Tip #16: Using Windows XP's Network Shell a.k.a. "netsh"
Today's tip is on how to use the Network Shell, netsh.exe, which is included with Windows XP and 2000... The Network Shell utility allows you to view and modify network interfaces, routing tables, firewall rules, and TCP/IP settings... We'll be going over just a few of the more useful functions of the shell...
First off, to use the commands below, open a command prompt (Start/Run/cmd)...
Enter the following command, all on one line, to display your current network settings:
netsh int ip show config
The displayed information is similar to what you'd get with an ipconfig, showing address, DNS and gateway settings...
Next, the following command can be used to set an adapter to a static IP address... This might be useful to place in a script where you need to change your address to join a different IP network on your physical network...
netsh int ip set address "Local Area Connection" static 192.168.1.10 255.255.255.0 192.168.1.1 1
The last four numbers are the IP address, subnet mask, default gateway, and gateway metric...
If you set your IP address manually, you'll probably also want to set your DNS as well... This is done by:
netsh int ip set dns "Local Area Connection" dns "Local Area Connection" static 192.168.1.1
The 192.168.1.1 being the primary DNS server...
To change to, or revert back to DHCP, use the following commands:
netsh int ip set address "Local Area Connection" dhcp
netsh int ip set dns "Local Area Connection" dhcp
Firewall settings can be set from the command line using netsh as well... In the following command, we'll be providing access to an application, and limiting incoming connections to a single IP address (enter all on one line):
netsh firewall set allowedprogram "C:\PathToProg\program.exe" "AliasWeGiveIt" ENABLE CUSTOM 192.168.1.155
This will allow network access to the program, and limit access to only the IP address we have given...
To disable this access, use the following command:
netsh firewall set allowedprogram "C:\PathToProg\program.exe" "AliasWeGiveIt" DISABLE
Enabling access as shown allows you to script and schedule network enabled applications, while limiting timeframes and allowable clients... You can view the current firewall configuration with
netsh firewall show config...
Finally we'll take a look at how to reset your TCP/IP to it's original settings when the O/S was first installed... This command should only be used when your TCP/IP is totally destroyed, and a reload seems to be your only option... Sometimes spyware removal can leave your TCP/IP stack in this unusable state...
netsh int ip reset reset.log
This will restore TCP/IP functionality and log the changes made to reset.log...
Further commands for netsh can be discovered by running netsh in interactive mode... This can be entered into by simply typing netsh at a command prompt... Once in the shell, type help for availables commands/contexts...
If you have any questions, or other interesting uses for netsh, please leave a comment... Check back tomorrow for new tips...
First off, to use the commands below, open a command prompt (Start/Run/cmd)...
Enter the following command, all on one line, to display your current network settings:
netsh int ip show config
The displayed information is similar to what you'd get with an ipconfig, showing address, DNS and gateway settings...
Next, the following command can be used to set an adapter to a static IP address... This might be useful to place in a script where you need to change your address to join a different IP network on your physical network...
netsh int ip set address "Local Area Connection" static 192.168.1.10 255.255.255.0 192.168.1.1 1
The last four numbers are the IP address, subnet mask, default gateway, and gateway metric...
If you set your IP address manually, you'll probably also want to set your DNS as well... This is done by:
netsh int ip set dns "Local Area Connection" dns "Local Area Connection" static 192.168.1.1
The 192.168.1.1 being the primary DNS server...
To change to, or revert back to DHCP, use the following commands:
netsh int ip set address "Local Area Connection" dhcp
netsh int ip set dns "Local Area Connection" dhcp
Firewall settings can be set from the command line using netsh as well... In the following command, we'll be providing access to an application, and limiting incoming connections to a single IP address (enter all on one line):
netsh firewall set allowedprogram "C:\PathToProg\program.exe" "AliasWeGiveIt" ENABLE CUSTOM 192.168.1.155
This will allow network access to the program, and limit access to only the IP address we have given...
To disable this access, use the following command:
netsh firewall set allowedprogram "C:\PathToProg\program.exe" "AliasWeGiveIt" DISABLE
Enabling access as shown allows you to script and schedule network enabled applications, while limiting timeframes and allowable clients... You can view the current firewall configuration with
netsh firewall show config...
Finally we'll take a look at how to reset your TCP/IP to it's original settings when the O/S was first installed... This command should only be used when your TCP/IP is totally destroyed, and a reload seems to be your only option... Sometimes spyware removal can leave your TCP/IP stack in this unusable state...
netsh int ip reset reset.log
This will restore TCP/IP functionality and log the changes made to reset.log...
Further commands for netsh can be discovered by running netsh in interactive mode... This can be entered into by simply typing netsh at a command prompt... Once in the shell, type help for availables commands/contexts...
If you have any questions, or other interesting uses for netsh, please leave a comment... Check back tomorrow for new tips...
1 Comments:
At 7/14/2009 3:49 PM, Some guy said…
nice tip
Post a Comment
<< Home