Добавяне на интерфейс в NAT netsh routing ip nat> Usage: add interface [name=] [[mode=]full|addressonly|private] Parameters: Tag Value name - the name of the interface. (името на интефейса от Network and Dial-up connections) mode - One of the following values: full: Enables full mode. (променя source адреса и порта) addressonly: Enables address-only mode. (променя само source адреса) private: Enables private mode. Remarks: Configures network address translation (NAT) on the specified interface. Examples: add interface "Local Area Connection" full -------------------------------------------------------------------------------------- Изтриване на интерфейс в NAT netsh routing ip nat> Usage: delete interface [name=] Parameters: Tag Value name - The name of the interface for which you want to remove the use of network address translation (NAT). Remarks: Removes NAT from the specified interface. Examples: delete interface "Local Area Connection" -------------------------------------------------------------------------------------- Добавяне на PORTMAPPING netsh routing ip nat> Usage: add portmapping [name=] [proto=]tcp|udp [publicip=]|0.0.0.0 [publicport=]integer [privateip=] [privateport=]integer Parameters: Tag Value name - The name of the interface for which you want to add a port mapping to be enabled for use with NAT. proto - One of the following values: tcp: Sets protocol type to TCP. udp: Sets protocol type to UDP. publicip - Either a specified external IP address on the public network or 0.0.0.0 to indicate any IP address not specified within the private network address range. publicport - A number from 0 to 9999 for the public protocol port. privateip - An IP address within the private network range. publicport - A number from 0 to 9999 for the private protocol port. Remarks: Adds a protocol port mapping on the NAT interface. Examples: add portmapping Internet tcp 0.0.0.0 80 10.0.0.1 80 -------------------------------------------------------------------------------------- Изтриване на PORTMAPPING netsh routing ip nat> Usage: delete portmapping [name=] [proto=]tcp|udp [publicip=]|0.0.0.0 [publicport=]integer Parameters: Tag Value name - The name of the interface from which you want to delete a NAT port mapping. proto - One of the following values: tcp: Sets protocol type to TCP. udp: Sets protocol type to UDP. publicip - Either a specified external IP address on the public network or 0.0.0.0 to indicate any IP address not specified within the private network address range. publicport - A number from 0 to 9999 for the public protocol port. Remarks: Deletes a protocol port mapping from the specified NAT interface. Examples: delete portmapping local tcp 0.0.0.0 80 -------------------------------------------------------------------------------------- Добавяне на ADDRESSRANGE netsh routing ip nat> Usage: add addressrange [name=] [start=] [end=] [mask=] Parameters: Tag Value name - The name of the interface where network address translation is to be used. start - The starting IP address for the address range. end - The ending IP address for the address range. mask - The IP subnet mask associated with the network range bounded by the start and end IP addresses. Remarks: Adds an IP address range to the network address translation (NAT) address pool. Examples: add addressrange "Local Area Connection" 10.10.10.1 10.10.10.254 255.255.255.0 The example command adds an address range to the NAT address pool, with addresses 10.10.10.1 to 10.10.10.254, and a mask of 255.255.255.0. -------------------------------------------------------------------------------------- Изтриване на ADDRESSRANGE netsh routing ip nat> Usage: delete addressrange [name=] [start=] Parameters: Tag Value name - The name of the interface for which you want to delete an address range. start - The starting IP address of the range being deleted. Remarks: Deletes an address range from the NAT interface address pool. Examples: delete addressrange "Local Area Connection" 10.10.10.1 -------------------------------------------------------------------------------------- Добавяне на ADDRESSMAPPING netsh routing ip nat> Usage: add addressmapping [name=] [public=] [private=] [inboundsessions=]enable|disable Parameters: Tag Value name - The name of the interface where network address translation is to be used. public - The IP address used externally on a public network. private - The IP address contained within the pooled range of addresses available for use on the private network. inboundsessions - One of the following values: enable: Enables inbound sessions. disable: Disables inbound sessions. Remarks: Adds an IP address mapping to the network address translation (NAT) address pool. Examples: add addressmapping "Local Area Connection" 11.11.11.1 10.10.10.1 disable The example command adds an address mapping of a public IP address (11.11.11.1) to an IP address within the private range (10.10.10.1) and disables inbound sessions for this NAT table mapping. -------------------------------------------------------------------------------------- Изтриване на ADDRESSMAPPING netsh routing ip nat> Usage: delete addressmapping [name=] [public=] Parameters: Tag Value name - The name of the interface for which you want to delete an address mapping. public - The IP address used on the public network. Remarks: Deletes an address mapping from the NAT interface address pool. Examples: delete addressmapping "Local Area