Windows 11 netsh wfp command

Microsoft Windows [Version 10.0.22621.2428]
(c) Microsoft Corporation. C:\Windows>netsh wfp ? The following commands are available: Commands in this context: ? - Displays a list of commands. capture - Captures real-time diagnostic information. dump - Displays a configuration script. help - Displays a list of commands. set - Sets WFP diagnostic options. show - Shows WFP configuration and state. To view help for a command, type the command, followed by a space, and then type ?.

Captures real-time diagnostic information.

»netsh »wfp »capture


C:\Windows>netsh wfp capture ?

The following commands are available:

Commands in this context:
capture start  - Starts an interactive capture session. 
capture status - Tells whether an interactive capture session is in progress.
capture stop   - Stops an interactive capture session.

Starts an interactive capture session.

»netsh »wfp »capture »start


C:\Windows>netsh wfp capture start ?
 
 

   Usage: capture start 
             [ [ cab = ] (ON | OFF) ] 
             [ [ traceonly = ] (ON | OFF) ]
             [ [ keywords = ] (NONE | BCAST | MCAST | BCAST+MCAST) ] 
             [ [ file = ] <path> ]

   Parameters: 

      Tag            Value 
      cab            - Can be ON or OFF. The default is ON. 
                       ON compiles the files in a single .cab file. 
                       OFF leaves the output files uncompressed. 
                       This is useful if doing your own troubleshooting, 
                       rather than collecting data for others. 

      traceonly      - Can be ON or OFF. The default is OFF. 
                       ON collects only event tracing data, 
                       which reduces the output file size. 

      keywords       - Can be NONE, BCAST, MCAST, or BCAST+MCAST. 
                       The default is BCAST+MCAST. 
                       Sets the net event keywords used for the session. 
                       BCAST includes broadcast events and MCAST includes 
                       multicast events. To reduce the file size for long- 
                       running captures, set to NONE. 

      file           - Output file name.  The default is 'wfpdiag.cab'. 
                       If the cab option is ON, the file name should not 
                       include the extension since the .cab is 
                       automatically added to the output file. 

   Remarks:   Starts an interactive capture session. 
              To stop capture, run 'capture stop'. 

Tells whether an interactive capture session is in progress.

»netsh »wfp »capture »status


C:\Windows>netsh wfp capture status ?
 
 

   Usage: capture status 
 

   Remarks:   Tells whether an interactive capture session is in progress. 

Stops an interactive capture session.

»netsh »wfp »capture »stop


C:\Windows>netsh wfp capture stop ?
 
 

   Usage: capture stop 
 

   Remarks:   Stops an interactive capture session. 
              Takes effect if previous command executed was 'capture start'. 

Displays a configuration script.

»netsh »wfp »dump


C:\Windows>netsh wfp dump ?

Usage: dump

Remarks: 
    Creates a script that contains the current configuration.  If saved to a
    file, this script can be used to restore altered configuration settings.

Displays a list of commands.

»netsh »wfp »help


C:\Windows>netsh wfp help ?

Usage: help

Remarks: 
       Displays a list of commands.

Sets WFP diagnostic options.

»netsh »wfp »set


C:\Windows>netsh wfp set ?

The following commands are available:

Commands in this context:
set options    - Sets the global WFP options.

Sets the global WFP options.

»netsh »wfp »set »options


C:\Windows>netsh wfp set options ?

 

   Usage: set options 
             [ netevents = ON | OFF ] 
             [ [ keywords = ] NONE | BCAST | MCAST| BCAST+MCAST ] 
             [ [ txnwatchdog = ] <time in msec> ] 
 
   Parameters: 

      Tag            Value 
      netevents      - Can be either ON or OFF. 
                       Sets the netevents option. 
 
      keywords       - Can be  NONE, BCAST, MCAST, or BCAST+MCAST. 
                       Sets the  keywords option. The default is NONE. 
 

      txnwatchdog    - Sets the timeout in milliseconds for the transaction 
                       watchdog event. This must be an integer. If no value 
                       is specified, the timeout is set to zero, and an 
                       event will be triggered for every transaction. 
 
   Remarks:   Sets the global WFP options. 
              Only one option parameter can be set per execution. 

Shows WFP configuration and state.

»netsh »wfp »show


C:\Windows>netsh wfp show ?

The following commands are available:

Commands in this context:
show appid     - Displays the application ID for the specified file. 
show boottimepolicy - Displays the boot-time policy and filters. 
show filters   - Displays filters matching the specified traffic parameters.
show ikeevents - Displays recent IKE epoch events matching the specified parameters. 
show netevents - Displays recent network events matching the traffic parameters. 
show options   - Displays the global WFP options. 
show security  - Displays the specified security descriptor. 
show state     - Displays the current state of WFP and IPsec.
show sysports  - Displays system ports used by the TCP/IP Stack and the RPC sub-system. 

