全部,
我曾經是 ZoneAlarm 的快樂用戶。然而最近我需要在我的一台機器上開啟一個連接埠(Windows 8.1,SQL Server 的連接埠 1433),我發現這顯然是一項不可能的任務。所以,我詢問並被告知要使用 CoMoDo。
我確實下載並安裝了它,但現在看起來我仍然無法遠端存取伺服器。 CoMoDo 和 Windows FW 都處於活動狀態,我認為我確實在它們上開啟了相關連接埠。但是,嘗試遠端登入電腦的連接埠 1433 會導致「連線逾時」。
所以,我的問題是 - 如何在 Windows 8.1 韌體和 CoMoDo 韌體中正確開啟連接埠?
我還應該補充一點,這是用於我家裡的本地區域網路。
謝謝。
[編輯]
以下是我根據得到的答案進行跟進後執行的一些故障排除步驟的輸出。
C:\Users\Igor\Desktop>netstat -na | find "1433"
TCP 0.0.0.0:1433 0.0.0.0:0 LISTENING
TCP 192.168.1.4:1433 192.168.1.4:55788 ESTABLISHED
TCP 192.168.1.4:55788 192.168.1.4:1433 ESTABLISHED
TCP [::]:1433 [::]:0 LISTENING
igor@IgorDellGentoo ~/dbhandler $ nmap -v -p1433 192.168.1.4
Starting Nmap 7.01 ( https://nmap.org ) at 2016-06-24 23:09 EDT
Initiating Ping Scan at 23:09
Scanning 192.168.1.4 [2 ports]
Completed Ping Scan at 23:09, 3.00s elapsed (1 total hosts)
Nmap scan report for 192.168.1.4 [host down]
Read data files from: /usr/bin/../share/nmap
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 3.15 seconds
igor@IgorDellGentoo ~/dbhandler $ nmap -v -p1433 192.168.1.1
Starting Nmap 7.01 ( https://nmap.org ) at 2016-06-24 23:10 EDT
Initiating Ping Scan at 23:10
Scanning 192.168.1.1 [2 ports]
Completed Ping Scan at 23:10, 0.04s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 23:10
Completed Parallel DNS resolution of 1 host. at 23:10, 0.03s elapsed
Initiating Connect Scan at 23:10
Scanning 192.168.1.1 [1 port]
Completed Connect Scan at 23:10, 0.01s elapsed (1 total ports)
Nmap scan report for 192.168.1.1
Host is up (0.035s latency).
PORT STATE SERVICE
1433/tcp closed ms-sql-s
Read data files from: /usr/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 0.14 seconds
igor@IgorDellGentoo ~/dbhandler $ ping -c 3 192.168.1.4
PING 192.168.1.4 (192.168.1.4) 56(84) bytes of data.
64 bytes from 192.168.1.4: icmp_seq=1 ttl=128 time=58.4 ms
64 bytes from 192.168.1.4: icmp_seq=2 ttl=128 time=6.63 ms
64 bytes from 192.168.1.4: icmp_seq=3 ttl=128 time=3.79 ms
--- 192.168.1.4 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 3.794/22.975/58.493/25.141 ms
igor@IgorDellGentoo ~/wxFork/buildGTK2/samples/listctrl $ busybox telnet 192.168.1.4 1433
telnet: can't connect to remote host (192.168.1.4): Connection timed out
IgorDellGentoo dbhandler # tcpdump -ni wlan0 host 192.168.1.4
dropped privs to tcpdump
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on wlan0, link-type EN10MB (Ethernet), capture size 262144 bytes
23:20:02.159167 IP 192.168.1.2.47013 > 192.168.1.4.1433: Flags [S], seq 691635572, win 29200, options [mss 1460,sackOK,TS val 1402552123 ecr 0,nop,wscale 7], length 0
23:20:03.159796 IP 192.168.1.2.47013 > 192.168.1.4.1433: Flags [S], seq 691635572, win 29200, options [mss 1460,sackOK,TS val 1402553124 ecr 0,nop,wscale 7], length 0
23:20:05.163791 IP 192.168.1.2.47013 > 192.168.1.4.1433: Flags [S], seq 691635572, win 29200, options [mss 1460,sackOK,TS val 1402555128 ecr 0,nop,wscale 7], length 0
23:20:07.171775 ARP, Request who-has 192.168.1.4 tell 192.168.1.2, length 28
23:20:07.176715 ARP, Reply 192.168.1.4 is-at ac:b5:7d:e8:72:b7, length 28
23:20:09.171794 IP 192.168.1.2.47013 > 192.168.1.4.1433: Flags [S], seq 691635572, win 29200, options [mss 1460,sackOK,TS val 1402559136 ecr 0,nop,wscale 7], length 0
23:20:17.187794 IP 192.168.1.2.47013 > 192.168.1.4.1433: Flags [S], seq 691635572, win 29200, options [mss 1460,sackOK,TS val 1402567152 ecr 0,nop,wscale 7], length 0
23:20:33.203776 IP 192.168.1.2.47013 > 192.168.1.4.1433: Flags [S], seq 691635572, win 29200, options [mss 1460,sackOK,TS val 1402583168 ecr 0,nop,wscale 7], length 0
23:21:05.267791 IP 192.168.1.2.47013 > 192.168.1.4.1433: Flags [S], seq 691635572, win 29200, options [mss 1460,sackOK,TS val 1402615232 ecr 0,nop,wscale 7], length 0
23:21:10.275756 ARP, Request who-has 192.168.1.4 tell 192.168.1.2, length 28
23:21:10.282680 ARP, Reply 192.168.1.4 is-at ac:b5:7d:e8:72:b7, length 28
23:21:43.253368 IP 192.168.1.4 > 224.0.0.22: igmp v3 report, 1 group record(s)
23:21:45.301655 IP 192.168.1.4 > 224.0.0.22: igmp v3 report, 1 group record(s)
^C
13 packets captured
13 packets received by filter
0 packets dropped by kernel
[/編輯]
答案1
為了讓一切順利,您應該轉送 TCP/UDP 1433 和 1434。
透過建立自訂規則來開啟路由器和防火牆中的這些規則。將連接埠新增至規則清單時,必須指定協定和連接埠號碼。建立連接埠規則時,您可以僅指定 TCP 和 UDP 端口,這足以滿足您的需求。
幾乎:
- 開啟Windows防火牆
- 點選高級設定。系統可能會要求您輸入管理員密碼或確認您的存取權限。
- 在“進階安全性 Windows 防火牆”對話方塊的左窗格中,按一下“入站規則”,然後在右窗格中點擊或按一下“新規則”。
- 按照螢幕上的指示添加我指定的連接埠之一,並對其他連接埠重複此操作。
對於科摩多:
防火牆->進階->網路安全策略->全域規則。選擇“新增”,然後為每個連接埠新增規則:
行動:允許
協議:TCP
方向:進/出
來源位址:任意
目的地地址:任意
來源連接埠:任意
目的連接埠:1433
對所有人重複。