Windows Firewall allows you to control the traffic entering and leaving your system through various rules. You can create and configure firewall rules to permit or block specific network activities. Below are some examples of Windows Firewall rules, including inbound and outbound rules:
Example 1: Allow Inbound Traffic on a Specific Port (e.g., HTTP – Port 80)
This rule allows inbound traffic on port 80, typically used for HTTP web traffic.
netsh advfirewall firewall add rule name="Allow HTTP" protocol=TCP dir=in localport=80 action=allow- name: The name of the rule.
- protocol: The protocol used (TCP in this case).
- dir: The direction of the traffic (inbound or
in). - localport: The port on which the rule applies (80).
- action: The action to take (allow or block).
Example 2: Block Inbound Traffic for a Specific Application (e.g., Block FTP for FileZilla)
This rule blocks inbound traffic for the FileZilla application (or any application path).
netsh advfirewall firewall add rule name="Block FileZilla FTP" dir=in program="C:\Program Files\FileZilla FTP Client\filezilla.exe" action=block- program: Specifies the path to the application being blocked.
- action: The action is set to block.
Example 3: Allow Outbound Traffic for a Specific Application (e.g., Google Chrome)
This rule allows outbound traffic for the Google Chrome browser.
netsh advfirewall firewall add rule name="Allow Chrome Outbound" dir=out program="C:\Program Files\Google\Chrome\Application\chrome.exe" action=allow- dir: The direction is
out, meaning the rule applies to outbound traffic.
Example 4: Block Inbound ICMP Traffic (Block Pings)
This rule blocks all inbound ICMP traffic, which includes ping requests.
netsh advfirewall firewall add rule name="Block ICMP Inbound" protocol=icmpv4:8,any dir=in action=block- protocol: Specifies the ICMP protocol for IPv4 and the type (8 is echo request).
- action: The action is to block the traffic.
Example 5: Allow Inbound RDP Traffic (Remote Desktop Protocol – Port 3389)
This rule allows inbound Remote Desktop Protocol (RDP) traffic on port 3389.
netsh advfirewall firewall add rule name="Allow RDP" protocol=TCP dir=in localport=3389 action=allowExample 6: Block Outbound Traffic on a Specific Port (e.g., Block SMTP on Port 25)
This rule blocks outbound traffic on port 25, which is commonly used for SMTP email communication.
netsh advfirewall firewall add rule name="Block SMTP Outbound" protocol=TCP dir=out localport=25 action=blockExample 7: Allow Inbound Traffic for a Specific IP Address
This rule allows inbound traffic from a specific IP address, such as 192.168.1.100.
netsh advfirewall firewall add rule name="Allow Inbound from Specific IP" dir=in action=allow remoteip=192.168.1.100- remoteip: Specifies the remote IP address allowed to connect.
Example 8: Block All Outbound Traffic Except for a Specific IP Range
This rule blocks all outbound traffic except for the IP range 192.168.1.1 to 192.168.1.254.
netsh advfirewall firewall add rule name="Block All Outbound Except IP Range" dir=out action=block remoteip=0.0.0.0/0
netsh advfirewall firewall add rule name="Allow Outbound Specific IP Range" dir=out action=allow remoteip=192.168.1.1-192.168.1.254- remoteip: Specifies the IP ranges for which traffic is allowed or blocked.
Example 9: Allow Specific Ports for an Application (e.g., Allow FTP Ports for FileZilla)
This rule allows traffic on ports 20 and 21 (used for FTP) for the FileZilla application.
netsh advfirewall firewall add rule name="Allow FileZilla FTP Ports" dir=in program="C:\Program Files\FileZilla FTP Client\filezilla.exe" protocol=TCP localport=20,21 action=allowExample 10: Block All Inbound Traffic Except for HTTP and HTTPS
This rule blocks all inbound traffic except for ports 80 (HTTP) and 443 (HTTPS).
netsh advfirewall firewall set allprofiles firewallpolicy blockinbound,allowoutbound
netsh advfirewall firewall add rule name="Allow HTTP" protocol=TCP dir=in localport=80 action=allow
netsh advfirewall firewall add rule name="Allow HTTPS" protocol=TCP dir=in localport=443 action=allow- firewallpolicy blockinbound,allowoutbound: This command sets the default inbound traffic policy to block and outbound traffic to allow.
These examples showcase how to configure various firewall rules in Windows to control network traffic and secure a system. You can create and customize rules depending on the specific requirements of your network or application.
Comments are welcomed below from registered users. You can also leave comments at our Discord server.
If you would like to see more content and articles like this, please support us by clicking the patron link where you will receive free bonus access to courses and more, or simply buying us a cup of coffee!