alexandrinos · January 3, 2023 03:24
diff --git a/windowsnetworking.bat b/windowsnetworking.bat
 #  ------------------ NETSH ---------------
 #
 #for help: $ netsh /?



 #NETSTAT
 #
 #usefull
 netstat -bn 
 #find a certain program
 netstat -bn | grep -B 1 avast.exe
 #shows the ports, pids,hosts; you can filter certain ports for example with findstr 
 netstat -ano | findstr :80
 #next you can take the pid from netstat and find the corresponding process
 tasklist | findstr 458   #458 is the PID


 #FIRREWALL
 #see https://technet.microsoft.com/de-at/library/dd734783%28v=ws.10%29.aspx
 #
 #Show if enabled/disabled
 netsh advfirewall show private | public | domain
 #Show all rules
 netsh advfirewall firewall show rule name=all  #or name=myrule
 #
 #Disable 
 netsh advfirewall set allprofiles state off
 #Enable 
 netsh advfirewall set allprofiles state on
 #Reset to default
 netsh advfirewall reset
 #set log path
 netsh advfirewall set currentprofile logging filename "c:\path.log"
 #enable/disable log for allowedconnections
 netsh advfirewall set currentprofile logging allowedconnections enable  #or disable
 #enable/disable log for droppedconnecions
 netsh advfirewall set currentprofile logging droppedconnections enable  #or disable
 #control ping
 #block ping
 netsh advfirewall firewall add rule name="All ICMP V4" dir=in action=block protocol=icmv4
 #allow ping
 netsh advfirewall firewall add rule name="All ICMP V4" dir=in action=block protocol=icmpv4
 #open a port,in this case 1433 sql server
 netsh advfirewall firewall add rule name="Open SQL Server port 1433" dir=in action=allow protocol=TCP localport=1433
 #block all incoming trafic from wireless
 #interfacetypes = { any | wireless | lan | ras } ]
 netsh advfirewall firewall add rule name="Block Wireless In" dir=in interface=wireless action=block
 #open firewall for a certain software
 netsh advfirewall firewall add rule name="Allow Messenger" dir=in action=allow program="c:\programfiles\msmgr.exe"
 #enable remote management ex: Microsoft Management Console
 netsh advfirewall fireall set rule group="remote administration" new enable=yes
 #enable remote desktop
 netsh advfirewall firewall set rule group="remote desktop" new enable=yes
 #import or export firewall settings
 netsh advfirewall export "c:\..\..\file.wfw"
 #INFOS
 #netsh firewall deprecated;USE netsh advfirewall !
 The netsh firewall context is supplied only for backward compatibility. MS
 recommends that you do not use this context on a computer that is running Windows Vista
 or a later version of Windows, because by using it you can create and modify firewall rules only for the domain and private profiles. Earlier versions of Windows only supported a domain and standard profile. On Windows Vista and later, the standard profile maps to the private profile and domain continues to map to the domain profile. Rules for the public profile can only be manipulated when the computer is actually attached to a public network and the command is run against the "current" profile.
 # You can use also netsh advfirewall consec (connection security profile) for
 securing the traffic not only controling
 The connection (consec) profiles allow you to create IPSEC VPNs between two systems. 
 In other words, consec rules allow you to secure the traffic that is coming 
 through the firewall, not just restrict or filter it.

 #PORT FORWARDING
 #
 #Forward 192.168.1.0:80 ->  192.168.1.2:82 (so, all the trafic that
 #come from port ip 192.168.1.0:80 is redirected to 192.168.1.2:82 )
 netsh interface portproxy add v4tov4 listenport=80 listenaddress=192.168.1.0 connectport=82 connectaddress=192.168.1.2
 #to reset or delete a portforwarding
 netsh interface portproxy delete v4tov4 listenport=80 listenaddress=192.168.1.0
 netsh interface portproxy reset
 netsh interface portproxy delete
 #show all forwardings 
 netsh interface portproxy show all
 #forward local port 80 to cnn :), by calling localhost:5552
 netsh interface portproxy add v4tov4 listenport=5552 connectport=80 connectaddress= 157.166.226.25 protocol=tcp
	# ------------------ NETSH ---------------
	#
	#for help: $ netsh /?



