The `netsh advfirewall consec show" command can be used with `rule` to display the list of all configured consecutive connection rules in Windows Firewall. It provides information about each rule, including its name, originating IP address range, destination IP address, destination port, connection count, timeout, and action.
Here is an example of how to use the `netsh advfirewall consec show rule` command:
netsh advfirewall consec show rule all
This command displays a list of all configured consecutive connection rules. Each rule is listed on a separate line and the following information is displayed for each rule:
*
Name: The name of the rule
*
Origin IP address range: The range of origin IP addresses affected by the rule
*
Target IP Address: The target IP address affected by the rule
*
Target Port: The target port affected by the rule
*
Connection Count: The maximum number of consecutive connections allowed before the firewall takes action
*
Timeout: The number of seconds the firewall should wait before counting a new connection as a separate connection
*
Action: The action the firewall should take when the maximum number of consecutive connections is reached
As an example, the following output shows a single consecutive connection rule:
Rule name: bruteforce
Origin IP address range: 192.168.1.100-192.168.1.200
Destination IP address: 10.10.10.1
Destination port: 22
Connection number: 10
Timeout: 10
Action: BLOCK
This rule would block all connections from IP addresses in the range 192.168.1.100 to 192.168.1.200 to IP address 10.10.10.1 on port 22 if more than 10 consecutive connections are made within 10 seconds.