Windows系统网络配置命令详细指南

在Windows操作系统中，通过命令行工具可以执行各种网络配置和管理任务。以下是常用的Windows网络配置命令及其详细说明，包括查看和配置网络接口、诊断网络连接、管理防火墙、共享和远程访问配置、网络服务管理等。

一、查看和配置网络接口

1. ipconfig

用于显示和刷新网络接口的IP配置。

查看当前网络配置

ipconfig

输出示例：

Windows IP ConfigurationEthernet adapter Ethernet:Connection-specific DNS Suffix  . :Link-local IPv6 Address . . . . . : fe80::1c6e:7ff:fe4e:1d5%3IPv4 Address. . . . . . . . . . . : 192.168.1.10Subnet Mask . . . . . . . . . . . : 255.255.255.0Default Gateway . . . . . . . . . : 192.168.1.1

查看详细的网络配置

ipconfig /all

输出示例：

Windows IP ConfigurationHost Name . . . . . . . . . . . . : my-pcPrimary Dns Suffix  . . . . . . . :Node Type . . . . . . . . . . . . : HybridIP Routing Enabled. . . . . . . . : NoWINS Proxy Enabled. . . . . . . . : NoDNS Suffix Search List. . . . . . : example.comEthernet adapter Ethernet:Connection-specific DNS Suffix  . :Description . . . . . . . . . . . : Intel(R) Ethernet Connection (7) I219-VPhysical Address. . . . . . . . . : 1C-6E-4E-1D-05DHCP Enabled. . . . . . . . . . . : YesAutoconfiguration Enabled . . . . : YesLink-local IPv6 Address . . . . . : fe80::1c6e:7ff:fe4e:1d5%3(Preferred)IPv4 Address. . . . . . . . . . . : 192.168.1.10(Preferred)Subnet Mask . . . . . . . . . . . : 255.255.255.0Lease Obtained. . . . . . . . . . : Monday, June 1, 2023 10:00:00 AMLease Expires . . . . . . . . . . : Monday, June 1, 2023 10:00:00 PMDefault Gateway . . . . . . . . . : 192.168.1.1DHCP Server . . . . . . . . . . . : 192.168.1.1DNS Servers . . . . . . . . . . . : 8.8.8.88.8.4.4NetBIOS over Tcpip. . . . . . . . : Enabled

刷新DNS缓存
```
ipconfig /flushdns
```
释放所有接口的IP地址
```
ipconfig /release
```
更新所有接口的IP地址
```
ipconfig /renew
```

2. netsh

用于配置和管理网络接口、路由、防火墙等。

查看网络接口列表

netsh interface show interface

输出示例：

Admin State    State          Type             Interface Name
-----------------------------------------------------------------
Enabled        Connected      Dedicated        Ethernet
Enabled        Disconnected   Dedicated        Wi-Fi
Enabled        Connected      Dedicated        Local Area Connection* 10

启用网络接口

netsh interface set interface "Ethernet" admin=enable

禁用网络接口

netsh interface set interface "Ethernet" admin=disable

设置静态IP地址

netsh interface ip set address name="Ethernet" static 192.168.1.100 255.255.255.0 192.168.1.1

设置静态DNS服务器

netsh interface ip set dns name="Ethernet" static 8.8.8.8

二、网络诊断和测试

1. ping

用于测试网络连接和响应时间。

测试连接到特定主机

ping www.example.com

输出示例：

Pinging www.example.com [93.184.216.34] with 32 bytes of data:
Reply from 93.184.216.34: bytes=32 time=12ms TTL=55
Reply from 93.184.216.34: bytes=32 time=13ms TTL=55
Reply from 93.184.216.34: bytes=32 time=12ms TTL=55
Reply from 93.184.216.34: bytes=32 time=12ms TTL=55Ping statistics for 93.184.216.34:Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:Minimum = 12ms, Maximum = 13ms, Average = 12ms

发送指定数量的请求
```
ping -n 5 www.example.com
```

2. tracert

用于跟踪数据包到达目标主机的路由路径。

跟踪到特定主机的路由

tracert www.example.com

输出示例：

Tracing route to example.com [93.184.216.34]
over a maximum of 30 hops:1     1 ms     1 ms     1 ms  192.168.1.12    10 ms    10 ms    10 ms  10.0.0.13    20 ms    20 ms    20 ms  192.168.0.14    30 ms    30 ms    30 ms  example.com [93.184.216.34]Trace complete.

3. pathping

结合ping和tracert的功能，提供详细的网络路径分析。

分析到特定主机的路径

pathping www.example.com

输出示例：

Tracing route to example.com [93.184.216.34]
over a maximum of 30 hops:
0  my-pc [192.168.1.100]
1  192.168.1.1
2  10.0.0.1
3  192.168.0.1
4  example.com [93.184.216.34]Computing statistics for 100 seconds...
Source to Here   This Node/Link
Hop  RTT    Lost/Sent = Pct  Lost/Sent = Pct  Address0                                           my-pc [192.168.1.100]1    1ms     0/ 100 =  0%   |                192.168.1.10/ 100 =  0%   |2   10ms     0/ 100 =  0%   |                10.0.0.10/ 100 =  0%   |3   20ms     0/ 100 =  0%   |                192.168.0.10/ 100 =  0%   |4   30ms     0/ 100 =  0%   |                example.com [93.184.216.34]Trace complete.

