In Windows XP SP2, the netsh command has been enhanced to help troubleshoot Windows Firewall.
When I type 'netsh firewall show config', I receive:
Domain profile configuration (current): ------------------------------------------------------------------- Operational mode = Enable Exception mode = Enable Multicast/broadcast response mode = Enable Notification mode = Enable Service configuration for Domain profile: Mode Customized Name ------------------------------------------------------------------- Enable No File and Printer Sharing Enable No UPnP Framework Allowed programs configuration for Domain profile: Mode Name / Program ------------------------------------------------------------------- Enable Remote Assistance / C:\WINDOWS\system32\sessmgr.exe Enable Windows Messenger / C:\Program Files\Messenger\msmsgs.exe Enable Microsoft FrontPage / C:\Program Files\Microsoft Office\Office10\FRONTPG.EXE Enable pcAnywhere Main Program / C:\Program Files\Symantec\pcAnywhere\winaw32.exe Enable Internet Explorer / C:\Program Files\Internet Explorer\iexplore.exe Enable mnmsrvc.exe / C:\WINDOWS\SYSTEM32\mnmsrvc.exe Port configuration for Domain profile: Port Protocol Mode Name ------------------------------------------------------------------- 2000 TCP Enable Remotely AnyWhere 139 TCP Enable NetBIOS Session Service 445 TCP Enable SMB over TCP 137 UDP Enable NetBIOS Name Service 138 UDP Enable NetBIOS Datagram Service 1900 UDP Enable SSDP Component of UPnP Framework 2869 TCP Enable UPnP Framework over TCP Standard profile configuration: ------------------------------------------------------------------- Operational mode = Enable Exception mode = Enable Multicast/broadcast response mode = Enable Notification mode = Enable Service configuration for Standard profile: Mode Customized Name ------------------------------------------------------------------- Enable No File and Printer Sharing Enable No UPnP Framework Allowed programs configuration for Standard profile: Mode Name / Program ------------------------------------------------------------------- Enable Remote Assistance / C:\WINDOWS\system32\sessmgr.exe Port configuration for Standard profile: Port Protocol Mode Name ------------------------------------------------------------------- 139 TCP Enable NetBIOS Session Service 445 TCP Enable SMB over TCP 137 UDP Enable NetBIOS Name Service 138 UDP Enable NetBIOS Datagram Service 1900 UDP Enable SSDP Component of UPnP Framework 2869 TCP Enable UPnP Framework over TCP Log configuration: ------------------------------------------------------------------- File location = C:\WINDOWS\pfirewall.log Max file size = 4096 KB Dropped packets = Disable Connections = Enable JSIINC firewall configuration: ------------------------------------------------------------------- Operational mode = Enable Port configuration for JSIINC: Port Protocol Mode Name ------------------------------------------------------------------- 10256 UDP Enable msmsgs 10256 UDP 12646 TCP Enable msmsgs 12646 TCP 10498 TCP Enable msmsgs 10498 TCP 1394 Connection 2 firewall configuration: ------------------------------------------------------------------- Operational mode = Enable
When I type 'netsh firewall show state verbose=enable', I receive:
