Firewall Set Portopening is a command of the Network Shell utility, netsh. Netsh is included with Windows NT operating systems and enables the alteration of network parameters. Firewall Set Portopening specifically manipulates the firewall on a network. The "port" is an access point for external devices to request connections and exchange data with a local computer.
A firewall protects a network by blocking incoming requests for connections. Only incoming traffic that is in response to an outgoing request is allowed. Firewalls go further than this, usually, because they are also able to search the contents of requests and responses and block specific traffic, either containing defined keywords or going to specific addresses. For both outbound and inbound traffic, the firewall has to be given a list of exceptions to its blocking rule if the network administrator expects incoming requests from trusted sources or at specific, well-known ports.
The "port" referred to in "Firewall Set Portopening" is not a physical plug socket on the computer. This is a logical port. All traffic traveling to a computer arrives over the same cable to the same plug socket. The logical port is a shorthand to direct traffic to a particular application. A listening program, called a daemon, monitors all incoming traffic and directs it to a particular destination. Ports are numbers that act as a shorthand for a particular application. It is like an address for the final destination of the incoming request or data. The listener knows what ports are intended for which applications and passes this traffic on immediately.
"Opening" a port is the same as "unblocking" the port. The traffic traveling to a particular computer on a network is blocked by the firewall. As the network administrator knows that particular types of traffic to specific ports should be expected, he instructs the firewall to allow traffic through if it is tagged with that port number. Thus the firewall no longer blocks that traffic. It is unblocked, or opened on the firewall.
Network Shell is implemented as a command-line utility. Commands can either be entered in the Network Shell utility after it has been started up, or they can be issued in a batch file by putting "netsh" at the beginning of each line. The netsh command has a structure: first the destination, next the command and then variables to the command. "Set" is a command that tells the receiver that it needs to implement an action. "Portopening" is an action. The command "set" is used to open a port before the firewall is active. If the firewall is already running, the command to open a port would be "firewall add portopening."
- Jupiterimages/Comstock/Getty Images