Windows firewall command based operations

D:\>netsh firewall /?

The following commands are available:

Commands in this context:
?              – Displays a list of commands.
add            – Adds firewall configuration.
delete         – Deletes firewall configuration.
dump           – Displays a configuration script.
help           – Displays a list of commands.
reset          – Resets firewall configuration to default.
set            – Sets firewall configuration.
show           – Shows firewall configuration.

To view help for a command, type the command, followed by a space, and then
type ?.

D:\>netsh firewall add ?

The following commands are available:

Commands in this context:
add allowedprogram – Adds firewall allowed program configuration.
add portopening – Adds firewall port configuration.

D:\>netsh firewall set ?

The following commands are available:

Commands in this context:
set allowedprogram – Sets firewall allowed program configuration.
set icmpsetting – Sets firewall ICMP configuration.
set logging    – Sets firewall logging configuration.
set multicastbroadcastresponse – Sets firewall multicast/broadcast response conf
iguration.
set notifications – Sets firewall notification configuration.
set opmode     – Sets firewall operational configuration.
set portopening – Sets firewall port configuration.
set service    – Sets firewall service configuration.

Enable/Disable Windows firewall using command line
————————————————–

netsh firewall set opmode enable
netsh firewall set opmode disable

Eg:
D:\>netsh firewall set opmode disable
Ok.

D:\>netsh firewall set opmode enable
Ok.

Enable the Firewall and DO NOT Allow Port/Program Exceptions
————————————————————

netsh firewall set opmode enable disable

Enable Firewall and Allow Port/Program Exceptions
————————————————-

netsh firewall set opmode enable enable

Add/Modify program-based exception using command line
—————————————————–
netsh firewall add allowedprogram
netsh firewall set allowedprogram

Eg:
D:\>netsh firewall add allowedprogram C:\Programfiles\App.exe App ENABLE
D:\>netsh firewall add allowedprogram C:\MyApp\MyApp.exe MyApp ENABLE CUSTOM LocalSubnet

Delete existing program-based exception using command line
———————————————————-
netsh firewall delete allowedprogram

Eg:
D:\>delete allowedprogram C:\Programfiles\App.exe

Add/Modify port-based exception using command line
————————————————–
netsh firewall add portopening

Eg:
D:\>netsh firewall add portopening TCP 80 localweb

Display a notification when Windows Firewall blocks a program using command line
——————————————————————————–
netsh firewall set notifications

Eg:
D:\>netsh firewall set notifications ENABLE

Enable or disable Windows Firewall pre-defined services using command line
————————————————————————–
netsh firewall set service

Eg:
D:\>nxamplestsh firewall set service FILEANDPRINT
D:\>netsh firewall set service REMOTEADMIN ENABLE SUBNET

Set Windows Firewall ICMP Settings using command line
—————————————————–
netsh firewall set icmpsetting

Parameters:
type – ICMP type.
2 – Allow outgoing packet too big.
3 – Allow outgoing destination unreachable.
4 – Allow outgoing source quench.
5 – Allow redirect.
8 – Allow incomming echo request.
9 – Allow incomming router request.
11 – Allow outgoing time exceeded.
12 – Allow outgoing parameter problem.
13 – Allow incomming timestamp request.
17 – Allow incomming mask request.
ALL – All types.

Eg:
D:\>netsh firewall set icmpsetting 8 ENABLE
D:\>netsh firewall set icmpsetting type = ALL mode = DISABLE

Restore all Windows Firewall settings to default state using command line
————————————————————————-
netsh firewall reset

Display Windows Firewall settings using command line
—————————————————-
netsh firewall show commands

show allowedprogram – Displays the excepted programs.
show config – Displays the local configuration information.
show icmpsetting – Displays the ICMP settings.
show notifications – Displays the current settings for notifications.
show opmode – Displays the operational mode.

Advertisements

Posted on August 4, 2011, in General, Uncategorized, Windows. Bookmark the permalink. Leave a comment.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: