Netsh advfirewall is a command line used for the Advanced Firewall Windows 2008 Server configuration. Is CLI used for configuring Windows firewall?
While some people like to use the MMC snap-in interface to configure a firewall, others prefer to use CLI for the following reasons:
Which command is used with netsh advfirewall?
Here are the 9 most important commands you need to know when using the netsh advfirewall command.
Help (?)
This is the most used statement. Whenever you type the command, this command will allow you to see all the options available in the corresponding command (see Figure 1).
Figure 1: The help option in netsh advfirewall
Consec command (securely connect to the required profile)
The connection information will allow you to create IPSEC VPNs between the two systems. In other words, the consec statement allows to ensure that the traffic through the firewall is limited or filtered.
This option will create a safe connection configuration as follows:
netsh advfirewall> consec
netsh advfirewall consec>
Here, if you type the command? You will see 6 different situations in netsh advfirewall consec (see Figure 2).
If typing? Here, you can change the security information with the following commands:
Figure 2: The netsh option advfirewall consec
Show command
You use the Show command to list what the firewall will do next. There are 3 options for this command:
Export
You should export all current firewall configurations to a file. This command will be very useful because you can back up all file settings and restore them when you don't like the new profiles you have created.
Firewall command
With this command you can add new internal and external rules for the firewall. This command also allows changing rules on the firewall.
Figure 3: The netsh command advfirewall firewall
In the firewall command there are four important commands:
The following is an example of the Add and Delete commands:
Add a rule for messenger.exe
netsh advfirewall firewall add rule name = "allow messenger"
dir = in program = "c: programfilesmessengermsmsgs.exe 'action = allow
Delete all the rules in port 21
netsh advfirewall firewall delete name rule name = all protocol = tcp localport = 21
Import
The import command allows importing firewall profiles from a file. With this command you can load into a file that you exported. For example:
netsh advfirewall import 'c: advfirewall.wfw'
Reset
This command will reset the firewall permissions back to default. Be careful with this command because as soon as you type this command it will reset the terms without asking if you agree. Here is an example:
netsh advfirewall reset
Set
The Set command changes the firewall state to various information. There are 6 types of content for this command:
Figure 4: netsh advfirewall set
Example command set:
Show
The show command displays all the settings you have made for all other profiles.
Conclude
In this article, we identified the main commands needed to configure the Windows 2008 firewall with the netsh advfirewall command. Now you need to decide whether to use the user interface or the commands to configure the firewall. Both methods have the same options. The command line interface will not be much different from the Windows 2008 firewall when you already know the commands.