Windows 终端 (管理员) / 命令提示符 (管理员)

封禁IP端

netsh advfirewall firewall add rule name="封禁_***.**.**.0_24" dir=in action=block remoteip=***.**.**.0/24 protocol=any profile=any enable=yes

出现 确定。 即代表生效。

封禁单独IP规则

netsh advfirewall firewall show rule name="封禁_***.**.**.0_24"

临时解封（删除规则）

netsh advfirewall firewall delete rule name="封禁_***.**.**.0_24"

若想同时禁止服务器主动连接该网段，新增一条出站规则：

netsh advfirewall firewall add rule name="出站封禁_***.**.**.0_24" dir=out action=block remoteip=***.**.**.0/24 protocol=any profile=any enable=yes

封禁 TCP 21 端口

netsh advfirewall firewall add rule name="Block_TCP_21_In" dir=in action=block protocol=TCP localport=21 remoteport=any enable=yes profile=any

删除入站封禁21端口规则

netsh advfirewall firewall delete rule name="Block_TCP_21_In"