Displays the application ID for the specified file.

»netsh »wfp »show »appid


C:\Windows>netsh wfp show appid ?

 

   Usage: show appid  [ file = ] <path> 
 
   Parameters: 

      Tag            Value 
      file           - Specifies the DOS path for the application. 
 
   Remarks:   Displays the application NT path for the specified file. 
              The supplied path must exist. 

Displays the boot-time policy and filters.

»netsh »wfp »show »boottimepolicy


C:\Windows>netsh wfp show boottimepolicy ?
 
 

   Usage: show boottimepolicy [ [ file = ] <path> | - ] 

   Parameters: 

      Tag            Value 
      file           - Output file name. The default is 'btpol.xml'. 
                       If this parameter is set to the dash character, 
                       'file = -', the output is written only to the console. 
 
   Remarks:   Displays the boot-time policy and filters. 

Displays filters matching the specified traffic parameters.

»netsh »wfp »show »filters


C:\Windows>netsh wfp show filters ?
 
 

   Usage: show filters 
             [ [ file = ] <path> | - ]  
             [ [ protocol = ] <ipproto> ] 
             [ [ localaddr = ] <ipaddr> ] 
             [ [ remoteaddr = ] <ipaddr> ] 
             [ [ localport = ] <port> ] 
             [ [ remoteport = ] <port> ] 
             [ [ appid = ] <path> ] 
             [ [ userid = ] <user> ] 
             [ [ dir = ] IN | OUT ] 
             [ [ verbose = ] ON | OFF ] 
 
   Parameters: 

      Tag            Value 
      file           - Output file name. The default is 'filters.xml'. 
                       If this parameter is set to the dash character, 
                       'file = -', the output is written only to the console. 
 
      protocol       - The IP protocol. This must be an integer. 
 
      localaddr      - The IP addresses. 'localaddr' is the local IP address, 
      remoteaddr       and the 'remoteaddr' is the remote IP address. 
                       The addresses are either IPv4 or IPv6. 
                       If both local and remote addressses are specified, 
                       they both must belong to the same address family. 
 
      localport      - The ports. 'localport' is the local port 
      remoteport       and 'remoteport' is the remote port. 
                       They must be integers. 
 
      appid          - The application sending or receiving the traffic 
                       on the local host. 
                       This either an NT path such as 
                          '\device\harddiskvolume1\windows\system32\ftp.exe' 
                       or a DOS path such as 
                          'c:\Windows\System32\ftp.exe' 
                       The supplied path must exist. 
 
      userid         - The user sending or receiving the traffic  
                       on the local host. The userid may be a SID 
                       (such as 'S-1-5-18') or a user name (such as 
                       'nt authority\system'). 
 
      dir            - The direction of the connection. By default, filters 
                       for both inbound and outbound traffic are displayed. 

                       Use IN to display only filters for inbound traffic 
                       or OUT to display only filters for outbound traffic. 

      verbose        - Determines whether to display all filters. 
                       Can be ON or OFF. The default is OFF, which attempts 
                       to suppress matching filters that are unlikely to 
                       affect connectivity. 
                       ON does not suppress any filters. 
 

   Remarks:   Displays filters matching the specified traffic parameters. 

Displays recent IKE epoch events matching the specified parameters.

»netsh »wfp »show »ikeevents


C:\Windows>netsh wfp show ikeevents ?
 
 

   Usage: show ikeevents 
             [ [ file = ] <path> | - ]  
             [ [ remoteaddr = ] <ipaddr> ] 
 
   Parameters: 

      Tag            Value 
      file           - Output file name. The default is 'netevents.xml'. 
                       If this parameter is set to the dash character, 
                       'file = -', the output is written only to the console. 
 
      remoteaddr       The remote IP address. The remote address is either 
                       IPv4 or IPv6. 
 
   Remarks:   Displays recent IKE epoch events matching the specified parameters. 

Displays recent network events matching the traffic parameters.

»netsh »wfp »show »netevents


C:\Windows>netsh wfp show netevents ?
 
