问题
I got the following bit of code for a .REG file that adds "Add to Firewall" to the context menu on right clicking on a .EXE file. It simply creates an Outbound Rule in the windows firewall for that specific file you had selected instead of doing it manually.
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\exefile\shell]
[HKEY_CLASSES_ROOT\exefile\shell\Add To Firewall]
[HKEY_CLASSES_ROOT\exefile\shell\Add To Firewall\command]
@="netsh advfirewall firewall add rule name=\"%1\" dir=out action=block program=\"%1\""
http://oi46.tinypic.com/2rgnxaf.jpg
My problem is that the following syntax name=\"%1\" gives the full directory (C:\New folder\test.exe) as name in the windows firewall instead of just a simple test.exe
Another feature i´m seeking is adding it all to a shift right mouse-click instead of a normal right click, cause i really don't use the feature that often so i wana see it everytime i right click on a .EXE
PS. Run the following to remove it from the context menu again.
Windows Registry Editor Version 5.00
[-HKEY_CLASSES_ROOT\exefile\shell\Add To Firewall]
Hope to hear from someone, and in advance a big thanks from here ;)
回答1:
The following will do exactly what you're asking, but it requires that you have UAC disabled. Without creating a script file or using third party tools, or alternatively overwriting the runas key, I don't think you would be able to create a UAC prompt.
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\exefile\shell\firewallblock]
@="Add to Firewall" ; String to be displayed in context menu
"HasLUAShield"="" ; Adds UAC shield icon to the left of the command
"Extended"="" ; Requires shift to be held when right-clicking
[HKEY_CLASSES_ROOT\exefile\shell\firewallblock\command]
@="cmd.exe /s /c for %%a in (\"%1\") do netsh advfirewall firewall add rule name=\"%%~na\" dir=out action=block program=\"%%~nxa\""
To elaborate, I use the FOR command not because of its looping functionality but because it gives me access to parameter extensions. I modify %%a (which we'll say has a value of x:\fully\qualified\path\filename.exe) with %%~nxa to use filename.exe and %%~na to use filename.
As for the UAC stuff, I'd just use one of those third party tools I mentioned above and change the command accordingly, e.g.:
@="elevate.exe -c for %%a in (\"%1\") do netsh advfirewall firewall add rule name=\"%%~na\" dir=out action=block program=\"%%~nxa\""
Hope it helps!
来源:https://stackoverflow.com/questions/15606180/block-exe-in-windows-firewall-with-context-menu