- Click "Start".
- Type "cmd.exe" and hit enter.
- In the box, type or copy+paste these commands to enable the firewall while allowing all connections by default:
Code: Select all
netsh advfirewall set publicprofile firewallpolicy allowinbound,allowoutbound netsh advfirewall set publicprofile state on
- Enter a firewall rule for your desired behavior. For instance, to block a certain IP, you might use (all on one line):
Or to block a certain destination port, you might use:Code: Select all
netsh advfirewall firewall add rule name="block 62.131.74.12" dir=in remoteip=62.131.74.12 action=block
To delete rules, you can use other commands, or the "Windows Firewall with Advanced Security" dialog. For instance, to show rules that have been previously created (including the default Windows rules, which you can safely remove), use this command:Code: Select all
netsh advfirewall firewall add rule name="block port 27015" dir=in protocol=udp localport=27015 action=block
For a list of overall commands, just type "netsh advfirewall firewall" or the more specific section that you want to view information on, such as "netsh advfirewall firewall add rule".Code: Select all
netsh advfirewall firewall show rule name=all
- Download the ipseccmd.exe utility and put it in your "c:\Windows\system32" folder.
- Click Start->Run and type "cmd.exe".
- At the command prompt, enter desired rules. For instance, to block a specific IP, you might use:
The "-f" means that we are adding a rule to the default set.Code: Select all
ipseccmd -f "0+192.168.1.*"
The "0" means that on the sender (source) we are looking at all local IPs. Similarly, "*" would mean any ips.
The "192.168.1.*" means that on the receiver (destination) we are looking at any IPs fitting the wildcard. It also allows masks, like 192.168.1.255/255.255.255.0, or for a single IP, like 192.168.1.1.
The "+" means that this rule should be applied in both directions (use "=" if you just want one direction).
To clear all rules use this:
You can also allow or block access to certain ports/protocols. For instance, this would allow connections from TCP port 80 locally to any TCP port on 192.18.1.30:Code: Select all
ipseccmd -u
The parentheses here mean allow, and the port and protocol are separated by colons. Brackets -- [] -- are a synonym for block.Code: Select all
ipseccmd -f "(0:80=192.168.1.30::tcp)"
Specifying a port number of "0" blocks all ports, just as "0" blocks all IPs.
More information can be found with:
To see a list of filters:Code: Select all
ipseccmd -?
Code: Select all
ipseccmd show filters