IIS过滤IP管理VBS脚本
为保证IIS安全或限制某些IP访问站点,需要在IIS安全性里设置过滤IP地址,为了方便命令行操作,参照网上的脚本写了一个:)[code]Dim IisW3Svc, SiteServers, SiteIdLists
SiteServers = "WebSite Listing:" & vbCrLf
SiteIdLists = "|"
On Error Resume Next
Set IisW3Svc = GetObject("IIS://LocalHost/W3SVC")
If Err.Number = 0 Then
For Each WebSrvr in IisW3Svc
If IsNumeric(WebSrvr.Name) Then
SiteIdLists = SiteIdLists & WebSrvr.Name & "|"
SiteServers = SiteServers & WebSrvr.ServerComment & "(SiteId:" & WebSrvr.Name & ", IpBinding:" & Join(WebSrvr.ServerBindings(0),"") & ")" & vbCrLf
End If
Next
Else
WScript.Echo "The IIS cannot access!"
WScript.Quit(-1)
End If
On Error Goto 0
If WScript.Arguments.Count = 0 Then
WScript.Echo SiteServers
End If
If WScript.Arguments.Count <> 2 Then
WScript.Echo "Usage: cscript " & WScript.ScriptName & " <SiteId> [*|+|-]<NewIp>"
WScript.Quit(1)
End If
Dim SiteId, NewIp, Action, reIPv4
SiteId = WScript.Arguments(0)
NewIp = WScript.Arguments(1)
If InStr(SiteIdLists, "|" & SiteId & "|") = 0 Then
WScript.Echo "The <SiteId> is NOT valid!"
WScript.Quit(2)
End If
If Left(NewIp, 1) = "*" Then
Action = "List"
ElseIf Left(NewIp, 1) = "-" Then
Action = "Del"
Else
Action = "Add"
End If
If Action <> "List" Then
If Left(NewIp, 1) = "+" Or Left(NewIp, 1) = "-" Then
NewIp = Mid(NewIp, 2)
End If
Set reIPv4 = New regExp
reIPv4.Pattern = "^((25[0-5]|2[0-4]\d|1?\d?\d)\.){3}(25[0-5]|2[0-4]\d|1?\d?\d)$"
If reIPv4.Test(NewIp) = 0 Then
WScript.Echo "The <NewIp> is NOT valid!"
WScript.Quit(2)
Else
NewIp = NewIp & ", 255.255.255.255"
End If
End If
Dim IisSecObj, IisIpSec
On Error Resume Next
Set IisSecObj = GetObject("IIS://LocalHost/W3SVC/" & SiteId & "/ROOT")
If Err.Number = 0 Then
Set IisIpSec = IisSecObj.IPSecurity
Else
WScript.Echo "SiteId is WRONG!"
WScript.Quit(-1)
End If
On Error Goto 0
Dim IpLists
If IisIpSec.GrantByDefault Then
IpLists = IisIpSec.IPDeny
Else
IpLists = IisIpSec.IPGrant
End If
If Action = "List" Then
If IisIpSec.GrantByDefault Then
WScript.Echo "Default Grant access" & vbCrLf & Replace(Join(IpLists, vbCrLf), ", 255.255.255.255", "")
Else
WScript.Echo "Default Deny access" & vbCrLf & Replace(Join(IpLists, vbCrLf), ", 255.255.255.255", "")
End If
WScript.Quit(0)
End If
IpLists = "|" & Join(IpLists, "|")
If Action = "Add" Then
If InStr(IpLists, NewIp) = 0 Then
IpLists = IpLists & "|" & NewIp
Else
WScript.Echo "Ip address " & Replace(NewIp, ", 255.255.255.255", "") & " is exist!"
WScript.Quit(3)
End If
End If
If Action = "Del" Then
If InStr(IpLists, NewIp) > 0 Then
IpLists = Replace(IpLists, "|" & NewIp, "")
Else
WScript.Echo "Ip address " & Replace(NewIp, ", 255.255.255.255", "") & " is not exist!"
WScript.Quit(3)
End If
End If
IpLists = Split(Mid(IpLists, 2), "|")
If IisIpSec.GrantByDefault Then
IisIpSec.IPDeny = IpLists
Else
IisIpSec.IPGrant = IpLists
End If
On Error Resume Next
IisSecObj.IPSecurity = IisIpSec
If Err.Number = 0 Then
IisSecObj.SetInfo
If Action = "Add" Then
WScript.Echo "Ip address " & Replace(NewIp, ", 255.255.255.255", "") & " is added!"
Else
WScript.Echo "Ip address " & Replace(NewIp, ", 255.255.255.255", "") & " is deleted!"
End If
WScript.Quit(0)
Else
WScript.Echo "NewIp is WRONG!"
WScript.Quit(-1)
End If[/code]
页:
[1]