> For the complete documentation index, see [llms.txt](https://www.heresecurity.wiki/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/rdp-and-firewall/fang-huo-qiang.md). # 防火墙 ``` >netsh firewall set service remoteadmin enable >netsh firewall set service remotedesktop enable >netsh firewall set opmode disable 关闭防火墙 >netsh firewall set opmode mode=disable 放行远程8888端口进来的流量 netsh advfirewall firewall add rule name="88" protocol=TCP dir=in remoteport=8888 action=allow 放行出去到远程8888端口的流量 netsh advfirewall firewall add rule name="88" protocol=TCP dir=out remoteport=8888 action=allow 放行本地4444端口出去的流量 netsh advfirewall firewall add rule name="44" protocol=TCP dir=out localport=4444 action=allow 放行从本地4444端口进来的流量 netsh advfirewall firewall add rule name="44" protocol=TCP dir=in localport=4444 action=allow 删除规则 netsh advfirewall firewall delete rule name="88" 查看防火墙配置(可看到具体规则等配置) netsh firewall show config 允许进站 如果系统未配置过远程桌面服务,第一次开启时还需要添加防火墙规则,允许3389端口,命令如下: >netsh advfirewall firewall add rule name="Remote Desktop" protocol=TCP dir=in localport=3389 action=allow >netsh firewall set portopening TCP 3389 ENABLE 防火墙关闭 >netsh firewall set opmode mode=disable >netsh advfirewall show allprofiles查看状态 >netsh advfirewall set allprofiles state off >sc stop windefend >sc delete windefend PS> Set-MpPreference -DisableRealtimeMonitoring 1 PS> Set-MpPreference -Disablearchivescanning $true IP白名单 >New-NetFirewallRule -Name morph3inbound -DisplayName morph3inbound -Enabled True -Direction Inbound -Protocol ANY -Action Allow -Profile ANY -RemoteAddress 10.10.10.10 列出防火墙的阻止端口 >$f=New-object -comObject HNetCfg.FwPolicy2;$f.rules | where {$_.action -eq "0"} | select name,applicationname,localports 禁用防火墙 在 Windows 7 上通过 cmd 禁用防火墙 reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f 在 Windows 7 上通过 Powershell 禁用防火墙 powershell.exe -ExecutionPolicy Bypass -command 'Set-ItemProperty -Path "HKLM:\System\CurrentControlSet\Control\Terminal Server" -Name "fDenyTSConnections" –Value'` 通过 cmd 在任何windows上禁用防火墙 netsh firewall set opmode disable netsh Advfirewall set allprofiles state off ``` --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/rdp-and-firewall/fang-huo-qiang.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.