Connection" 11.11.11.11 -------------------------------------------------------------------------------------- Добавяне на PORTPROXY Първо се инсталира IPv6. netsh interface ipv6> install След това: netsh interface portproxy> Usage: add v4tov4 [listenport=]| [connectaddress=]| [[connectport=]|] [[listenaddress=]|] [[protocol=]tcp] Parameters: Tag Value listenport - IPv4 port on which to listen. connectaddress - IPv4 address to which to connect. connectport - IPv4 port to which to connect. listenaddress - IPv4 address on which to listen. protocol - Protocol to use. Currently only TCP is supported. Remarks: Adds an entry to listen on for IPv4 and proxy connect to via IPv4. Портове на NIT: Listen on IPv4: Connect to IPv4: Address Port Address Port --------------- ---------- --------------- ---------- 195.24.45.150 28080 10.220.31.67 28080 195.24.45.150 28081 10.220.31.67 1521 195.24.45.150 28082 10.220.31.67 5800 195.24.45.150 28083 10.220.31.67 21 195.24.45.150 28090 10.220.31.67 28090 195.24.45.150 28091 10.220.31.67 28091 195.24.45.150 28092 10.220.31.67 28092 195.24.45.150 28093 10.220.31.67 28093 195.24.45.150 5900 10.220.31.67 5900 -------------------------------------------------------------------------------------- Изтриване на PORIPROXY netsh interface portproxy> Usage: delete v4tov4 [listenport=]| [[listenaddress=]|] [[protocol=]tcp] Parameters: Tag Value listenport - IPv4 port on which to listen. listenaddress - IPv4 address on which to listen. protocol - Protocol to use. Currently only TCP is supported. Remarks: Deletes an entry to listen on for IPv4 and proxy connect to via IPv4. -------------------------------------------------------------------------------------- Добавяне на IP FILTER netsh routing ip> Usage: add filter [name=] [filtertype=]{INPUT|OUTPUT|DIAL} [srcaddr=] [srcmask=] [dstaddr=] [dstmask=] { [proto=] ANY | [proto=]{TCP|UDP} [srcport=] [dstport=]| [proto=] ICMP [type=] [code=] } Parameters: Tag Value name - The name of the interface where the filter is to be added. filtertype - One of the following values: input: If the filter being modified filters input output: If the filter being modified filters output dial: If the filter being modified filters a dial-up interface being connected srcaddr - Source address field of the packet to be filtered. srcmask - Source address mask of the packet to be filtered. An address and mask of all 0's means ANY. dstaddr - Destination address field of packet to be filtered. dstmask - Destination address mask of packet to be filtered. proto - The protocol type for the packet to be filtered. srcport - The source port field of the packet to be filtered. A value of 0 means ANY. dstport - The destination port field of packet to filtered. A value of 0 means ANY. type - The ICMP type field of the packet to be filtered. code - The ICMP code field of the packet to be filtered. Remarks: Adds a packet filter to the specified interface. Examples: add filter name="Virtual Private Connection" filtertype=input srcaddr=0.0.0.0 srcmask=255.255.255.255 dstaddr=169.254.0.0 dstmask=255.255.0.0 proto=any add filter "Virtual Private Connection" input 0.0.0.0 0.0.0.0 169.254.0.0 255.255.0.0 any Потенциално опасни портове на Windows: TCP/UDP 135-139,445 ; TCP 1025,1029 -------------------------------------------------------------------------------------- Изтриване на IP FILTER netsh routing ip> Usage: delete filter [name=] [filtertype=]{INPUT|OUTPUT|DIAL} [srcaddr=] [srcmask=] [dstaddr=] [dstmask=] {[proto=]ANY | [proto=]{TCP|UDP} [srcport=] [dstport=] | [proto=]ICMP [type=] [code=] } Parameters: Tag Value name - The name of the interface where filter is deleted. filtertype - One of the following values: input: If the filter being modified filters input output: If the filter being modified filters output dial: If the filter being modified filters a dial-up interface being connected srcaddr - Source address field of the packet to be filtered. srcmask - Source address mask of the packet to be filtered. An address and mask of all 0's means ANY. dstaddr - Destination address field of packet to be filtered. dstmask - Destination address mask of packet to be filtered. proto - The protocol type for the packet to be filtered. srcport - The source port field of the packet to be filtered. A value of 0 means ANY. dstport - The destination port field of packet to filtered. A value of 0 means ANY. type - The ICMP type field of the packet to be filtered. code - The ICMP code field of the packet to be filtered. Remarks: Deletes a packet filter from the specified interface. Examples: delete filter name="Virtual Private Connection" filtertype=input srcaddr=0.0.0.0 srcmask=255.255.255.255 dstaddr=169.254.0.0 dstmask=255.255.0.0 proto=any delete filter "Virtual Private Connection" input 0.0.0.0 0.0.0.0 169.254.0.0 255.255.0.0 any -------------------------------------------------------------------------------------- Запомняне конфигурацията за NAT във файл netsh -c routing ip nat dump > nat.scr Зареждане конфигурацията за NAT от файл netsh -f nat.scr -------------------------------------------------------------------------------------- Разрешаване на IP routing-а HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters и там трябва да има (ако няма създавате) Value Name: IPEnableRouter Value type: REG_DWORD Value Data: 1 (Default: 0) На "Value Data" задължително 1 !! - така се разрешава IP routing-а. Излизате и ЗАДЪЛЖИТЕЛНО Рестарт !