tuksik/windowsnetworking.bat

## windowsnetworking.bat
#  ------------------ NETSH ---------------
#
#for help: $ netsh /?


#NETSTAT
#
#usefull
netstat -bn
#find a certain program
netstat -bn | grep -B 1 avast.exe
#shows the ports, pids,hosts; you can filter certain ports for example with findstr
netstat -ano | findstr :80
#next you can take the pid from netstat and find the corresponding process
tasklist | findstr 458   #458 is the PID


#FIRREWALL
#see https://technet.microsoft.com/de-at/library/dd734783%28v=ws.10%29.aspx
#
#Show if enabled/disabled
netsh advfirewall show private | public | domain
#Show all rules
netsh advfirewall firewall show rule name=all  #or name=myrule
#
#Disable
netsh advfirewall set allprofiles state off
#Enable
netsh advfirewall set allprofiles state on
#Reset to default
netsh advfirewall reset
#set log path
netsh advfirewall set currentprofile logging filename "c:\path.log"
#enable/disable log for allowedconnections
netsh advfirewall set currentprofile logging allowedconnections enable  #or disable
#enable/disable log for droppedconnecions
netsh advfirewall set currentprofile logging droppedconnections enable  #or disable
#control ping
#block ping
netsh advfirewall firewall add rule name="All ICMP V4" dir=in action=block protocol=icmv4
#allow ping
netsh advfirewall firewall add rule name="All ICMP V4" dir=in action=block protocol=icmpv4
#open a port,in this case 1433 sql server
netsh advfirewall firewall add rule name="Open SQL Server port 1433" dir=in action=allow protocol=TCP localport=1433
#block all incoming trafic from wireless
#interfacetypes = { any | wireless | lan | ras } ]
netsh advfirewall firewall add rule name="Block Wireless In" dir=in interface=wireless action=block
#open firewall for a certain software
netsh advfirewall firewall add rule name="Allow Messenger" dir=in action=allow program="c:\programfiles\msmgr.exe"
#enable remote management ex: Microsoft Management Console
netsh advfirewall fireall set rule group="remote administration" new enable=yes
#enable remote desktop
netsh advfirewall firewall set rule group="remote desktop" new enable=yes
#import or export firewall settings
netsh advfirewall export "c:\..\..\file.wfw"
#INFOS
#netsh firewall deprecated;USE netsh advfirewall !
The netsh firewall context is supplied only for backward compatibility. MS
recommends that you do not use this context on a computer that is running Windows Vista
or a later version of Windows, because by using it you can create and modify firewall rules only for the domain and private profiles. Earlier versions of Windows only supported a domain and standard profile. On Windows Vista and later, the standard profile maps to the private profile and domain continues to map to the domain profile. Rules for the public profile can only be manipulated when the computer is actually attached to a public network and the command is run against the "current" profile.
# You can use also netsh advfirewall consec (connection security profile) for
securing the traffic not only controling
The connection (consec) profiles allow you to create IPSEC VPNs between two systems.
In other words, consec rules allow you to secure the traffic that is coming
through the firewall, not just restrict or filter it.

#PORT FORWARDING
#
#Forward 192.168.1.0:80 ->  192.168.1.2:82 (so, all the trafic that
#come from port ip 192.168.1.0:80 is redirected to 192.168.1.2:82 )
netsh interface portproxy add v4tov4 listenport=80 listenaddress=192.168.1.0 connectport=82 connectaddress=192.168.1.2
#to reset or delete a portforwarding
netsh interface portproxy delete v4tov4 listenport=80 listenaddress=192.168.1.0
netsh interface portproxy reset
netsh interface portproxy delete
#show all forwardings
netsh interface portproxy show all
#forward local port 80 to cnn :), by calling localhost:5552
netsh interface portproxy add v4tov4 listenport=5552 connectport=80 connectaddress= 157.166.226.25 protocol=tcp
	# ------------------ NETSH ---------------
	#
	#for help: $ netsh /?



