# XYZW Token Manager - 防火墙配置脚本 # 需要以管理员权限运行 # 设置控制台编码为UTF-8 [Console]::OutputEncoding = [System.Text.Encoding]::UTF8 $OutputEncoding = [System.Text.Encoding]::UTF8 chcp 65001 | Out-Null Write-Host "================================" -ForegroundColor Cyan Write-Host "XYZW Token Manager" -ForegroundColor Cyan Write-Host "防火墙配置脚本" -ForegroundColor Cyan Write-Host "================================" -ForegroundColor Cyan Write-Host "" # 检查管理员权限 $isAdmin = ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator) if (-not $isAdmin) { Write-Host "[错误] 此脚本需要管理员权限" -ForegroundColor Red Write-Host "请右键点击此脚本,选择'以管理员身份运行'" -ForegroundColor Yellow Write-Host "" Read-Host "按回车键退出" exit 1 } Write-Host "[检查] 正在检查现有防火墙规则..." -ForegroundColor Yellow # 检查是否已存在规则 $existingRule = Get-NetFirewallRule -DisplayName "XYZW Token Manager - 25432" -ErrorAction SilentlyContinue if ($existingRule) { Write-Host "[发现] 已存在防火墙规则" -ForegroundColor Green Write-Host "" $response = Read-Host "是否要删除并重新创建规则?(Y/N)" if ($response -eq 'Y' -or $response -eq 'y') { Write-Host "[删除] 正在删除旧规则..." -ForegroundColor Yellow Remove-NetFirewallRule -DisplayName "XYZW Token Manager - 25432" Write-Host "[成功] 旧规则已删除" -ForegroundColor Green } else { Write-Host "[跳过] 保留现有规则" -ForegroundColor Yellow Write-Host "" Read-Host "按回车键退出" exit 0 } } Write-Host "" Write-Host "[创建] 正在添加防火墙规则..." -ForegroundColor Yellow Write-Host " - 端口: 25432" -ForegroundColor Gray Write-Host " - 协议: TCP" -ForegroundColor Gray Write-Host " - 方向: 入站" -ForegroundColor Gray Write-Host " - 配置: 所有配置文件(域/专用/公用)" -ForegroundColor Gray try { # 创建新的防火墙规则 New-NetFirewallRule ` -DisplayName "XYZW Token Manager - 25432" ` -Description "允许XYZW Token Manager通过端口25432访问(IPv4和IPv6)" ` -Direction Inbound ` -LocalPort 25432 ` -Protocol TCP ` -Action Allow ` -Profile Any ` -Enabled True | Out-Null Write-Host "" Write-Host "[成功] 防火墙规则创建成功!" -ForegroundColor Green } catch { Write-Host "" Write-Host "[错误] 创建防火墙规则失败" -ForegroundColor Red Write-Host "错误信息: $($_.Exception.Message)" -ForegroundColor Red Write-Host "" Read-Host "按回车键退出" exit 1 } Write-Host "" Write-Host "================================" -ForegroundColor Cyan Write-Host "配置完成" -ForegroundColor Cyan Write-Host "================================" -ForegroundColor Cyan Write-Host "" # 显示创建的规则详情 Write-Host "[规则详情]" -ForegroundColor Cyan $rule = Get-NetFirewallRule -DisplayName "XYZW Token Manager - 25432" $addressFilter = $rule | Get-NetFirewallAddressFilter $portFilter = $rule | Get-NetFirewallPortFilter $applicationFilter = $rule | Get-NetFirewallApplicationFilter Write-Host " 名称: $($rule.DisplayName)" -ForegroundColor White Write-Host " 启用: $($rule.Enabled)" -ForegroundColor White Write-Host " 方向: $($rule.Direction)" -ForegroundColor White Write-Host " 操作: $($rule.Action)" -ForegroundColor White Write-Host " 协议: $($portFilter.Protocol)" -ForegroundColor White Write-Host " 端口: $($portFilter.LocalPort)" -ForegroundColor White Write-Host " 配置: $($rule.Profile)" -ForegroundColor White Write-Host "" Write-Host "[下一步]" -ForegroundColor Cyan Write-Host "1. 确保DNS已配置IPv6 AAAA记录指向你的服务器" -ForegroundColor White Write-Host "2. 运行 start-deploy.bat 启动服务" -ForegroundColor White Write-Host "3. 通过 http://winnas.whtnas.top:25432 访问" -ForegroundColor White Write-Host "" Write-Host "[验证命令]" -ForegroundColor Cyan Write-Host "# 检查端口监听状态" -ForegroundColor Gray Write-Host "netstat -ano | findstr 25432" -ForegroundColor Yellow Write-Host "" Write-Host "# 测试本地访问" -ForegroundColor Gray Write-Host "curl http://localhost:25432" -ForegroundColor Yellow Write-Host "" Write-Host "# 测试域名访问" -ForegroundColor Gray Write-Host "curl http://winnas.whtnas.top:25432" -ForegroundColor Yellow Write-Host "" Read-Host "按回车键退出"