Microsoft Windows
[Version 6.0.6001
](C) Copyright 2006 Microsoft Corp.
c
:\windows>netsh firewall add portopening ?
add portopening
[ protocol =
] TCP
|UDP
|ALL
[ port =
] 1-65535
[ name =
] name
[ [ mode =
] ENABLE
|DISABLE
[ scope =
] ALL
|SUBNET
|CUSTOM
[ addresses =
] addresses
[ profile =
] CURRENT
|DOMAIN
|STANDARD
|ALL
Adds firewall port configuration.
Parameters
:
protocol - Port protocol.
TCP - Transmission Control Protocol (TCP).
UDP - User Datagram Protocol (UDP).
ALL - All protocols.
port - Port number.
name - Port name.
mode - Port mode (optional).
ENABLE - Allow through firewall (default).
DISABLE - Do not allow through firewall.
scope - Port scope (optional).
ALL - Allow all traffic through firewall (default).
SUBNET - Allow only local network (subnet) traffic through firewall.
CUSTOM - Allow only specified traffic through firewall.
addresses - Custom scope addresses (optional).
This comma-separated scope can contain IPv4 addresses,
IPv6 addresses, subnets, ranges, or the keyword LocalSubnet.
profile - Configuration profile (optional).
CURRENT - Applies to the active profile. Active profile can be domain,
standard (i.e. private), or public. (default).
DOMAIN - Applies to the domain profile.
STANDARD - Applies to the standard (i.e. private) profile.
ALL - Applies to the domain and standard (i.e. private) profile.
Does not apply to the public profile.
Remarks
: 'scope' must be 'CUSTOM' to specify 'addresses'.
'addresses' can not contain unspecified or loopback addresses.
Examples
:
add portopening TCP 80 "My Web Port"
add portopening UDP 500 IKE ENABLE ALL
add portopening ALL 53 DNS ENABLE CUSTOM
157.60.0.1,172.16.0.0/16,10.0.0.0/255.0.0.0,
12AB
:0000
:0000
:CD30
::/60,LocalSubnet
add portopening protocol=ALL port=53 name=DNS mode=ENABLE scope=CUSTOM
addresses=157.60.0.1,172.16.0.0/16,10.0.0.0/255.0.0.0,
12AB
:0000
:0000
:CD30
::/60,LocalSubnet
