command-line - 为什么 Windows 命令 shell 告诉我使用另一个命令,然后命令不存在?

62 3

我手持的> 服务器应用程序一起使用 Web API rest方法问题:在这里,一个手持设备可以访问它。 我试图验证我没有使用这里划定的命令来验证防火墙问题:,显式:

netsh firewall add portopening TCP 80 IISExpressWeb enable ALL

我也使用端口 777,因为这是我在 applicationhost.config 中设置的:


 <binding protocol="http" bindingInformation="*:28642:localhost"/>

 <binding protocol="http" bindingInformation="*:777:"/>

 <binding protocol="https" bindingInformation="*:44300:localhost"/>


这样,我从命令 shell 获得了这个 fingerwag:

重要:命令已经成功执行。 但是,"。防火墙防火墙"已经过时;请改用"。advfirewall防火墙"。

然后,我输入了下面的( 传统/默认端口 80,如hanselmann的文章所示,然后我添加到 中,当传统发生故障( 777 ) ),一个接一个:

netsh advfirewall firewall add portopening TCP 80 IISExpressWeb enable ALL

netsh advfirewall firewall add portopening TCP 777 IISExpressWeb enable ALL

但是,输入 shell ( 或者建议)的命令命令之后,我从 cmd shell ( 两次) 得到以下反馈:

找不到以下命令: advfirewall防火墙添加 portopening TCP 80 IISExpressWeb启用所有功能。

所以它告诉我使用新的命令,然后说没有这样的东西 ! 这个故事是什么? 是否有办法实际使用新命令? 我的语法是错误的还是。

时间: 原作者:

116 2

在命令提示符下键入 netsh/? 会解释可以用的选项,以及查看要键入 netsh <option>/?的选项的信息。 这样做

I:>netsh advfirewall/?

The following commands are available:

Commands in this context:

? - Displays a list of commands.

consec - Changes to the `netsh advfirewall consec' context.

dump - Displays a configuration script.

export - Exports the current policy to a file.

firewall - Changes to the `netsh advfirewall firewall' context.

help - Displays a list of commands.

import - Imports a policy file into the current policy store.

mainmode - Changes to the `netsh advfirewall mainmode' context.

monitor - Changes to the `netsh advfirewall monitor' context.

reset - Resets the policy to the default out-of-box policy.

set - Sets the per-profile or global settings.

show - Displays profile or global properties.

The following sub-contexts are available:

 consec firewall mainmode monitor

To view help for a command, type the command, followed by a space, and then


你可以更深入地应用 <command>/?,例如 netsh advfirewall firewall/? 这导致了",advfirewall防火墙添加/",这导致?

I:>netsh advfirewall firewall add rule/?

Usage: add rule name=<string>



 [program=<program path>]

 [service=<service short name>|any]


 [enable=yes|no (default=yes)]


 [localip=any|<IPv4 address>|<IPv6 address>|<subnet>|<range>|<list>]


 <IPv4 address>|<IPv6 address>|<subnet>|<range>|<list>]

 [localport=0-65535|<port range>[,...]|RPC|RPC-EPMap|IPHTTPS|any (default=a


 [remoteport=0-65535|<port range>[,...]|any (default=any)]


 tcp|udp|any (default=any)]


 [rmtcomputergrp=<SDDL string>]

 [rmtusrgrp=<SDDL string>]

 [edge=yes|deferapp|deferuser|no (default=no)]




 - Add a new inbound or outbound rule to the firewall policy.

 - Rule name should be unique and cannot be"all".

 - If a remote computer or user group is specified, security must be

 authenticate, authenc, authdynenc, or authnoencap.

 - Setting security to authdynenc allows systems to dynamically

 negotiate the use of encryption for traffic that matches

 a given Windows Firewall rule. Encryption is negotiated based on

 existing connection security rule properties. This option

 enables the ability of a machine to accept the first TCP

 or UDP packet of an inbound IPsec connection as long as

 it is secured, but not encrypted, using IPsec.

 Once the first packet is processed, the server will

 re-negotiate the connection and upgrade it so that

 all subsequent communications are fully encrypted.

 - If action=bypass, the remote computer group must be specified when dir=i


 - If service=any, the rule applies only to services.

 - ICMP type or code can be"any".

 - Edge can only be specified for inbound rules.

 - AuthEnc and authnoencap cannot be used together.

 - Authdynenc is valid only when dir=in.

 - When authnoencap is set, the security=authenticate option becomes an

 optional parameter.


 Add an inbound rule with no encapsulation security for messenger.exe:

 netsh advfirewall firewall add rule name="allow messenger"

 dir=in program="c:programfilesmessengermsmsgs.exe"

 security=authnoencap action=allow

 Add an outbound rule for port 80:

 netsh advfirewall firewall add rule name="allow80"

 protocol=TCP dir=out localport=80 action=block

 Add an inbound rule requiring security and encryption

 for TCP port 80 traffic:

 netsh advfirewall firewall add rule

 name="Require Encryption for Inbound TCP/80"

 protocol=TCP dir=in localport=80 security=authdynenc


 Add an inbound rule for messenger.exe and require security

 netsh advfirewall firewall add rule name="allow messenger"

 dir=in program="c:program filesmessengermsmsgs.exe"

 security=authenticate action=allow

 Add an authenticated firewall bypass rule for group

 acmedomainscanners identified by a SDDL string:

 netsh advfirewall firewall add rule name="allow scanners"

 dir=in rmtcomputergrp=<SDDL string> action=bypass


 Add an outbound allow rule for local ports 5000-5010 for udp-

 Add rule name="Allow port range" dir=out protocol=udp localport=5000-5010