如何通过windows命令行关闭TCP和UDP端口

有人知道如何通过windows命令行关闭单个连接的TCP或UDP套接字吗?

我在谷歌上搜索了一下，看到一些人也问了同样的问题。但是答案看起来像是netstat或netsh命令的手册页，重点关注如何监视端口。我不想要关于如何监控它们的答案(我已经这样做了)。我想干掉他们。

EDIT, for clarification: Let's say that my server listens TCP port 80. A client makes a connection and port 56789 is allocated for it. Then, I discover that this connection is undesired (e.g. this user is doing bad things, we asked them to stop but the connection didn't get dropped somewhere along the way). Normally, I would add a firewall to do the job, but this would take some time, and I was in an emergency situation. Killing the process that owns the connection is really a bad idea here because this would take down the server (all users would lose functionality when we just want to selectively and temporally drop this one connection).

当前回答

如果你在Windows 8、Windows Server 2012或更高版本上运行，并安装了PowerShell v4以上版本，你可以使用下面的脚本。它会发现与端口相关的进程并终止它们(即终止进程及其连接;不仅仅是联系)。

Code

#which port do you want to kill
[int]$portOfInterest = 80

#fetch the process ids related to this port
[int[]]$processId = Get-NetTCPConnection -LocalPort $portOfInterest | 
    Select-Object -ExpandProperty OwningProcess -Unique | 
    Where-Object {$_ -gt 0} 

#kill those processes
Stop-Process -Id $processId

文档:

get - netttcpconnection - PowerShell的NetStat等效程序选择对象-从对象中拉回特定属性/删除重复项 Where-Object -根据某些条件筛选值 Stop-Process - PowerShell的TaskKill等效程序

2017-10-25 17:05:55

其他回答

使用TCPView: http://technet.microsoft.com/en-us/sysinternals/bb897437.aspx 或CurrPorts: https://www.nirsoft.net/utils/cports.html

或者，如果你不想使用外部软件(顺便说一下，这些工具不需要安装)，你可以简单地先运行netstat命令(最好是netstat -b)，然后设置本地安全策略来阻止用户机器的IP地址，这就是我一直在做的不需要的甚至未知的连接-这允许你做任何事情没有任何外部软件(一切都是Windows附带的)…

2014-01-18 12:34:27

尝试Sysinternals/Microsoft的工具TCPView (GUI)和Tcpvcon(命令行)。 https://learn.microsoft.com/en-us/sysinternals/downloads/tcpview

2012-04-26 19:23:08

如果没有拥有这些套接字，就不能关闭服务器上的套接字，因此如果没有在拥有服务器套接字的进程中运行代码，就不能实际关闭套接字。

然而，还有另一个选项告诉客户端关闭它的套接字。向客户端正在连接的端口发送RST TCP包将导致客户端断开连接。你可以使用nmap进行RST扫描。

http://nmap.org/