4. nslookup

用于查询DNS记录。

查询特定域名的DNS信息

nslookup www.example.com

输出示例：

Server:  google-public-dns-a.google.com
Address:  8.8.8.8Non-authoritative answer:
Name:    www.example.com
Address: 93.184.216.34

5. netstat

用于显示网络连接、路由表和接口状态等。

查看所有活动连接

netstat

输出示例：

Active ConnectionsProto  Local Address          Foreign Address        StateTCP    192.168.1.100:1234     example.com:80         ESTABLISHEDTCP    192.168.1.100:5678     another.com:443        TIME_WAIT

显示所有端口的监听状态

netstat -an

输出示例：

Active ConnectionsProto  Local Address          Foreign Address        StateTCP    0.0.0.0:80             0.0.0.0:0              LISTENINGTCP    192.168.1.100:1234     93.184.216.34:80       ESTABLISHED

显示应用程序和端口的对应关系

netstat -ab

输出示例：

Active ConnectionsProto  Local Address          Foreign Address        State           PIDTCP    0.0.0.0:80             0.0.0.0:0              LISTENING       1234[apache.exe]TCP    192.168.1.100:1234     93.184.216.34:80       ESTABLISHED     5678[chrome.exe]

三、管理Windows防火墙

1. 查看防火墙状态

netsh advfirewall show allprofiles

输出示例：

Domain Profile Settings:
----------------------------------------------------------------------
State                                 ON
Firewall Policy                       BlockInbound,AllowOutbound
LocalFirewallRules                    N/A (GPO-store only)
LocalConSecRules                      N/A (GPO-store only)
InboundUserNotification               Enable
RemoteManagement                      Disable
UnicastResponseToMulticast            EnablePrivate Profile Settings:
----------------------------------------------------------------------
State                                 ON
Firewall Policy                       BlockInbound,AllowOutbound
LocalFirewallRules                    N/A (GPO-store only)
LocalConSecRules                      N/A (GPO-store only)
InboundUserNotification               Enable
RemoteManagement                      Disable
UnicastResponseToMulticast            EnablePublic Profile Settings:
----------------------------------------------------------------------
State                                 ON
Firewall Policy                       BlockInbound,AllowOutbound
LocalFirewallRules                    N/A (GPO-store only)
LocalConSecRules                      N/A (GPO-store only)
InboundUserNotification               Enable
RemoteManagement                      Disable
UnicastResponseToMulticast            Enable

2. 启用防火墙

netsh advfirewall set allprofiles state on

3. 禁用防火墙

netsh advfirewall set allprofiles state off

4. 允许应用程序通过防火墙

netsh advfirewall firewall add rule name="允许应用程序" dir=in action=allow program="C:\path\to\app.exe" enable=yes

5. 阻止特定端口的入站流量

netsh advfirewall firewall add rule name="阻止端口" dir=in action=block protocol=TCP localport=8080

6. 删除防火墙规则

netsh advfirewall firewall delete rule name="阻止端口"

四、共享和远程访问配置

1. net use

用于连接和断开共享资源。

连接共享资源

net use X: \\服务器\共享

示例：
```
net use X: \\192.168.1.1\shared_folder
```

断开共享资源
```
net use X: /delete
```

2. mstsc

用于启动远程桌面连接。

连接到远程计算机

mstsc /v:远程IP地址

示例：
```
mstsc /v:192.168.1.1
```

五、网络服务管理

1. 查看网络服务状态

net start

输出示例：

These Windows services are started:Application Layer Gateway ServiceBackground Intelligent Transfer ServiceBase Filtering EngineCOM+ Event SystemDHCP ClientDNS Client...

2. 启动网络服务

net start 服务名称

示例：
```
net start "DHCP Client"
```

3. 停止网络服务

net stop 服务名称

示例：
```
net stop "DHCP Client"
```

六、其他网络配置命令

1. route

用于查看和配置路由表。

查看路由表

route print

输出示例：

===========================================================================
Interface List15...00 1c 42 00 00 08 ......Intel(R) Ethernet Connection (7) I219-V1...........................Software Loopback Interface 111...00 1c 42 00 00 09 ......Microsoft Wi-Fi Direct Virtual Adapter
===========================================================================IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric0.0.0.0          0.0.0.0     192.168.1.1     192.168.1.100     25127.0.0.0        255.0.0.0       On-link      127.0.0.1    331127.0.0.1  255.255.255.255       On-link      127.0.0.1    331127.255.255.255  255.255.255.255       On-link      127.0.0.1    331192.168.1.0    255.255.255.0       On-link    192.168.1.100    281192.168.1.100  255.255.255.255       On-link    192.168.1.100    281192.168.1.255  255.255.255.255       On-link    192.168.1.100    281
===========================================================================

添加静态路由

route add 目标网络 MASK 子网掩码 网关

示例：

route add 192.168.2.0 MASK 255.255.255.0 192.168.1.1

删除静态路由

route delete 目标网络

示例：
```
route delete 192.168.2.0
```

2. arp

用于查看和管理ARP缓存。

查看ARP缓存

arp -a

输出示例：

Interface: 192.168.1.100 --- 0x15Internet Address      Physical Address      Type192.168.1.1           00-14-22-01-23-45     dynamic192.168.1.255         ff-ff-ff-ff-ff-ff     static

添加静态ARP条目