	#NETSTAT
	#
	#usefull
	netstat -bn
	#find a certain program
	netstat -bn \| grep -B 1 avast.exe
	#shows the ports, pids,hosts; you can filter certain ports for example with findstr
	netstat -ano \| findstr :80
	#next you can take the pid from netstat and find the corresponding process
	tasklist \| findstr 458 #458 is the PID


	#FIRREWALL
	#see https://technet.microsoft.com/de-at/library/dd734783%28v=ws.10%29.aspx
	#
	#Show if enabled/disabled
	netsh advfirewall show private \| public \| domain
	#Show all rules
	netsh advfirewall firewall show rule name=all #or name=myrule
	#
	#Disable
	netsh advfirewall set allprofiles state off
	#Enable
	netsh advfirewall set allprofiles state on
	#Reset to default
	netsh advfirewall reset
	#set log path
	netsh advfirewall set currentprofile logging filename "c:\path.log"
	#enable/disable log for allowedconnections
	netsh advfirewall set currentprofile logging allowedconnections enable #or disable
	#enable/disable log for droppedconnecions
	netsh advfirewall set currentprofile logging droppedconnections enable #or disable
	#control ping
	#block ping
	netsh advfirewall firewall add rule name="All ICMP V4" dir=in action=block protocol=icmv4
	#allow ping
	netsh advfirewall firewall add rule name="All ICMP V4" dir=in action=block protocol=icmpv4
	#open a port,in this case 1433 sql server
	netsh advfirewall firewall add rule name="Open SQL Server port 1433" dir=in action=allow protocol=TCP localport=1433
	#block all incoming trafic from wireless
	#interfacetypes = { any \| wireless \| lan \| ras } ]
	netsh advfirewall firewall add rule name="Block Wireless In" dir=in interface=wireless action=block
	#open firewall for a certain software
	netsh advfirewall firewall add rule name="Allow Messenger" dir=in action=allow program="c:\programfiles\msmgr.exe"
	#enable remote management ex: Microsoft Management Console
	netsh advfirewall fireall set rule group="remote administration" new enable=yes
	#enable remote desktop
	netsh advfirewall firewall set rule group="remote desktop" new enable=yes
	#import or export firewall settings
	netsh advfirewall export "c:\..\..\file.wfw"
	#INFOS
	#netsh firewall deprecated;USE netsh advfirewall !
	The netsh firewall context is supplied only for backward compatibility. MS
	recommends that you do not use this context on a computer that is running Windows Vista
	or a later version of Windows, because by using it you can create and modify firewall rules only for the domain and private profiles. Earlier versions of Windows only supported a domain and standard profile. On Windows Vista and later, the standard profile maps to the private profile and domain continues to map to the domain profile. Rules for the public profile can only be manipulated when the computer is actually attached to a public network and the command is run against the "current" profile.
	# You can use also netsh advfirewall consec (connection security profile) for
	securing the traffic not only controling
	The connection (consec) profiles allow you to create IPSEC VPNs between two systems.
	In other words, consec rules allow you to secure the traffic that is coming
	through the firewall, not just restrict or filter it.

	#PORT FORWARDING
	#
	#Forward 192.168.1.0:80 -> 192.168.1.2:82 (so, all the trafic that
	#come from port ip 192.168.1.0:80 is redirected to 192.168.1.2:82 )
	netsh interface portproxy add v4tov4 listenport=80 listenaddress=192.168.1.0 connectport=82 connectaddress=192.168.1.2
	#to reset or delete a portforwarding
	netsh interface portproxy delete v4tov4 listenport=80 listenaddress=192.168.1.0
	netsh interface portproxy reset
	netsh interface portproxy delete
	#show all forwardings
	netsh interface portproxy show all
	#forward local port 80 to cnn :), by calling localhost:5552
	netsh interface portproxy add v4tov4 listenport=5552 connectport=80 connectaddress= 157.166.226.25 protocol=tcp