Windows Firewall
Here's a simple and practical tutorial for using netsh advfirewall in Windows — useful for managing the Windows Firewall via the Command Prompt (CMD).
🔧 What is netsh advfirewall?¶
netsh advfirewall is a command-line tool that allows you to configure Windows Firewall rules, profiles, and settings directly from CMD or scripts.
✅ Basic Command Format¶
🔥 1. Enable or Disable the Firewall¶
Enable firewall for all profiles:¶
Disable firewall for all profiles:¶
For specific profiles:¶
netsh advfirewall set domainprofile state on
netsh advfirewall set privateprofile state off
netsh advfirewall set publicprofile state on
🧱 2. Add a New Firewall Rule¶
Example: Allow inbound port 8080 for TCP¶
netsh advfirewall firewall add rule name="Allow Port 8080" dir=in action=allow protocol=TCP localport=8080
Example: Block outbound port 21 (FTP)¶
netsh advfirewall firewall add rule name="Block FTP Out" dir=out action=block protocol=TCP remoteport=21
🗑 3. Delete a Firewall Rule¶
You can also specify direction and port for more specific deletions:
📋 4. Show Firewall Rules¶
Show all rules:¶
Show specific rule:¶
🔄 5. Export and Import Firewall Rules¶
Export rules to a file:¶
Import rules from a file:¶
🛡 6. Reset Firewall to Default¶
⚠️ Warning: This will remove all custom rules and restore defaults.
📚 Tips¶
-
Always run Command Prompt as Administrator.
-
Use quotes
" "around rule names and file paths. -
Test rules carefully when working on remote systems to avoid locking yourself out.