Firewall status: ------------------------------------------------------------------- Profile = Domain Operational mode = Enable Exception mode = Enable Multicast/broadcast response mode = Enable Notification mode = Enable Group policy version = Windows Firewall Remote admin mode = Enable Scope: * Local exceptions allowed by group policy: ------------------------------------------------------------------- Open ports = Enable Allowed programs = Enable Log settings: ------------------------------------------------------------------- File location = C:\WINDOWS\pfirewall.log Max file size = 4096 KB Dropped packets = Disable Connections = Enable Service settings: Mode Customized Name ------------------------------------------------------------------- Enable No File and Printer Sharing Scope: * Enable No UPnP Framework Scope: LocalSubNet Disable No Remote Desktop Scope: * Program exceptions: Mode Local policy Name / Program ------------------------------------------------------------------- Enable Yes Internet Explorer / C:\Program Files\Internet Explorer\iexplore.exe Scope: * Enable Yes Windows Messenger / C:\Program Files\Messenger\msmsgs.exe Scope: * Enable Yes Microsoft FrontPage / C:\Program Files\Microsoft Office\Office10\FRONTPG.EXE Scope: * Enable Yes pcAnywhere Main Program / C:\Program Files\Symantec\pcAnywhere\winaw32.exe Scope: * Enable Yes mnmsrvc.exe / C:\WINDOWS\SYSTEM32\mnmsrvc.exe Scope: * Enable Yes Remote Assistance / C:\WINDOWS\system32\sessmgr.exe Scope: * Port exceptions: Port Protocol Local policy Mode Name / Service type ------------------------------------------------------------------- 137 UDP Yes Enable NetBIOS Name Service / File and Printer Sharing Scope: * 138 UDP Yes Enable NetBIOS Datagram Service / File and Printer Sharing Scope: * 139 TCP Yes Enable NetBIOS Session Service / File and Printer Sharing Scope: * 445 TCP Yes Enable SMB over TCP / File and Printer Sharing Scope: * 1900 UDP Yes Enable SSDP Component of UPnP Framework / UPnP Framework Scope: LocalSubNet 2000 TCP Yes Enable Remotely AnyWhere / None Scope: * 2869 TCP Yes Enable UPnP Framework over TCP / UPnP Framework Scope: LocalSubNet 3389 TCP Yes Disable Remote Desktop / Remote Desktop Scope: * Ports on which programs want to receive incoming connections: Port Protocol Version PID Type Wildcarded Forced Name / Program ------------------------------------------------------------------- 500 UDP IPv4 880 App No No (null) / C:\WINDOWS\SYSTEM32\lsass.exe Scope: * 4500 UDP IPv4 880 App No No (null) / C:\WINDOWS\SYSTEM32\lsass.exe Scope: * 123 UDP IPv4 1212 App No No (null) / C:\WINDOWS\SYSTEM32\svchost.exe Scope: * 1045 TCP IPv4 1760 App No No (null) / C:\WINDOWS\SYSTEM32\INETSRV\inetinfo.exe Scope: * 58084 UDP IPv4 1712 App No No (null) / C:\Program Files\TapeWare\twwinsdr.exe Scope: * 34125 UDP IPv4 1392 App No No (null) / C:\Program Files\RemotelyAnywhere\RemotelyAnywhere.exe Scope: * 80 TCP IPv4 1760 App No No (null) / C:\WINDOWS\SYSTEM32\INETSRV\inetinfo.exe Scope: * 1025 UDP IPv4 1332 App Yes No (null) / C:\WINDOWS\SYSTEM32\svchost.exe Scope: * 1044 UDP IPv4 1392 App Yes No (null) / C:\Program Files\RemotelyAnywhere\RemotelyAnywhere.exe Scope: * 3456 UDP IPv4 1760 App No No (null) / C:\WINDOWS\SYSTEM32\INETSRV\inetinfo.exe Scope: * 2000 TCP IPv4 1392 App No No (null) / C:\Program Files\RemotelyAnywhere\RemotelyAnywhere.exe Scope: * 22 TCP IPv4 1392 App No No (null) / C:\Program Files\RemotelyAnywhere\RemotelyAnywhere.exe Scope: * 443 TCP IPv4 1760 App No No (null) / C:\WINDOWS\SYSTEM32\INETSRV\inetinfo.exe Scope: * 25 TCP IPv4 1760 App No No (null) / C:\WINDOWS\SYSTEM32\INETSRV\inetinfo.exe Scope: * 135 TCP IPv4 1760 App No No (null) / C:\WINDOWS\SYSTEM32\INETSRV\inetinfo.exe Scope: * 1026 UDP IPv4 1332 App Yes No (null) / C:\WINDOWS\SYSTEM32\svchost.exe Scope: * 42510 