如何通过windows命令行关闭TCP和UDP端口

有人知道如何通过windows命令行关闭单个连接的TCP或UDP套接字吗?

我在谷歌上搜索了一下，看到一些人也问了同样的问题。但是答案看起来像是netstat或netsh命令的手册页，重点关注如何监视端口。我不想要关于如何监控它们的答案(我已经这样做了)。我想干掉他们。

EDIT, for clarification: Let's say that my server listens TCP port 80. A client makes a connection and port 56789 is allocated for it. Then, I discover that this connection is undesired (e.g. this user is doing bad things, we asked them to stop but the connection didn't get dropped somewhere along the way). Normally, I would add a firewall to do the job, but this would take some time, and I was in an emergency situation. Killing the process that owns the connection is really a bad idea here because this would take down the server (all users would lose functionality when we just want to selectively and temporally drop this one connection).

当前回答

CurrPorts不适合我们，我们只能通过ssh访问服务器，所以也没有TCPView。为了不断开其他连接，我们也不能终止该进程。我们最终做的是在Windows的防火墙上阻止连接，但这还没有被建议。是的，这将阻止所有符合规则的连接，但在我们的情况下，只有一个连接(我们感兴趣的):

netsh advfirewall firewall add rule name="Conn hotfix" dir=out action=block protocol=T
CP remoteip=192.168.38.13

替换为您需要的IP，并根据需要添加其他规则。

2020-01-28 13:41:52

其他回答

为了关闭该端口，您可以确定正在侦听该端口的进程并杀死该进程。

2011-12-31 15:38:27

我找到了正确答案。尝试Sysinternals中的TCPView，现在由微软拥有。你可以在http://technet.microsoft.com/en-us/sysinternals/bb897437上找到它

2013-09-23 19:03:21

netsh advfirewall firewall add rule name="Conn hotfix" dir=out action=block protocol=T
CP remoteip=192.168.38.13

替换为您需要的IP，并根据需要添加其他规则。

2020-01-28 13:41:52

是的，这是可能的。你不必是当前拥有套接字的进程来关闭它。考虑一下，远程计算机、网卡、网线和操作系统都可能导致套接字关闭。

还要考虑Fiddler和Desktop VPN软件可以将自己插入到网络堆栈中，并显示您的所有流量或重新路由所有流量。

所以你真正需要的是Windows提供一个API，直接允许这样做，或者有人写了一个程序，操作起来有点像VPN或Fiddler，并给你一种方法来关闭通过它的套接字。

至少有一个程序(CurrPorts)可以做到这一点，我今天用它来关闭在CurrPorts启动之前启动的进程上的特定套接字。当然，要做到这一点，您必须以管理员身份运行它。

Note that it is probably not easily possible to cause a program to not listen on a port (well, it is possible but that capability is referred to as a firewall...), but I don't think that was being asked here. I believe the question is "how do I selectively close one active connection (socket) to the port my program is listening on?". The wording of the question is a bit off because a port number for the undesired inbound client connection is given and it was referred to as "port" but it's pretty clear that it was a reference to that one socket and not the listening port.

2013-01-31 13:08:24

使用CurrPorts(免费且无需安装):http://www.nirsoft.net/utils/cports.html

/close <本端地址> <本端端口> <对端地址> <对端端口>{进程名}

例子:

# Close all connections with remote port 80 and remote address 192.168.1.10: 
/close * * 192.168.1.10 80
# Close all connections with remote port 80 (for all remote addresses): 
/close * * * 80
# Close all connections to remote address 192.168.20.30: 
/close * * 192.168.20.30 *
# Close all connections with local port 80: 
/close * 80 * *
# Close all connections of Firefox with remote port 80: 
/close * * * 80 firefox.exe

它还有一个很好的GUI，具有搜索和筛选功能。

注意:这个答案是huntharo和JasonXA的答案和评论组合在一起，并进行了简化，以方便读者阅读。例子来自CurrPorts的网页。

2016-01-18 14:37:32

如何通过windows命令行关闭TCP和UDP端口

推荐文章

最新文章

标签