- Add a new inbound or outbound rule to the firewall policy. - Rule name should be unique and cannot be "all". - If a remote computer or user group is specified, security must be authenticate or authenc. - If action=bypass, the remote computer group must be specified. - Action=bypass is only valid for rules with dir=in. - If service=any, the rule applies only to services. - ICMP type or code can be "any". - Edge can only be specified for inbound rules.
Add an inbound rule for messenger.exe: netsh advfirewall firewall add rule name="allow messenger" dir=in program="c:\programfiles\messenger\msmsgs.exe" action=allow
Add an outbound rule for port 80: netsh advfirewall firewall add rule name="allow80" protocol=TCP dir=out localport=80 action=block
Add an inbound rule for messenger.exe and require security netsh advfirewall firewall add rule name="allow messenger" dir=in program="c:\program files\messenger\msmsgs.exe" security=authenticate action=allow
Add an authenticated firewall bypass rule for group acmedomain\scanners identified by a SDDL string: netsh advfirewall firewall add rule name="allow scanners" dir=in rmtcomputergrp= action=bypass security=authenticate
NETSH / ADVFIREWALL / FIREWALL / ADD / RULE
netsh advfirewall firewall add rule - Windows Vista - commandAdds a new inbound or outbound firewall rule. - Windows Vista netsh, advfirewall, firewall, add, rule, cmd, command, Windows, Vista