-
Notifications
You must be signed in to change notification settings - Fork 0
/
firewall.cmd
86 lines (67 loc) · 4.64 KB
/
firewall.cmd
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
@echo off
rem ‚ª«îç¨âì ¢á¥ ¯à®ä¨«¨ ¨ ¯¥à¥ª«îç¨âì ¢ á®áâ®ï¨¥ ¡«®ª¨à®¢ âì ¢á¥
netsh advfirewall set allprofiles state on
netsh advfirewall set allprofiles firewallpolicy blockinbound,blockoutbound
rem netsh advfirewall set allprofiles firewallpolicy blockinbound,allowoutbound
call :firewalladd "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" "Mozilla Firefox"
call :firewalladd "C:\Program Files (x86)\Remote Manipulator System - Host\rutserv.exe" "RMS - Host"
call :firewalladd "C:\Program Files (x86)\Remote Manipulator System - Viewer\rutview.exe" "RMS - Client"
call :firewalladd "C:\Program Files (x86)\rms\rutview.exe" "RMS - View"
call :firewalladd "C:\Program Files (x86)\Synergy\synergyc.exe" "Synergy Client"
call :firewalladd "C:\Program Files (x86)\Synergy\synergys.exe" "Synergy Server"
call :firewalladd "C:\Program Files\Far Manager\Far.exe" "Far Manager"
call :firewalladd "C:\Program Files\OpenVPN\bin\openvpn.exe" "openvpn"
call :firewalladd "C:\Program Files\OpenVPN\bin\openvpnserv.exe" "openvpnserv"
call :firewalladd "C:\Users\user\AppData\Local\Atlassian\SourceTree\git_local\cmd\git.exe"
call :firewalladd "C:\Users\user\AppData\Local\Atlassian\SourceTree\git_local\mingw32\libexec\git-core\git-remote-https.exe"
call :firewalladd "C:\Users\user\AppData\Local\SourceTree\app-2.0.20.1\SourceTree.exe"
call :firewalladd "C:\usr\bin\curl.exe"
call :firewalladd "C:\usr\bin\wget.exe"
call :firewalladd "C:\usr\BTSync\BTSync.exe"
call :firewalladd "C:\usr\putty\plink.exe"
call :firewalladd "C:\usr\putty\pscp.exe"
call :firewalladd "C:\usr\putty\psftp.exe"
call :firewalladd "C:\usr\putty\putty.exe"
call :firewalladd "C:\usr\securecrt\securecrt.exe" "SecureCRT Application"
call :firewalladd "C:\usr\Telegram\Telegram.exe"
call :firewalladd "C:\usr\WebDavMailRuCloud\wdmrc.exe" "WebDavMailRuCloud"
call :firewalladd "C:\usr\xming\xming.exe" "Xming X Server"
call :firewalladd "C:\Windows\System32\mstsc.exe"
call :firewalladd "C:\Windows\System32\nslookup.exe"
call :firewalladd "C:\Windows\System32\PING.EXE"
call :firewalladd "C:\Windows\System32\telnet.exe"
call :firewalladd "C:\Windows\System32\TFTP.EXE"
goto :firewalladdend
:firewalladd
set name=%2
IF NOT DEFINED name (
set name=%~n1
)
echo Deleting rule named %name% from all chains
netsh advfirewall firewall delete rule name=%name%
echo Creating rule named %name% in OUT chain
netsh advfirewall firewall add rule name=%name% dir=out action=allow program=%1 enable=yes profile=any
echo Creating rule named %name% in IN chain
netsh advfirewall firewall add rule name=%name% dir=in action=allow program=%1 enable=yes profile=any
set name=
goto :eof
:firewalladdend
netsh advfirewall firewall delete rule name="Lockalnet"
netsh advfirewall firewall add rule name="Lockalnet" dir=in action=allow profile=any remoteip=localsubnet
netsh advfirewall firewall add rule name="Lockalnet" dir=out action=allow profile=any remoteip=localsubnet
netsh advfirewall firewall delete rule name="KMS"
netsh advfirewall firewall add rule name="KMS" dir=out action=allow protocol=TCP remoteport=1688 enable=yes profile=any
netsh advfirewall firewall delete rule name="WindowsUpdate"
netsh advfirewall firewall add rule name="WindowsUpdate" dir=out action=allow service=wuauserv enable=yes profile=any
netsh advfirewall firewall delete rule name="BITS"
netsh advfirewall firewall add rule name="BITS" dir=out action=allow service=BITS enable=yes profile=any
netsh advfirewall firewall set rule dir=in name="“¤ «¥ë© à ¡®ç¨© á⮫ - RemoteFX (TCP - ¢å®¤ï騩)" new enable=yes
netsh advfirewall firewall set rule dir=in name="„¨áâ 樮®¥ ã¯à ¢«¥¨¥ à ¡®ç¨¬ á⮫®¬ (TCP - ¢å®¤ï騩)" new enable=yes
netsh advfirewall firewall set rule dir=out name="Žá®¢ë á¥â¥© - DNS (UDP - ¨á室ï騩 âà 䨪)" new enable=yes
netsh advfirewall firewall set rule dir=out name="Ž¡é¨© ¤®áâ㯠ª ä ©« ¬ ¨ ¯à¨â¥à ¬ (íå®-§ ¯à®á - ¨á室ï騩 âà 䨪 ICMPv4)" new enable=yes remoteip=any
netsh advfirewall firewall set rule dir=out name="Ž¡é¨© ¤®áâ㯠ª ä ©« ¬ ¨ ¯à¨â¥à ¬ (íå®-§ ¯à®á - ¨á室ï騩 âà 䨪 ICMPv6)" new enable=yes remoteip=any
netsh advfirewall firewall set rule dir=in name="Ž¡é¨© ¤®áâ㯠ª ä ©« ¬ ¨ ¯à¨â¥à ¬ (íå®-§ ¯à®á - ¢å®¤ï騩 âà 䨪 ICMPv4)" new enable=yes remoteip=any
netsh advfirewall firewall set rule dir=in name="Ž¡é¨© ¤®áâ㯠ª ä ©« ¬ ¨ ¯à¨â¥à ¬ (íå®-§ ¯à®á - ¢å®¤ï騩 âà 䨪 ICMPv6)" new enable=yes remoteip=any
netsh advfirewall firewall set rule dir=in name="‘¥âì - íå®-§ ¯à®á (ICMPv6 - ¢å®¤ï騩 âà 䨪)" new enable=yes remoteip=any
netsh advfirewall firewall set rule dir=in name="‘¥âì - íå®-§ ¯à®á (ICMPv4 - ¢å®¤ï騩 âà 䨪)" new enable=yes remoteip=any
:end