如何添加出站Windows防火墙例外? [英] How to Add Outbound Windows Firewall Exception?

问题描述

我需要为正在编写的应用程序打开出站连接的Windows防火墙.

I need to open up the Windows Firewall for outbound connections for an application I'm writing.

我能够找到的最佳答案在这里:

The best answers I've been able to locate are here:

http://www.shafqatahmed.com/2008/01/controlling- win.html

http://www.vincenzo.net/isxkb/index.php? title =添加_a_rule_to_the_Windows_firewall

问题在于该方法仅创建入站规则，而不创建出站规则. (C#和InnoSetup脚本都使用相同的方法.)这对我来说完全没有用.

The problem is that method only creates an inbound rule, and not an outbound rule. (Both the C# and InnoSetup script use the same method.) This is entirely useless for me.

Windows防火墙的默认行为是允许出站流量，但这不能保证有人不会对此进行更改.

The default behaviour for the Windows Firewall is to allow outbound traffic, but that doesn't guarantee that someone won't change that.

我宁愿在安装程序中执行此操作(使用InnoSetup)，而不是在C#中执行此操作.

I would prefer to do this in the installer (using InnoSetup) rather than doing it in C#.

我错过了什么吗?

有人知道如何创建出站规则吗?

Does anyone know how to create an outbound rule?

推荐答案

如果需要为应用程序添加一些例外，则可以使用 netsh .

You can use netsh if you need add some exceptions for your application.

在命令行中写入(对于XP):

write in command line (for XP):

netsh firewall add allowedprogram ?

在命令行中写入(对于W7):

write in command line (for W7):

netsh advfirewall firewall add rule ?

不建议使用此差异，因为 netsh防火墙命令.相反，我们必须使用命令 netsh advfirewall防火墙.

This difference becouse netsh firewall command is deprecated. Instead, we have to use the command netsh advfirewall firewall.

有关使用命令netsh advfirewall防火墙而不是netsh防火墙命令的更多信息，我们可以在知识库中看到: http://go.microsoft.com/fwlink/?linkid=121488

More information about using the command netsh advfirewall firewall instead of the netsh firewall command we can see in Knowledge Base there: http://go.microsoft.com/fwlink/?linkid=121488

示例:

为传入流量添加规则，但不对messenger.exe进行安全封装:

Adding a rule for incoming traffic without security encapsulation for messenger.exe:

netsh advfirewall firewall add rule name="allow messenger" dir=in program="c:\programfiles\messenger\msmsgs.exe" security=authnoencap action=allow

为端口80的传出流量添加规则:

Adding a rule for outgoing traffic at the port 80:

netsh advfirewall firewall add rule name="allow80" protocol=TCP dir=out localport=80 action=block

通过安全性& ;;向入站流量添加规则通过端口80进行TCP的流量加密:

Adding rules to inbound traffic with safety & traffic encryption for TCP through port 80:

netsh advfirewall firewall add rule name="Require Encryption for Inbound TCP/80" protocol=TCP dir=in localport=80 security=authdynenc action=allow

这篇关于如何添加出站Windows防火墙例外?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！