	#NETSTAT
	#
	#usefull
	netstat -bn
	#find a certain program
	netstat -bn \| grep -B 1 avast.exe
	#shows the ports, pids,hosts; you can filter certain ports for example with findstr
	netstat -ano \| findstr :80
	#next you can take the pid from netstat and find the corresponding process
	tasklist \| findstr 458 #458 is the PID


	#FIRREWALL
	#see https://technet.microsoft.com/de-at/library/dd734783%28v=ws.10%29.aspx
	#
	#Show if enabled/disabled
	netsh advfirewall show private \| public \| domain
	#Show all rules
	netsh advfirewall firewall show rule name=all #or name=myrule
	#
	#Disable
	netsh advfirewall set allprofiles state off
	#Enable
	netsh advfirewall set allprofiles state on
	#Reset to default
	netsh advfirewall reset
	#set log path
	netsh advfirewall set currentprofile logging filename "c:\path.log"
	#enable/disable log for allowedconnections
	netsh advfirewall set currentprofile logging allowedconnections enable #or disable
	#enable/disable log for droppedconnecions
	netsh advfirewall set currentprofile logging droppedconnections enable #or disable
	#control ping
	#block ping
	netsh advfirewall firewall add rule name="All ICMP V4" dir=in action=block protocol=icmv4
	#allow ping
	netsh advfirewall firewall add rule name="All ICMP V4" dir=in action=block protocol=icmpv4
	#open a port,in this case 1433 sql server
	netsh advfirewall firewall add rule name="Open SQL Server port 1433" dir=in action=allow protocol=TCP localport=1433
	#block all incoming trafic from wireless
	#interfacetypes = { any \| wireless \| lan \| ras } ]
	netsh advfirewall firewall add rule name="Block Wireless In" dir=in interface=wireless action=block
	#open firewall for a certain software
	netsh advfirewall firewall add rule name="Allow Messenger" dir=in action=allow program="c:\programfiles\msmgr.exe"
	#enable remote management ex: Microsoft Management Console
	netsh advfirewall fireall set rule group="remote administration" new enable=yes
	#enable remote desktop
	netsh advfirewall firewall set rule group="remote desktop" new enable=yes
	#import or export firewall settings
	netsh advfirewall export "c:\..\..\file.wfw"
	#INFOS
	#netsh firewall deprecated;USE netsh advfirewall !
	The netsh firewall context is supplied only for backward compatibility. MS
	recommends that you do not use this context on a computer that is running Windows Vista
	or a later version of Windows, because by using it you can create and modify firewall rules only for the domain and private profiles. Earlier versions of Windows only supported a domain and standard profile. On Windows Vista and later, the standard profile maps to the private profile and domain continues to map to the domain profile. Rules for the public profile can only be manipulated when the computer is actually attached to a public network and the command is run against the "current" profile.
	# You can use also netsh advfirewall consec (connection security profile) for
	securing the traffic not only controling
	The connection (consec) profiles allow you to create IPSEC VPNs between two systems.
	In other words, consec rules allow you to secure the traffic that is coming
	through the firewall, not just restrict or filter it.

	#PORT FORWARDING
	#
	#Forward 192.168.1.0:80 -> 192.168.1.2:82 (so, all the trafic that
	#come from port ip 192.168.1.0:80 is redirected to 192.168.1.2:82 )
	netsh interface portproxy add v4tov4 listenport=80 listenaddress=192.168.1.0 connectport=82 connectaddress=192.168.1.2
	#to reset or delete a portforwarding
	netsh interface portproxy delete v4tov4 listenport=80 listenaddress=192.168.1.0
	netsh interface portproxy reset
	netsh interface portproxy delete
	#show all forwardings
	netsh interface portproxy show all
	#forward local port 80 to cnn :), by calling localhost:5552
	netsh interface portproxy add v4tov4 listenport=5552 connectport=80 connectaddress= 157.166.226.25 protocol=tcp