位于注册表:
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]


rem 恢复防火墙到默认值
netsh advfirewall reset
 
rem 设置变量offices_***与internal_servers
set offices_***=203.208.46.200/32,119.75.217.56/32,131.253.13.32/32
set internal_servers=192.168.0.0/24
 
rem 开放端口3389到offices_***
rem netsh advfirewall firewall add rule name="自定义规则_port3389_from_offices_***" dir=in protocol=tcp localport=3389 remoteip=%offices_***% action=allow

rem 建立对internal_servers之间的相互信任
netsh advfirewall firewall add rule name="自定义规则_trust_all_internal_servers" dir=in remoteip=%internal_servers% action=allow

rem 开放端口80到所有地址
netsh advfirewall firewall add rule name="自定义规则_port80_from_anywhere" dir=in protocol=tcp localport=80 action=allow

rem 开放端口60000到所有地址
netsh advfirewall firewall add rule name="自定义规则_port60000_from_anywhere" dir=in protocol=tcp localport=60000 action=allow