怎么用命令管理Windows7防火墻?

（1）啟用桌面防火墻
netsh advfirewall set allprofiles state on
（2）設(shè)置默認(rèn)輸入和輸出策略
netsh advfirewall set allprofiles firewallpolicy allowinbound,allowoutbound
以上是設(shè)置為允許，如果設(shè)置為拒絕使用blockinbound,blockoutbound
（3）關(guān)閉tcp協(xié)議的139端口
netsh advfirewall firewall add rule name="deny tcp 139" dir=in protocol=tcp localport=139 action=block
（4）關(guān)閉udp協(xié)議的139端口
netsh advfirewall firewall add rule name="deny udp 139" dir=in protocol=udp localport=139 action=block
（5）關(guān)閉tcp協(xié)議的445端口
netsh advfirewall firewall add rule name="deny tcp 445" dir=in protocol=tcp localport=445 action=block
（6）關(guān)閉udp協(xié)議的445端口
netsh advfirewall firewall add rule name="deny udp 445" dir=in protocol=udp localport=445 action=block
（7）使用相同的方法，依次關(guān)閉TCP協(xié)議的21、22、23、137、138、3389、5800、5900端口。
netsh advfirewall firewall add rule name= "deny tcp 21" dir=in protocol=tcp localport=21 action=block
netsh advfirewall firewall add rule name= "deny tcp 22" dir=in protocol=tcp localport=22 action=block
netsh advfirewall firewall add rule name= "deny tcp 23" dir=in protocol=tcp localport=23 action=block
netsh advfirewall firewall add rule name= "deny tcp 3389" dir=in protocol=tcp localport=3389 action=block
netsh advfirewall firewall add rule name= "deny tcp 5800" dir=in protocol=tcp localport=5800 action=block
netsh advfirewall firewall add rule name= "deny tcp 5900" dir=in protocol=tcp localport=5900 action=block
netsh advfirewall firewall add rule name= "deny tcp 137" dir=in protocol=tcp localport=137 action=block
netsh advfirewall firewall add rule name= "deny tcp 138" dir=in protocol=tcp localport=138 action=block
（8）執(zhí)行完畢后暫停
pause
echo 按任意鍵退出