TCP IPv4 1780 App No No (null) / C:\Program Files\CA\eTrust Antivirus\InoRpc.exe Scope: * 3513 TCP IPv4 2176 App No No (null) / C:\Program Files\Dell\PSM\arcpd.exe Scope: * 42508 UDP IPv4 1780 App No No (null) / C:\Program Files\CA\eTrust Antivirus\InoRpc.exe Scope: * 5060 TCP IPv4 3840 App No No Internet Explorer / C:\Program Files\Internet Explorer\iexplore.exe Scope: * 1716 UDP IPv4 3840 App Yes No Internet Explorer / C:\Program Files\Internet Explorer\iexplore.exe Scope: * 1717 UDP IPv4 3840 App Yes No Internet Explorer / C:\Program Files\Internet Explorer\iexplore.exe Scope: * Ports currently open on all network interfaces: Port Protocol Version Program ------------------------------------------------------------------- 135 TCP IPv4 C:\WINDOWS\SYSTEM32\INETSRV\inetinfo.exe Scope: * 137 UDP IPv4 (null) Scope: * 139 TCP IPv4 (null) Scope: * 138 UDP IPv4 (null) Scope: * 445 TCP IPv4 (null) Scope: * 1716 UDP IPv4 C:\Program Files\Internet Explorer\iexplore.exe Scope: * 1717 UDP IPv4 C:\Program Files\Internet Explorer\iexplore.exe Scope: * 2869 TCP IPv4 (null) Scope: LocalSubNet 1900 UDP IPv4 (null) Scope: LocalSubNet 5060 TCP IPv4 C:\Program Files\Internet Explorer\iexplore.exe Scope: * 2000 TCP IPv4 C:\Program Files\RemotelyAnywhere\RemotelyAnywhere.exe Scope: * Additional ports open on JSIINC: Port Protocol Version ------------------------------------------------------------------- 10256 UDP Any 10498 TCP Any 12646 TCP Any ICMP settings for all network interfaces: Mode Type Description ------------------------------------------------------------------- Disable 2 Allow outbound packet too big Disable 3 Allow outbound destination unreachable Disable 4 Allow outbound source quench Disable 5 Allow redirect Enable 8 Allow inbound echo request Disable 9 Allow inbound router request Disable 11 Allow outbound time exceeded Disable 12 Allow outbound parameter problem Disable 13 Allow inbound timestamp request Disable 17 Allow inbound mask request Additional ICMP settings on JSIINC: Mode Type Description ------------------------------------------------------------------- Disable 2 Allow outbound packet too big Disable 3 Allow outbound destination unreachable Disable 4 Allow outbound source quench Disable 5 Allow redirect Disable 8 Allow inbound echo request Disable 9 Allow inbound router request Disable 11 Allow outbound time exceeded Disable 12 Allow outbound parameter problem Disable 13 Allow inbound timestamp request Disable 17 Allow inbound mask request JSIINC firewall settings: ------------------------------------------------------------------- Operational mode = Enable Version = IPv4 GUID = \{D0543B7A-9408-44D7-AE00-01200D50952C\}
Other variants the 'netsh firewall show' command are:
netsh firewall show allowedprogram | Displays the allowed programs. |
netsh firewall show config | Displays the local configuration information. |
netsh firewall show currentprofile | Displays the current profile. |
netsh firewall show icmpsetting | Displays the ICMP settings. |
netsh firewall show logging | Displays the logging settings. |
netsh firewall show multicastbroadcastresponse | Displays multicast/broadcast response settings. |
netsh firewall show notifications | Displays the current settings for notifications. |
netsh firewall show opmode | Displays the operational mode. |
netsh firewall show portopening | Displays the excepted ports. |
netsh firewall show service | Displays the services. |
netsh firewall show state | Displays the current state information. |
0 comments
Hide comments