Hi,
I have the similar problem. Would you mind if you can advise?
My application will create the connection to other application server, the
windows will dynamically assign the source TCP port for my application, but
I don't want it to assign port 1434 and 4444, can I use netsh to do so?
Thanks in advance.
Regards,
Eddie
"Dusty Harper {MS}" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> No this is not possible, the easiest way is to create a script / batch
file
> that runs Netsh commands that open the ports. Creating the range in this
> way is relatively simple.
>
> You can use the following:
>
> var Application = WScript.CreateObject( "WScript.Shell" );
> main( );
>
> function main( )
> {
>
> var InterfaceName = ; // "Local Area Interface"
> var FilterType = ; // "Input"
> var SourceAddress = ; // "131.0.0.0"
> var SourceMask = ; // "255.0.0.0"
> var DestinationAddress = ; // "0.0.0.0"
> var DestinationMask = ; // "0.0.0.0"
> var Protocol = ; // "TCP"
> var StartSourcePort = ; // 1024
> var EndSourcePort = ; // 6500
> var DestinationPort = ; // 0
> var ICMPType = ; // 0
> var ICMPCode = ; // 0
>
> for( var SourcePort = StartSourcePort ; SourcePort <=
EndSourcePort;
> SourcePort++ )
> {
> Application.Run( "NetSh.exe Routing IP Add Filter Name=" +
> InterfaceName + " FilterType=" + FilterType + " SrcAddr=" + SourceAddress
> + " SrcMask=" + SourceMask + " DstAddr=" + DestinationAddress
+
> " DstMask=" + DestinationMask + " Proto=" + Protocol
> + " SrcPort=" + SourcePort + " DstPort=" + DestinationPort, 9,
> true );
> }
> }
>
> Copy to a file and name AddFilter.js. Then just fill in the information
for
> each variable between the "=" and ";" I have left comments on what the
> variable should look like.
>
> This will add input filters to the Local Area Interface that will block
TCP
> traffic from 131.0.0.0 network using ports 1024-6500 to any destination
> address and any destination port.
>
> This could easily be made into a more usable commandline script. Hope
this
> helps
>
>
> --
> --
> Dusty Harper
> Microsoft Corporation
> --------------------------------------------------------------------------
--
> This posting is provided "AS IS", with NO warranties and confers NO rights
> --------------------------------------------------------------------------
--
>
> "Erik" <(E-Mail Removed)> wrote in message
> news:dW5Qc.4716$(E-Mail Removed)...
> > Dusty Harper, or someone else,
> >
> > So if I understand it correctly, it's not possible to allow/deny/filter
a
> > port range in Routing And Remote Access Service in one command/setting?
> > Can you please confirm this?
> >
> > Thanks in advance,
> >
> > Erik Beekma
> >
> > "Dusty Harper {MS}" <DHarper@[EMAIL PROTECTED]
> > > wrote in message
> > news:OjBcRdBdEHA.3728@[EMAIL PROTECTED]
> > > Create a file called filter.cmd
> > >
> > > Add lines similar to the following:
> > >
> > > Netsh Routing IP Add Filter Name=X FilterType=Input
SrcAddr=0.0.0.0
> > > SrcMask=255.255.255.255 DstAddr=0.0.0.0 DstAddr=255.255.255.255
> > Proto=TCP
> > > srcport=80 dstport=80
> > >
> > > to get the syntax, at a command line type Netsh < Enter > then type
> > Routing
> > > IP <Enter> then type Add filter ? <Enter>
> > >
> > > --
> > > --
> > > Dusty Harper
> > > Microsoft Corporation
> > >
>
> --------------------------------------------------------------------------
> > --
> > > This posting is provided "AS IS", with NO warranties and confers NO
> > rights
> > >
>
> --------------------------------------------------------------------------
> > --
> > >
> > > "Jason Breeze" <jason_breeze@[EMAIL PROTECTED]
> > > wrote in message
> > > news:e9f5sX4cEHA.3476@[EMAIL PROTECTED]
> > > > Sorry, I've never done that. Can you give a quick explanation or a
> > point
> > > in
> > > > the direction on how to do this?
> > > > Thx,
> > > > Jason
> > > >
> > > > "Dusty Harper {MS}" <DHarper@[EMAIL PROTECTED]
> > > wrote in message
> > > > news:%234EJIv1cEHA.1000@[EMAIL PROTECTED]
> > > > > The easiest solution is to create a script of netsh commands that
> > add
> > > the
> > > > > individual ports.
> > > > > --
> > > > > --
> > > > > Dusty Harper
> > > > > Microsoft Corporation
> > > >
> > >
> > >
>
> --------------------------------------------------------------------------
> > > > --
> > > > > This posting is provided "AS IS", with NO warranties and confers
NO
> > > rights
> > > >
> > >
> > >
>
> --------------------------------------------------------------------------
> > > > --
> > > > >
> > > > > "Jason Breeze" <jason_breeze@[EMAIL PROTECTED]
> > > wrote in message
> > > > > news:uFOcwHqcEHA.3016@[EMAIL PROTECTED]
> > > > > > I'm using Windows 2003 and have setup routing and remote access
to
> > do
> > > > NAT.
> > > > > > I need to enable a range of ports to my desktop, but don't see a
> > way
> > > to
> > > > > map
> > > > > > a range, it only gives me one at a time. Certain apps use a
range
> > so
> > > > this
> > > > > > appears to present a problem/annoyance to me. Does anyone have
a
> > > remedy
> > > > > to
> > > > > > this?
> > > > > >
> > > > > > Thanks
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >
> >
> >
>
>
|
Similar Threads
Linear Mode
