Appendix 16. Using command-line tools

Appendix 16. Using command-line tools

In Windows Server Core mode, because there is no graphical interface, you must configure Windows Firewall through the command line.

6.1 Enabling a program

netsh advfirewall firewall add rule name= "My application" Dir=in action=allow program= "C:\MyApp\MyApp.exe" Enable=yes

netsh advfirewall firewall add rule name= "My application" Dir=in action=allow program= "C:\MyApp\MyApp.exe" Enable=yes rem Oteip=157.60.0.1,172.16.0.0/16,localsubnet Profile=domain

6.2 Enabling ports

netsh advfirewall firewall add rule name= "Open Port" Dir=in action=allow protocol=tcp localport=80

6.3 Remove an enabled program or port

netsh advfirewall firewall delete rule name= rule name program= "C:\MyApp\MyApp.exe"

netsh advfirewall firewall delete rule name= rule name protocol=udp localport=500

6.4 Configuring ICMP

netsh advfirewall firewall add rule name= "ICMP allow incoming V4 echo request" Protocol=icmpv4:8,any Dir=in Action=allow

netsh advfirewall firewall add rule name= "all ICMP V4" Protocol=icmpv4:any,any dir=in Action=allow

netsh advfirewall firewall add rule name= "Block Type ICMP V4" Protocol=icmpv4:13,any dir=in Action=block

6.5 Logging Settings

netsh advfirewall set currentprofile logging filename%systemroot%\system32\logfiles\firewall\pfirewall.log

netsh advfirewall set currentprofile logging maxfilesize 4096

netsh advfirewall set currentprofile logging droppedconnections enable

netsh advfirewall set currentprofile logging allowedconnections enable

6.6 Enabling, resetting the firewall

netsh advfirewall set currentprofile state on

netsh advfirewall reset

6.7 Enabling other services

netsh advfirewall firewall set rule group= "Remote Desktop" new Enable=yes

This article from "SQLServer2014 series" blog, declined reprint!

Appendix 16. Using command-line tools