[英]Ports are left open even after resetting the firewall rule
Recently we replaced the.netsh advfirewall to powershell commands but we have observed an issue which doesn't appear always but after opening a firewall rule to another machine and then closing,it doesn't really close the port being used by the program rule.There are two issues after replacing with powershell commands that I have noticed:最近我们将 .netsh advfirewall 替换为 powershell 命令,但我们观察到一个问题,该问题并不总是出现,但在打开另一台机器的防火墙规则然后关闭后,它并没有真正关闭程序规则正在使用的端口。我注意到用 powershell 命令替换后有两个问题:
Issue 1: When opening the firewall(program rule) rule,I am opening it for the group policy as well as the local firewall.The UI for wf.msc shows two rules(one configured for the local and another for group policy) but the UI shows only the one configured locally is updated.When I checked the Firewall for the group policy,over there it shows the updated rule.Why is the UI for wf.msc not being updated?问题 1:打开防火墙(程序规则)规则时,我为组策略和本地防火墙打开它。wf.msc 的 UI 显示两条规则(一个为本地配置,另一个为组策略配置)但是用户界面仅显示本地配置的更新。当我检查组策略的防火墙时,它显示更新的规则。为什么 wf.msc 的用户界面没有更新?
Issue 2: After closing the firewall rule,on running a scan to check for open ports,the rule for which the port was open previously,still gets listed as open even after closing the firewall rule.问题 2:关闭防火墙规则后,在运行扫描以检查打开的端口时,即使关闭防火墙规则,先前打开端口的规则仍然被列为打开。 I have checked the registry for firewall,even there it shows the rule as being closed.Is there something I'm missing?
我已经检查了注册表中的防火墙,即使那里显示规则已关闭。我是否遗漏了什么?
The Windows firewall only blocks creating new sockets. Any existing connection won't be touched and there is no easy way to force an application to close an open connection (Linux have a way of spoffing TCP close connections). Windows 防火墙仅阻止创建新的 sockets。任何现有连接都不会被触及,并且没有简单的方法强制应用程序关闭打开的连接(Linux 有一种方法可以欺骗 TCP 关闭连接)。
After configuring the firewall, you must restart the "offending" service or program to end the connection (or disable/enable the.network card).配置防火墙后,您必须重新启动“有问题的”服务或程序以结束连接(或禁用/启用网卡)。
That's why it's important for any firewall to be the first one up on the.network after a reboot (and correctly configured from start).这就是为什么任何防火墙在重新启动后成为网络上的第一个(并从一开始就正确配置)是很重要的。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.