If you just need to disable the Windows Firewall testwise, you can mess arround with dozens of pointless GUI options or just simply open Windows
Command prompt as Admin and type:
Windows Firewall OFF
netsh advfirewall set allprofiles state off
Windows Firewall ON
netsh advfirewall set allprofiles state on
Check your Windows Firewall running state with
netsh advfirewall show all state
And if you ever messed up your Windows Firewallsettings, just type in netsh advfirewall reset to go back to your Windows defaults.
#Reinstall Firewall
And if you destroyed your Windows Firewall you can reinstall it with following command (Admin Command prompt needed)
Rundll32 setupapi,InstallHinfSection Ndi-Steelhead 132 %windir%\inf\netrass.inf
Blocking IP's by Windows Firewall from a list of IPs from a Textfile
for /f %i in (badipaddresses.txt) do echo netsh advfirewall firewall add rule name="Block %i" dir=in protocol=any action=block remoteip=%i
Blocking single IP-Addresses manually
#Block a specific remote ip
netsh advfirewall firewall add rule name="Enemy_01" dir=in interface=any action=block remoteip=185.200.233.109
netsh advfirewall firewall add rule name="Enemy_02" dir=in interface=any action=block remoteip=192.101.93.10
netsh advfirewall firewall add rule name="Enemy_03" dir=in interface=any action=block remoteip=167.1.93.11
ect...
#Find a Group of entries
netsh advfirewall firewall show rule name=all | find "Enemy"
#Find a exact entry
netsh advfirewall firewall show rule name=all | find "Enemy_01"
#Disable a Windows Firewall Rule
netsh advfirewall firewall set rule name="Enemy_01" new enable=no
#Enable a Windows Firewall Rule
netsh advfirewall firewall set rule name="Enemy_01" new enable=yes
#Delete Rule
netsh advfirewall firewall delete rule name="Enemy_01" dir=in
#Logging
netsh advfirewall set allprofiles logging filename "C:\temp\pfirewall.log"
netsh advfirewall set allprofiles logging droppedconnections enable
Windows Firewall Backup and Settings Restore
netsh advfirewall export "C:\temp\WFconfiguration.wfw"
netsh advfirewall import "C:\temp\WFconfiguration.wfw"
Windows Firewall Tricks
Re: Windows Firewall Tricks
That's for sure.
This worked when nothing else did. You're totally right about "pointless GUI options", but I would call them completely USELESS GUI options.#Logging
netsh advfirewall set allprofiles logging filename "C:\temp\pfirewall.log"
netsh advfirewall set allprofiles logging droppedconnections enable
One other thing. Need to add user read permissions to view.
Re: Windows Firewall Tricks
Yeah, there are situations a GUI is more a burden than a help
Re: Windows Firewall Tricks
I want to try out Soren's tail -f with the log but I'm having problems with permissions on the log file. When i add my account to the security properties to view the log, i can look at it. But as soon as i close the log file my permission disappears and i have to add myself again. Permissions don't stick. Any idea how to fix this?
Re: Windows Firewall Tricks
Administrator rights baby ... Administrator rights !palinka wrote: ↑2019-07-09 11:27I want to try out Soren's tail -f with the log but I'm having problems with permissions on the log file. When i add my account to the security properties to view the log, i can look at it. But as soon as i close the log file my permission disappears and i have to add myself again. Permissions don't stick. Any idea how to fix this?
SørenR.
Woke is Marxism advancing through Maoist cultural revolution.
Woke is Marxism advancing through Maoist cultural revolution.
Re: Windows Firewall Tricks
You know you have to be a little more specific with me because I'm special...
My account is a member of SERVER/Administrators and the owner of the firewall log is SERVER/Administrators and I can't open it. If I go to properties > security ("You must have read permissions to view the properties of this object") > advanced > permissions > add > I add myself, apply, OK then I can view but only until I close the file. Then its back to square one and I have to go through the whole thing all over again.
Re: Windows Firewall Tricks
Have you tried killing UAC?palinka wrote: ↑2019-07-09 12:53You know you have to be a little more specific with me because I'm special...
My account is a member of SERVER/Administrators and the owner of the firewall log is SERVER/Administrators and I can't open it. If I go to properties > security ("You must have read permissions to view the properties of this object") > advanced > permissions > add > I add myself, apply, OK then I can view but only until I close the file. Then its back to square one and I have to go through the whole thing all over again.
SørenR.
Woke is Marxism advancing through Maoist cultural revolution.
Woke is Marxism advancing through Maoist cultural revolution.
Re: Windows Firewall Tricks
No and i don't want to.SorenR wrote: ↑2019-07-09 13:13Have you tried killing UAC?palinka wrote: ↑2019-07-09 12:53You know you have to be a little more specific with me because I'm special...
My account is a member of SERVER/Administrators and the owner of the firewall log is SERVER/Administrators and I can't open it. If I go to properties > security ("You must have read permissions to view the properties of this object") > advanced > permissions > add > I add myself, apply, OK then I can view but only until I close the file. Then its back to square one and I have to go through the whole thing all over again.