-------关闭危险端口----------
@echo off
title 创建IP安全策略,屏蔽135、139 445等端口 (win7)
echo “正在关闭,请等待”
netsh ipsec static add policy name="禁止危险端口"
netsh ipsec static add filterlist name=Filter1
netsh ipsec static add filter filterlist=Filter1 srcaddr=any dstaddr=Me dstport=135 protocol=TCP
echo “135端口已经关闭”
netsh ipsec static add filter filterlist=Filter1 srcaddr=any dstaddr=Me dstport=139 protocol=TCP
echo “139端口已经关闭”
netsh ipsec static add filter filterlist=Filter1 srcaddr=any dstaddr=Me dstport=445 protocol=TCP
echo “445端口已经关闭”
netsh ipsec static add filter filterlist=Filter1 srcaddr=any dstaddr=Me dstport=3389 protocol=TCP
echo “3389端口已经关闭”
netsh ipsec static add filter filterlist=Filter1 srcaddr=any dstaddr=Me dstport=135 protocol=UDP
netsh ipsec static add filter filterlist=Filter1 srcaddr=any dstaddr=Me dstport=139 protocol=UDP
netsh ipsec static add filter filterlist=Filter1 srcaddr=any dstaddr=Me dstport=445 protocol=UDP
netsh ipsec static add filteraction name=FilteraAtion1 action=block
netsh ipsec static add rule name=Rule1 policy="禁止危险端口" filterlist=Filter1 filteraction=FilteraAtion1
netsh ipsec static set policy name="禁止危险端口" assign=y
echo “恭喜您,危险端口已经关闭”
echo “按任意键退出 ”
pause
--------恢复危险端口-------
@echo off
netsh ipsec static set policy name="禁止危险端口" assign=n
echo "445等端口已恢复"
pause