1 windows:
rem 只针对win2003以上系统
rem 关闭135、445端口:
sc config srv start= disabled
sc config netbt start= disabled
net start mpssvc
sc config mpssvc start= auto
netsh advfirewall set allprofile state on
netsh advfirewall firewall add rule name=TCP135 dir=in action=block protocol=TCP localport=135
netsh advfirewall firewall add rule name=UDP135 dir=in action=block protocol=UDP localport=135
netsh advfirewall firewall add rule name=TCP137 dir=in action=block protocol=TCP localport=137
netsh advfirewall firewall add rule name=UDP137 dir=in action=block protocol=UDP localport=137
netsh advfirewall firewall add rule name=TCP139 dir=in action=block protocol=TCP localport=139
netsh advfirewall firewall add rule name=UDP139 dir=in action=block protocol=UDP localport=139
netsh advfirewall firewall add rule name=TCP445 dir=in action=block protocol=TCP localport=445
netsh advfirewall firewall add rule name=UDP445 dir=in action=block protocol=UDP localport=445
2008:
netsh advfirewall set allprofile state on
netsh advfirewall reset
netsh advfirewall set allprofiles firewallpolicy blockinbound,blockoutbound
netsh advfirewall firewall add rule name="135,445" dir=in action=block protocol=TCP localport=135,445
netsh advfirewall firewall add rule name="dahua" dir=in action=allow remoteip=192.168.0.0/24,172.16.0.0/16 protocol=TCP localport=21,80,8081,8090,9000,9001,9100,9115,9200,9320,9400,9500,9600,9700,9800,12366
netsh advfirewall firewall add rule name="oracle" dir=in action=allow remoteip=192.168.1.0/255.255.255.0 protocol=TCP localport=1521
netsh advfirewall firewall add rule name="dahuaAPP" dir=in action=allow remoteip=192.168.0.0/24,172.16.0.0/16 program="C:\MyApp\MyApp.exe" enable=yes
rem netsh advfirewall firewall add rule name="dahuaAPP" dir=in action=allow program="C:\MyApp\MyApp.exe" enable=yes remoteip=157.60.0.1,172.16.0.0/16 LocalSubnet profile=private
rem action=allow action=block
rem netsh firewall add port tcp 139 netbios-ssn enable custom 192.168.0.0/255.255.0.0,10.0.0.0/255.0.0.0
rem ========