IPProtectionLevel IPProtectionLevel IPProtectionLevel IPProtectionLevel Enum

定义

一个可用于将 IPv6 套接字限制为一个指定范围的值,例如限制为具有相同的链接本地或站点本地前缀的地址。A value that enables restriction of an IPv6 socket to a specified scope, such as addresses with the same link local or site local prefix.

public enum class IPProtectionLevel
public enum IPProtectionLevel
type IPProtectionLevel = 
Public Enum IPProtectionLevel
继承
IPProtectionLevelIPProtectionLevelIPProtectionLevelIPProtectionLevel

字段

EdgeRestricted EdgeRestricted EdgeRestricted EdgeRestricted 20

IP 保护级别是“边缘受限的”。The IP protection level is edge restricted. 此值应由设计为在 Internet 上运行的应用程序使用。This value would be used by applications designed to operate across the Internet. 此设置不允许使用 Windows Teredo 实现的网络地址转换 (NAT) 遍历。This setting does not allow Network Address Translation (NAT) traversal using the Windows Teredo implementation. 这些应用程序可能会绕过 IPv4 防火墙,因此,必须加强应用程序的安全性以防范针对开放端口的 Internet 攻击。These applications may bypass IPv4 firewalls, so applications must be hardened against Internet attacks directed at the opened port. 在 Windows Server 2003 和 Windows XP 中,针对套接字的 IP 保护级别的默认值是“边缘受限的”。On Windows Server 2003 and Windows XP, the default value for the IP Protection level on a socket is edge restricted.

Restricted Restricted Restricted Restricted 30

IP 保护级别是“受限的”。The IP protection level is restricted. 此值应由未实现 Internet 方案的 Intranet 应用程序使用。This value would be used by intranet applications that do not implement Internet scenarios. 一般情况下,不会针对 Internet 样式的攻击来对这些应用程序进行测试或加强安全性。These applications are generally not tested or hardened against Internet-style attacks. 此设置将限制仅接收链接本地的通信。This setting will limit the received traffic to link-local only.

Unrestricted Unrestricted Unrestricted Unrestricted 10

IP 保护级别是“不受限的”。The IP protection level is unrestricted. 此值应由设计为在 Internet 上运行的应用程序使用,包括利用 Windows 中内置的 IPv6 NAT 遍历功能(例如,Teredo)的应用程序。This value would be used by applications designed to operate across the Internet, including applications taking advantage of IPv6 NAT traversal capabilities built into Windows (Teredo, for example). 这些应用程序可能会绕过 IPv4 防火墙,因此,必须加强应用程序的安全性以防范针对开放端口的 Internet 攻击。These applications may bypass IPv4 firewalls, so applications must be hardened against Internet attacks directed at the opened port. 在 Windows Server 2008 R2 和 Windows Vista 中,针对套接字的 IP 保护级别的默认值是“不受限的”。On Windows Server 2008 R2 and Windows Vista, the default value for the IP Protection level on a socket is unrestricted.

Unspecified Unspecified Unspecified Unspecified -1

IP 保护级别是“未指定的”。The IP protection level is unspecified. 在 Windows 7 和 Windows Server 2008 R2 中,针对套接字的 IP 保护级别的默认值是“未指定的”。On Windows 7 and Windows Server 2008 R2, the default value for the IP Protection level on a socket is unspecified.

注解

此选项使应用程序可以限制对 IPv6 套接字的访问权限。This option enables applications to place access restrictions on IPv6 sockets. 通过应用此类限制,可让在专用局域网上运行的应用程序能够通过简单的方式很好地增强自身的安全性,以便防范外部攻击。Such restrictions enable an application running on a private LAN to simply and robustly harden itself against external attacks. 此套接字选项可以扩大或缩小侦听套接字的范围,从而使得公共用户和私人用户可以在适当情况下对站点进行无限制的访问,或者可以根据需要对同一站点进行有限制的访问。This socket option widens or narrows the scope of a listening socket, enabling unrestricted access from public and private users when appropriate, or restricting access only to the same site, as required.

适用于

另请参阅