No internet connections but Google

Had a little weird problem today: my Thunderbird could not connect to it’s mailservers, despite their connect data was correctly set. Googling for a resolution showed me the results of my search, but none of them was reachable. Also ping requests to those hosts were unsuccessful because the system was unable to resolve the host-names via DNS. This applied to all my google-searches: no destination was ever reachable. On my other box all was fine: mailservers reachable and full access to all resources on internet.

Analyzing my net-config with “ipconfig /all” (this is a Windows-box) brought up, that my box had no IPv4-address set – just an IPv6 one. Also “Standardgateway” and “DNS-Server” were just set for IPv6 (IPv4 was blank).
Knowing that Facebook uses IPv6 too, I tried to connect to them: worked. So, all connects to IPv6-capable hosts where OK, while all IPv4 hosts were unreachable.

My router was set to hand out IP-addresses via DHCP. I have no clue why this got stuck. Maybe a restart of the whole equipment would have helped, but I decided to fix this problem by giving my box a static IP-address beyond the DHCP-range of my router. Also I set the known IP-address of my router for standardgateway and DNS-server manually. This cured the problem and full acces to internet was regained.

Advertisements

Windows: Enable/Disable your LAN or Firewall on Shell

In the distant past, when I still used ZoneAlarm’s desktop firewall, I got used to have a big, red emergency-button to cut off internet-access with one single click. This came in handy from time to time when I suspected strange things happening in the background or when I wanted to use or test a program I suspected to secretly send data home. In the old days of Windows XP the disabling of the network adapter could have also be done with two simple clicks via the tray-symbol. But from Windows 7 on we no longer have a straigth and short path to nearly instantly cut off internet-access. I grumbled upon this matter time and again but never was in the mood to seek for a resolution. Until now. Here are four short commands for the purpose to disable/enable your network-adapter or Windows-Firewall (run them as Admin!). The latter can be useful in cases we just want to cut internet-access but still have access to our local network. The first one completely deactivates our LAN-Adapter.

Disable LAN-Adapter:

netsh interface set interface "Local Area Connection" disabled

Enable LAN-Adapter:

netsh interface set interface "Local Area Connection" enable

Disable Windows-Firewall:

netsh advfirewall set currentprofile firewallpolicy blockinbound,blockoutbound

Enable Windows-Firewall:

netsh advfirewall set currentprofile firewallpolicy blockinbound,allowoutbound

For (de)activating the LAN-Adapter we have to find the exact internal name of our interface (above it’s the string “Local Area Connection”). We do this on the command-line (shell). To get on the shell we hit the keys “WINDOWS + R”, type “cmd” in the dialog-box and hit enter. On the shell we type this line:

netsh interface show interface

After hitting enter we get the name of our interface to paste in the first two commands above as a replacement for the string “Local Area Connection”. Mind to enclose the interface-name with quotes if it contains blanks. We can create a batch-script-file for every of the four commands, store them on desktop and this way have made our own “internet-off-emergeny-buttons”. Just mind to right-click the batch-files and execute them “as Admin” cause otherwise you will get a confusing error-message.

Windows: Starting applications with admin-privileges

Usually you shouldn’t do your daily work under an admin-account for security reasons. But from time to time you will have the need to run a certain application or command with administrative privileges.
To keep you from the hassle of switching between your normal- and admin-account you can use the “RUNAS”-command on the command line:

runas /user:johndoe_admin "C:\path\to\your\adminrights_needing_tool.cmd"

After “/user:” you have to enter the name of your admin-account. Press ENTER and you will be prompted for the password of that account. After that the called program will be started and executed with admin-privileges until you terminate it.

It may be helpful to have a Windows command-shell that is already started with admin-rights, so that every command executed under that shell is “admin” too. You can create a link for the following command to get that shell:

runas /user:johndoe_admin "cmd /T:E0"

The parameter “/T:E0” sets the background-color of that shell to yellow so that you can easily distinguish it from your normal shells and are aware of the excessive rights bound to that shell.

It could be the fact that you are not able to start the explorer.exe with admin-rights. This as annoying when you must set some directory or file permissions or have to use the control panel. The solution for this is to create a link to the Internet Explorer (iexplore.exe):

runas /user:johndoe_admin "c:\Program Files\Internet Explorer\IEXPLORE.EXE -e c:"

This command opens the IE with admin-rights, points it to drive “C:” and makes it behave just like the normal file-explorer. As here is no way to make this “admin-explorer” look differently, you should be careful and close it as soon as you no longer need it.