 

   Usage: show netevents 
             [ [ file = ] <path> | - ]  
             [ [ protocol = ] <ipproto> ] 
             [ [ localaddr = ] <ipaddr> ] 
             [ [ remoteaddr = ] <ipaddr> ] 
             [ [ localport = ] <port> ] 
             [ [ remoteport = ] <port> ] 
             [ [ appid = ] <path> ] 
             [ [ userid = ] <user> ] 
             [ [ timewindow = ] <seconds> ] 
 
   Parameters: 

      Tag            Value 
      file           - Output file name. The default is 'netevents.xml'. 
                       If this parameter is set to the dash character, 
                       'file = -', the output is written only to the console. 
 
      protocol       - The IP protocol. This must be an integer. 
 
      localaddr      - The IP addresses. 'localaddr' is the local IP address, 
      remoteaddr       and 'remoteaddr' is the remote IP address. 
                       The addresses are either IPv4 or IPv6. 
                       If both local and remote addresses are specified, 
                       they both must belong to the same address family. 
 
      localport      - The ports. 'localport' is the local port, 
                       and 'remoteport' is the remote port. 
      remoteport       They must be integers. 
 
      appid          - The application sending or receiving the traffic 
                       on the local host. 
                       This either an NT path such as 
                          '\device\harddiskvolume1\windows\system32\ftp.exe' 
                       or a DOS path such as 
                          'c:\Windows\System32\ftp.exe' 
                       The supplied path must exist. 
 
      userid         - The user sending or receiving the traffic 
                       on the local host. The userid may be a SID 
                       (such as 'S-1-5-18') or 
                       a user name (such as 'nt authority\system'). 
 
      timewindow     - Limits the output to network events that occurred 
                       within a specified number of seconds. 
                       This must be an integer. 
 
   Remarks:   Displays recent network events matching the specified traffic parameters. 

Displays the global WFP options.

»netsh »wfp »show »options


C:\Windows>netsh wfp show options ?

 

  Usage: show options [optionsfor = ] NETEVENTS | KEYWORDS | TXNWATCHDOG 
 
   Parameters: 

      Tag            Value 
      optionsfor     - Can be either NETEVENTS, KEYWORDS, or TXNWATCHDOG. 
                       NETEVENTS shows whether network events are 
                       buffered for diagnostics. 
                       KEYWORDS shows which network events are 
                       buffered for diagnostics. 
                       TXNWATCHDOG shows the timeout in milliseconds for the 
                       transaction watchdog event. 
 
   Remarks:   Displays the current value set for the specified option. 

Displays the specified security descriptor.

»netsh »wfp »show »security


C:\Windows>netsh wfp show security ?

 

   Usage: show security 
             [ type = ] CALLOUT|ENGINE|FILTER|IKESADB|IPSECSADB|LAYER|NETEVENTS 
                        |PROVIDER|PROVIDERCONTEXT|SUBLAYER 
             [ [ guid = ] <guid> 
 
   Parameters: 

      Tag            Value 
      type           - Specifies the object type to be retrieved. 
                       Can be CALLOUT, ENGINE, FILTER, IKESADB, IPSECSADB, 
                       LAYER, NETEVENTS, PROVIDER, PROVIDERCONTEXT, 
                       or SUBLAYER. 
 
      guid           - For object types that support per-object security  
                       descriptors, this is the GUID of the object. If not 
                       specified, it defaults to IID_NULL, which retrieves 
                       the security descriptor of the type container. 
                       The following types support per-object security descriptors: 
                          callout 
                          filter 
                          layer 
                          provider 
                          providercontext 
                          sublayer 
 
   Remarks:   Displays the specified security descriptor. 

Displays the current state of WFP and IPsec.

»netsh »wfp »show »state


C:\Windows>netsh wfp show state ?
 
 

   Usage: show state [ [ file = ] <path> | - ] 

   Parameters: 

      Tag            Value 
      file           - Output file name. The default is 'wfpstate.xml'.  
                       If this parameter is set to the dash character, 
                       'file = -', the output is written only to the console. 

   Remarks:   Displays the current state of WFP and IPsec. 

Displays system ports used by the TCP/IP Stack and the RPC sub-system.

»netsh »wfp »show »sysports


C:\Windows>netsh wfp show sysports ?
 
 

   Usage: show sysports [ [ file = ] <path> | - ]  
   Parameters: 

      Tag            Value 
      file           - Output file name. The default is 'sysports.xml'. 
                       If this parameter is set to the dash character, 
                       'file = -', the output is written only to the console. 
 
   Remarks:   Displays system ports used by the TCP/IP stack and the 
              RPC sub-system. 



- de -/- en -









Windows-10


... Windows 10 FAQ
... Windows 10 How To


Windows 10 How To


... Windows 11 How To
... Windows 10 FAQ



HTTP: ... console/en/index.htm
0.156
7301
What is pagefile.sys?
WINDOWS EINSTELLUNG MS SETTINGS NETWORK PROXY
Was ist Scrollen?
What is a toner (toner cartridge)?
WINDOWS SETTING MS SETTINGS SURFACEHUB SESSIONCLEANUP
WINDOWS SETTING MS SETTINGS EASEOFACCESS COLORFILTER BLUELIGHTLINK
VHD, was ist das für eine Datei?
Was ist ein Peripheriegerät?
What are tablet buttons?
What is the difference between Windows 7 Ultimate x64 to x86?



(0)