Windows Networking
Cấu hình Network Interface
# Xem network adapters
Get-NetAdapter # tất cả adapter
Get-NetAdapter -Name "Ethernet" # adapter cụ thể
Get-NetIPAddress # tất cả IP
Get-NetIPAddress -AddressFamily IPv4 # chỉ IPv4
Get-NetIPConfiguration # IP, Gateway, DNS đầy đủ
# Cấu hình IP tĩnh
New-NetIPAddress -InterfaceAlias "Ethernet" `
-IPAddress "192.168.1.100" `
-PrefixLength 24 `
-DefaultGateway "192.168.1.1"
# Đổi DNS
Set-DnsClientServerAddress -InterfaceAlias "Ethernet" `
-ServerAddresses "8.8.8.8","8.8.4.4"
# Về DHCP
Remove-NetIPAddress -InterfaceAlias "Ethernet" -Confirm:$false
Remove-NetRoute -InterfaceAlias "Ethernet" -Confirm:$false
Set-NetIPInterface -InterfaceAlias "Ethernet" -Dhcp Enabled
Set-DnsClientServerAddress -InterfaceAlias "Ethernet" -ResetServerAddresses
# Bật/tắt adapter
Disable-NetAdapter -Name "Ethernet" -Confirm:$false
Enable-NetAdapter -Name "Ethernet"
Lệnh Network cơ bản (CMD)
:: Xem IP
ipconfig :: tóm tắt
ipconfig /all :: chi tiết (MAC, DNS, DHCP...)
ipconfig /flushdns :: xoá DNS cache
ipconfig /release :: trả IP về DHCP
ipconfig /renew :: xin IP mới từ DHCP
:: Routing
route print :: bảng routing
route add 10.0.0.0 mask 255.0.0.0 192.168.1.1 :: thêm route
route delete 10.0.0.0 :: xoá route
route add 10.0.0.0 mask 255.0.0.0 192.168.1.1 -p :: persistent
:: Test kết nối
ping google.com
ping -n 10 192.168.1.1 :: 10 lần
tracert google.com :: trace route (= traceroute trên Linux)
pathping google.com :: kết hợp ping + tracert
:: DNS
nslookup google.com
nslookup -type=MX company.com
nslookup google.com 8.8.8.8 :: dùng DNS server cụ thể
netsh — Network Shell
netsh là công cụ CLI mạnh mẽ để cấu hình mạng trên Windows:
:: Xem interface
netsh interface show interface
netsh interface ipv4 show addresses
:: Cấu hình IP tĩnh
netsh interface ipv4 set address "Ethernet" static 192.168.1.100 255.255.255.0 192.168.1.1
:: DNS
netsh interface ipv4 set dns "Ethernet" static 8.8.8.8
netsh interface ipv4 add dns "Ethernet" 8.8.4.4 index=2
:: Xem connections (netstat)
netstat -an :: tất cả connections
netstat -anob :: kèm process (cần admin)
netstat -anob | findstr :80 :: ai dùng port 80?
netstat -s :: statistics
:: Firewall
netsh advfirewall show allprofiles
netsh advfirewall firewall show rule name=all
netsh advfirewall firewall add rule name="Allow HTTP" dir=in action=allow protocol=tcp localport=80
netsh advfirewall firewall delete rule name="Allow HTTP"
Windows Firewall (PowerShell)
# Xem profiles (Domain, Private, Public)
Get-NetFirewallProfile
# Bật/tắt Firewall
Set-NetFirewallProfile -Profile Domain,Private,Public -Enabled True
# Xem rules
Get-NetFirewallRule | Where-Object {$_.Enabled -eq "True"} | Select-Object DisplayName, Direction, Action
# Thêm rule
New-NetFirewallRule -DisplayName "Allow HTTPS Inbound" `
-Direction Inbound `
-Protocol TCP `
-LocalPort 443 `
-Action Allow `
-Profile Any
# Giới hạn theo IP
New-NetFirewallRule -DisplayName "Allow SSH from Office" `
-Direction Inbound `
-Protocol TCP `
-LocalPort 22 `
-RemoteAddress "192.168.1.0/24" `
-Action Allow
# Xoá rule
Remove-NetFirewallRule -DisplayName "Allow HTTPS Inbound"
# Tắt/bật rule
Disable-NetFirewallRule -DisplayName "Allow HTTPS Inbound"
Enable-NetFirewallRule -DisplayName "Allow HTTPS Inbound"
DNS Troubleshoot trên Windows
# Tra DNS
Resolve-DnsName google.com # nslookup kiểu PowerShell
Resolve-DnsName google.com -Type MX # MX record
Resolve-DnsName google.com -Server 8.8.8.8 # dùng DNS server cụ thể
Resolve-DnsName 142.250.x.x # reverse lookup
# Xoá cache
Clear-DnsClientCache # ipconfig /flushdns
Get-DnsClientCache # xem cache hiện tại
# Test kết nối
Test-NetConnection google.com # ping + port test
Test-NetConnection google.com -Port 443 # test HTTPS
Test-NetConnection 192.168.1.10 -Port 3306 -InformationLevel Detailed
Network Troubleshoot Commands
# Xem port đang listen
Get-NetTCPConnection -State Listen | Select-Object LocalPort, State, OwningProcess |
Sort-Object LocalPort
# Kết hợp với process name
Get-NetTCPConnection -State Listen | ForEach-Object {
$proc = Get-Process -Id $_.OwningProcess -ErrorAction SilentlyContinue
[PSCustomObject]@{
Port = $_.LocalPort
Process = $proc.Name
PID = $_.OwningProcess
}
} | Sort-Object Port
# Bandwidth usage (cần Network Monitor hoặc Wireshark)
# Hoặc dùng Performance Counter
Get-Counter "\Network Interface(*)\Bytes Total/sec" -SampleInterval 2 -MaxSamples 5
# Xem ARP table
arp -a # CMD
Get-NetNeighbor # PowerShell
# SMB connections (Windows file sharing)
Get-SmbConnection # connection đang mở
Get-SmbSession # session đến server này
Get-SmbShare # share đang publish
Network Shares (SMB)
# Tạo share
New-SmbShare -Name "Deploy" `
-Path "C:\deployments" `
-Description "Deployment files" `
-FullAccess "DOMAIN\DevOps-Team" `
-ReadAccess "DOMAIN\Developers"
# Xem shares
Get-SmbShare
Get-SmbShareAccess -Name "Deploy"
# Xoá share
Remove-SmbShare -Name "Deploy" -Confirm:$false
# Map network drive từ client
New-PSDrive -Name Z -PSProvider FileSystem `
-Root \\server\Deploy -Credential (Get-Credential) -Persist