禁止server 2008域端口的脚本

1 禁止server 2008域端口的脚本 

rem 禁止域端口 用于

netsh advfirewall firewall set rule name=all protocol=TCP dir=in localport=9389 new enable=no

netsh advfirewall firewall set rule name=all protocol=TCP dir=in localport=389 new enable=no

netsh advfirewall firewall set rule name=all protocol=TCP dir=in localport=445 new enable=no

netsh advfirewall firewall set rule name=all protocol=TCP dir=in localport=636 new enable=no

netsh advfirewall firewall set rule name=all protocol=TCP dir=in localport=3268 new enable=no

netsh advfirewall firewall set rule name=all protocol=TCP dir=in localport=3269 new enable=no

netsh advfirewall firewall set rule name=all protocol=UDP dir=in localport=389 new enable=no

netsh advfirewall firewall set rule name=all protocol=UDP dir=in localport=138 new enable=no

netsh advfirewall firewall set rule name=all protocol=UDP dir=in localport=445 new enable=no

netsh advfirewall firewall set rule name=all protocol=UDP dir=in localport=123 new enable=no

netsh advfirewall firewall set rule name=all protocol=tcp dir=in localport=RPC new enable=no

netsh advfirewall firewall set rule name=all protocol=tcp dir=in localport=RPC-EPMap new enable=no

 

 

2 rem 允许私网访问

netsh advfirewall firewall add rule name="innic_permit"    protocol=any dir=in  remoteip=10.0.0.0/255.0.0.0,172.16.0.0/255.255.0.0,192.168.0.0/255.255.0.0  action=allow