ClosePorts-com.vbs

作者: The Scripting Guys,Microsoft Corporation

這個指令碼在保留儲存的連接埠設定的同時,將 Enabled 屬性設定為 False,以關閉 Windows 防火牆中的指定連接埠。指令碼會使用 Windows 防火牆 COM 自動化伺服器執行這項工作。它只在本機電腦上執行。

ClosePorts-com.vbs 並未完全對應於 ClosePort.vbs;ClosePort.vbs 是《Application Compatibility Testing and Mitigation Guide for Windows XP Service Pack 2》(Windows XP Service Pack 2 應用程式相容性測試及緩和指南) 隨附的指令碼之一,並記錄在<附錄>中。ClosePort.vbs 只刪除單一連接埠的例外,而 ClosePorts-com.vbs 則是停用並儲存多個連接埠的例外。您可以下載用來安裝該指南及其相關指令碼的 Windows Installer (.msi) 檔案,網址是:

http://www.microsoft.com/downloads/details.aspx?FamilyId=9300BECF-2DEE-4772-ADD9-AD0EAF89C4A7&displaylang=en (英文)

若要使用指令碼,請複製程式碼並將它貼入「記事本」,再將指令碼儲存為 ClosePorts-com.vbs。若要執行指令碼,請將命令提示視窗開啟到指令碼的目錄,並輸入:

cscript closeports-com.vbs

如果電腦上的預設指令碼裝載是 Cscript.exe,就可以省略開頭的 cscript。

指令碼


'******************************************************************************
'ClosePorts-com.vbs
'Author: Peter Costantini, The Microsoft Scripting Guys
'Date: 8/30/04
'Version: 1.0
'This script closes specified ports in Windows Firewall by setting the 
'Enabled property to False. It retains the stored port settings.
'******************************************************************************

Const NET_FW_IP_PROTOCOL_TCP = 6
Const NET_FW_IP_PROTOCOL_UDP = 17
'First dimension of arrClosePorts  must equal # of ports minus 1.
Dim arrClosePorts(2,1)

'Edit this list to list ports to close (disable).
arrClosePorts(0,0) = 137 'Port
arrClosePorts(0,1) = NET_FW_IP_PROTOCOL_TCP 'Protocol

arrClosePorts(1,0) = 138
arrClosePorts(1,1) = NET_FW_IP_PROTOCOL_TCP

arrClosePorts(2,0) = 552
arrClosePorts(2,1) = NET_FW_IP_PROTOCOL_UDP

On Error Resume Next
'Create the firewall manager object.
Set objFwMgr = CreateObject("HNetCfg.FwMgr")
If Err <> 0 Then
  WScript.Echo "Unable to connect to Windows Firewall."
  WScript.Quit
End If
'Get the current profile for the local firewall policy.
Set objProfile = objFwMgr.LocalPolicy.CurrentProfile
Set colOpenPorts = objProfile.GloballyOpenPorts

WScript.Echo VbCrLf & "Ports closed (disabled):"
For i = 0 To UBound(arrClosePorts)
  intCount = 0
  For Each objOpenPort In colOpenPorts
    If (objOpenPort.Port = arrClosePorts(i, 0)) And _
     (objOpenPort.Protocol = arrClosePorts(i, 1)) Then
      intCount = 1
      objOpenPort.Enabled = False
      strName = objOpenPort.Name
      intPort = objOpenPort.Port
      intProtocol = objOpenPort.Protocol
      intScope = objOpenPort.Scope
      Exit For
    End If
  Next
  If intCount = 1 Then
    If Err = 0 Then
      WScript.Echo VbCrLf & "Name: " & strName
      WScript.Echo "  Protocol: " & intProtocol
      WScript.Echo "  Port Number: " & intPort
      WScript.Echo "  Scope: " & intScope
    Else
      WScript.Echo VbCrLf & "Unable to close port: " & intProtocol & _
       " " & intNumber
      WScript.Echo "  Error Number:" & Err.Number
      WScript.Echo "  Source:" & Err.Source
      WScript.Echo "  Description:" & Err.Description
    End If
    Err.Clear
  Else
    WScript.Echo VbCrLf & "Port " & arrClosePorts(i, 1) & _
     " " & arrClosePorts(i, 0) & " not found."
  End If
Next

Set colOpenPorts = objProfile.GloballyOpenPorts
WScript.Echo VbCrLf & "All listed ports after operation:"
For Each objPort In colOpenPorts
  WScript.Echo VbCrLf & "Name: " & objPort.Name
  WScript.Echo "  Protocol: " & objPort.Protocol
  WScript.Echo "  Port Number: " & objPort.Port
  WScript.Echo "  Scope: " & objPort.Scope
  WScript.Echo "  Enabled: " & objPort.Enabled
Next


如需線上對等支援,請加入 msnews.microsoft.com 新聞伺服器上的 microsoft.public.windows.server.scripting (英文) 社群。若您想要對範例指令碼或指令碼指南,提供意見、回報問題,請與 Microsoft TechNet(英文) 連絡。

免責聲明

此範例指令碼不支援任何 Microsoft 標準技術支援方案或服務。上述的範例指令碼係依「現況」提供,不附帶任何擔保。Microsoft 公司不提供任何的默示擔保,包括但不限於任何商業適售性及特定用途之適用性的默示擔保。您必須承擔此範例指令碼或文件所造成的一切風險。在任何情況下,無論是使用或無法使用此範例指令碼或文件所造成的損害 (包括但不限於營業之損失、營業之中斷、營業資訊之滅失及其他金錢損失),Microsoft 公司、作者群或此指令碼之創作、製造或散發有關之人員概不負責,即使 Microsoft 已經被告知損害發生之可能性亦同。

顯示: