advanced firewall: allow specific program "ping.exe"
Hi there!
I have some troubleswhile understanding advanced firewall workflow.
my goal is to block all inbound and outbound traffic except ICMPv4 and inbound TCP port 80.
so i try this:
netsh advfirewall set allprofiles firewallpolicy blockinbound,blockoutbound
netsh advfirewall firewall delete rule name=all
netsh advfirewall firewall add rule name="pinging" program="C:\Windows\System32\ping.exe" dir=out protocol=icmpv4 localip=any remoteip=any action=allow
netsh advfirewall firewall add rule name="web server"dir=in protocol=tcp localip=any remoteip=any action=allow localport=80 remoteport=any
so after entering this in a shell (cmd.exe executed as ADMIN, UAC=off) i go to another cmd.exe session and launch ping.exe to some remote host.... and got packet lost = 100%.
if I stop firewall - ping.exe are success pinging remote host.
Where i can grab complete information about how "advfirewall add rule 'program='" working ?
January 30th, 2008 12:26pm
Hi DDN,
Thank you for the post.
Please use the following command instead of the third one to test the issue:
netsh advfirewall firewall add rule name="pinging" dir=out protocol=icmpv4 localip=any remoteip=any action=allow
Hope it helps.
Sincerely,
Joson Zhou
Microsoft Online Community Support
Free Windows Admin Tool Kit Click here and download it now
February 1st, 2008 1:29pm
yes. its woking now.. .thanks... but why i can't allow only ping.exe to work? not all programs?
Recenly i can't allow Windows Commander to work with network. (i.e. go to share cd \\server\share)
My commandto windowsfirewall looks like this:
netsh advfirewall firewall add rule name="allow netbios out" dir=out protocol=tcp action=allow program="C:\Program Files\wincmd\WINCMD32.EXE"
February 4th, 2008 5:42pm