白名单模式的监听并自添加防火墙批处理FOR WIN10

时光总嘲笑我的痴心妄想 提交于 2020-02-27 13:36:58

使用方法:
1.保存为后缀名bat
2.管理员运行
3.白名单模式
4.黑名单加入白名单要1.停止程序2.netsh advfirewall firewall delete rule name=all 3.程序中加入if not xxx

@echo off
setlocal enabledelayedexpansion
cd /d %~dp0
goto loop 
:loop
set isCClass=false
set num=0
netstat -aon>net.txt
for /f "tokens=*" %%i in (net.txt) do (
set row=%%i
if !num! gtr 1 (
for /f "tokens=1,2,3,4,5* delims= " %%a in ("!row!") do (
set flag=%%a
if "!flag!" equ "TCP" (
set fadd=%%c
for /f "tokens=1,2* delims=:" %%m in ("!fadd!") do (
set addr=%%m
set port=%%n
if not "!addr!"=="127.0.0.1" (
if not "!addr!"=="0.0.0.0" (
if not "!addr!"=="[" (
if not "!addr!"=="*" (
for /f "tokens=1,2* delims=." %%w in ("!addr!") do (
call :ipGPS !addr!
)
)
)
)
)
)
)
)
)
set /a num+=1
)
ping -n 60 127.0>nul
goto loop
:ipGPS
set adr=%1
echo Set objXML = CreateObject("MSXML2.ServerXMLHTTP")>ipFind.vbs
echo Set objFSO = CreateObject("Scripting.FileSystemObject")>>ipFind.vbs
echo objXML.open "GET","https://www.ip-address.org/lookup/ip-locator.php?track=!adr!",false>>ipFind.vbs
echo objXML.send()>>ipFind.vbs
echo Set objFile = objFSO.CreateTextFile("ipFind.txt",true)>>ipFind.vbs
echo objFile.close>>ipFind.vbs
echo Set objTextFile = objFSO.OpenTextFile ("ipFind.txt", 8, True)>>ipFind.vbs
echo objTextFile.WriteLine(objXML.responseText)>>ipFind.vbs
echo objTextFile.Close>>ipFind.vbs
start /wait wscript /b /t:600 ipFind.vbs
set rownumber=1
if exist ipFind.txt (
FOR /F "tokens=*" %%i in (ipFind.txt) do (
if "!rownumber!"=="276" (
FOR /F "tokens=1,2* delims=:" %%a in ("%%i") do (
set group=%%b
FOR /F "tokens=1,2,3* delims= " %%x in ("%%b") do (
if "%%z"=="" (
set char2=%%y
set server=!char2:~0,-6!
) else (
set server=%%y
)
set isLocal=false
if not "!group:~1,-6!"=="Microsoft Corporation" (
if not "!group:~1,-6!"=="China Telecom Nanjing IDC network" (
if not "!group:~1,-6!"=="Cloudflare" (
if not "!group:~1,-6!"=="Hangzhou Alibaba Advertising Co.,Ltd." (
if not "!group:~1,-6!"=="ChangZhou Bitcomm Software Technology Co., Limited" (
if not "!group:~1,-6!"=="" (
set isLocal=true
)
)
)
)
)
)
if "!isLocal!"=="true" (
set isBL=false
if exist blacklist.txt (
for /f "tokens=1,2,3* delims= " %%m in (blacklist.txt) do (
set srv=%%m
for /f "tokens=1,2,3,4* delims=:" %%r in ("!srv!") do (
set addrs=%%s:%%t
if "!addrs!"=="!addr!:!port!" (
set isBL=true
)
)
)
)
if "!isBL!"=="false" (
netsh advfirewall firewall add rule name=denyIn-!adr! protocol=tcp dir=in action=block remoteip=!adr! remoteport=!port!
netsh advfirewall firewall add rule name=denyOut-!addr! protocol=tcp dir=out action=block remoteip=!adr! remoteport=!port!
echo ip地址:!addr!:!port!  组织:!group:~0,-6!>>blacklist.txt
echo.>>blacklist.txt
echo.>>blacklist.txt
)
) else (
set isWL=false
if exist whitelist.txt (
for /f "tokens=1,2,3* delims= " %%m in (whitelist.txt) do (
set srv=%%m
for /f "tokens=1,2,3,4* delims=:" %%r in ("!srv!") do (
set addrs=%%s:%%t
if "!addrs!"=="!addr!:!port!" (
set isWL=true
)
)
)
)
if "!isWL!"=="false" (
echo ip地址:!addr!:!port!  组织:!group:~0,-6!>>whitelist.txt
echo.>>whitelist.txt
echo.>>whitelist.txt
)
)
)
)
)
set /A rownumber=rownumber+1
)
)
标签
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!