This can be
accomplished by running the following command:
Netsh advfirewall inbound add name="Port80 Allow" protocol=TCP
localport=80 action=allow
The Windows Firewall allows you to create a blanket rule to allow or disallow any
traffic to and from an application based on a particular executable. For example, if you
had an application called myapp.exe in the C:\myapp directory that performed some
kind of networking function by listening to several ports on the server, you could allow
any connection to this application by running this:
Netsh advfirewall inbound add name="Allow Myapp" program="C:\myapp\
myapp.exe" action=allow
You can view all your currently defined inbound rules by running this command:
Netsh advfirewall inbound show name=all verbose
The verbose parameter is optional, but if you omit it, you won??™t see the path to the
executable for any application-based rules you??™ve defined.
38 Microsoft Windows Server 2008 Administration
This barely scratches the surface of all the netsh commands you can use to configure
the Windows Firewall. To find out more about netsh firewall commands, view the
netsh advfirewall help file by running this command:
Netsh advfirewall help
As you can tell, this method of manipulating the Windows Firewall can be quite
tedious. It??™s most useful when you are creating a script to define the firewall rules. In
most cases, though, it??™s best to use the Windows Firewall with Advanced Security MMC
snap-in, as it offers a more intuitive and easier method for defining rules and configuring
profiles.
Pages:
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78