap|any[,...]] [remoteport=0-65535|any[,...]] [protocol=0-255|icmpv4|icmpv6|icmpv4:type,code|icmpv6:type,code|tcp|udp|any] [interfacetype=wireless|lan|ras|any] [rmtcomputergrp=<SDDL string>] [rmtusrgrp=<SDDL string>] [edge=yes|deferapp|deferuser|no (default=no)] [security=authenticate|authenc|authdynenc|notrequired]
举例
netsh advfirewall firewall set rule name="文件和打印机共享(SMB-In)" new action=block
将“文件和打印机共享(SMB-In)”规则的“操作”从“允许”改为“阻止”。
注意,必须要有"new"指令。
防火墙
从防火墙的高级设置,入站规则里可以查看所有的规则。
参考