如果是要开启ping规则
netsh advfirewall firewall add rule name= "All ICMP V4" protocol=icmpv4:any,any dir=in action=allow
netsh advfirewall firewall add rule name= "All ICMP V6" protocol=icmpv6:any,any dir=in action=allow
完成后就可以ping通了。
如果想要删除防火墙规则
参照格式netsh advfirewall firewall delete rule name="规则名称"
例如:
netsh advfirewall firewall delete rule name="All ICMP V4"
netsh advfirewall firewall delete rule name="All ICMP V6"
netsh advfirewall firewall add rule name= "Open Port 80" dir=in action=allow protocol=TCP localport=80
如果要开放其它端口,模仿上面命令格式进行修改即可
name 是规则名称
protocol 是协议,例如TCP、UDP
dir 是入站/出站规则可以取值 in 或者 out 不能两个同时执行
下载然后解压缩:
http://www.nirsoft.net/utils/nircmd-x64.zip
官网:http://www.nirsoft.net/utils/nircmd.html
解压后将nircmd.exe复制到C:\Windows\System32下(也是cmd.exe所在的目录),然后我们继续下面的。
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.nio.charset.Charset;
public class CmdUtil {
/**
* 执行CMD命令,并返回String字符串
*/
public static String executeCmd(String strCmd) {
StringBuilder sbCmd = new StringBuilder();
try {
Process p = Runtime.getRuntime().exec("nircmd.exe elevatecmd runassystem " + strCmd);
BufferedReader br = new BufferedReader(new InputStreamReader(p.getInputStream(), Charset.forName("GBK")));
String line;
while ((line = br.readLine()) != null) {
sbCmd.append(line + "\n");
}
}catch (IOException e){
e.printStackTrace();
}
return sbCmd.toString();
}
}
cmd执行工具类,需要用到nircmd,请先完成前面的要求
public class FireWallBatchOpen {
/**
* 自定义规则 按照: 协议 ,端口 ,规则名依次填入
*/
private static String[][] rules = {
{"tcp", "21", "ftp"},
{"tcp", "22", "ssh"},
{"tcp", "3389", "远程桌面"},
{"tcp", "3306", "mysql"}
};
public static void main(String[] args) {
CmdUtil.executeCmd("netsh advfirewall reset");// 还原防火墙默认设置
addICMPRule();// 让ping能通过
for (int i = 0; i < rules.length; i++) {
if (rules[i][0].equals("tcp")) {
addTcpPortInAndOut(rules[i][1], rules[i][2]);
} else {
addUdpPortInAndOut(rules[i][1], rules[i][2]);
}
}
}
/**
* 添加入站规则
*
* @param port 端口
* @param protocol 协议
* @param name 规则名称
*/
private static void addPortIn(String port, String protocol, String name) {
addPortRule(port, protocol, "in", "allow", name);
}
/**
* 添加出站规则
*
* @param port 端口
* @param protocol 协议
* @param name 规则名称
*/
private static void addPortOut(String port, String protocol, String name) {
addPortRule(port, protocol, "out", "allow", name);
}
/**
* 添加TCP端口
*
* @param port 端口
* @param name 规则的名称
*/
private static void addTcpPortIn(String port, String name) {
addPortIn(port, "TCP", name);
}
/**
* 添加TCP的出站规则
*
* @param port 端口
* @param name 规则名称
*/
private static void addTcpPortOut(String port, String name) {
addPortOut(port, "TCP", name);
}
/**
* 添加TCP的in和out规则
*
* @param port 端口
* @param name 规则名称
*/
private static void addTcpPortInAndOut(String port, String name) {
addTcpPortIn(port, name);// tcp的进站规则
addTcpPortOut(port, name);// tcp的出站规则
}
/**
* 添加UDP端口进站规则
*
* @param port 端口
* @param name 规则名称
*/
private static void addUdpPortIn(String port, String name) {
addPortIn(port, "UDP", name);
}
/**
* 添加UDP端口出站规则
*
* @param port 端口
* @param name 规则名称
*/
private static void addUdpPortOut(String port, String name) {
addPortOut(port, "UDP", name);
}
/**
* 添加UDP的in和out规则
*
* @param port 端口
* @param name 规则名称
*/
private static void addUdpPortInAndOut(String port, String name) {
addUdpPortIn(port, name);// udp的进站规则
addUdpPortOut(port, name);// udp的出站规则
}
/**
* 添加防火墙规则
*
* @param port 端口
* @param protocol 协议
* @param dir 入站或者出站规则,只能取: in 或 out
* @param action 允许还是拒绝,allow是允许
* @param name 规则名称
*/
private static void addPortRule(String port, String protocol, String dir, String action, String name) {
final StringBuilder command = new StringBuilder("netsh advfirewall firewall add rule name= \"").append(name).append("\" ")
.append(" dir=").append(dir)
.append(" action=").append(action)
.append(" protocol=").append(protocol)
.append(" localport=").append(port);
final String result = CmdUtil.executeCmd(command.toString());
System.out.println(result);
}
/**
* ping采用的是icmp协议
*/
private static void addICMPRule() {
String ipv4 = "netsh advfirewall firewall add rule name= \"All ICMP V4\" protocol=icmpv4:any,any dir=in action=allow";
String ipv6 = "netsh advfirewall firewall add rule name= \"All ICMP V6\" protocol=icmpv6:any,any dir=in action=allow";
final String s = CmdUtil.executeCmd(ipv4);
System.out.println(s);
final String s1 = CmdUtil.executeCmd(ipv6);
System.out.println(s1);
}
}
netsh advfirewall reset
如果你按照我前面的要求,加入了第三方工具nircmd.exe可以不用管理员权限登录终端也能完成
nircmd.exe elevatecmd runassystem netsh advfirewall reset