win7下使用powershell添加防火墙规则

5i365

在win10下有powershell添加防火墙规则的命令  New-NetFirewallRule

在win7没有, 但我想在win7下用powershll来添加一个简单的防火墙阻止规则, 即, 禁止 火狐浏览器访问互联网 ,就是把这个文件加到防火墙里就了 "C:\Program Files\Mozilla Firefox\firefox.exe" 请求高手支招, 提前感谢!!!

搜索到了下面的代码供参考,它可避免增加重复的防火墙规则

平时, 我是使用下面的一款小工具实现上面的功能的, 但是要下载它, 感觉不方便
https://www.sordum.org/9470/windows-update-blocker-v1-7/

1. 
   
2. $RULENAME1 = 'Domain Controllers'
   
3. $Rule = netsh advfirewall firewall show rule name="$RULENAME1" $nul
   
4. 
   
5. if ("$Rule" -notmatch "No rules match") {
   
6. 
   
7. echo "Rule "$RULENAME1" already exist."
   
8. echo "Hey, you already got a out rule by that name, you cannot put another one in!"
   
9. 
   
10. } else {
    
11. echo Rule "$RULENAME1" not exist. Creating...
    
12. netsh advfirewall firewall add rule name="$RULENAME1" dir=in action=allow remoteip=10.10.10.10
    
13. }
    

复制代码

idwma

netsh advfirewall firewall add rule ?

1. $RULENAME1 = 'Domain Controllers'
   
2. $Rule = netsh advfirewall firewall show rule name="$RULENAME1" $nul
   
3. 
   
4. if ($?) {
   
5. 
   
6. echo "Rule "$RULENAME1" already exist."
   
7. echo "Hey, you already got a out rule by that name, you cannot put another one in!"
   
8. 
   
9. } else {
   
10. echo Rule "$RULENAME1" not exist. Creating...
    
11. netsh advfirewall firewall add rule name="$RULENAME1" dir=out action=block program="C:\Program Files\Mozilla Firefox\firefox.exe"
    
12. }

复制代码

5i365

回复 2# idwma


    感谢大侠帮忙, 刚刚执行试了一下, 显示如下提示, 最后有 确定 2字, 我去防火墙规则看了一下,

出站里面有那个规则名称了, 但是没有出现在 Firewall App Blocker 这个小软件的列表里, 对比了一下, 发现使用这个小工具阻止exe程序后, 实际是在出站和入站里面全部都设置了禁止规则, 则规则名称就是软件的名字, 我估计出站和入站规则都添加后, 应该就出现在  Firewall App Blocker 这个小软件的列表里了

问题来了:
怎样在现在的基础上添加 禁止入站  规则,  
把 dir=out 改为 dir=in ? 能不能在一句里同时设置?

怎样从路径中取程序名? 我用下面的方法, 会有扩展名
$path = "C:\Program Files (x86)\EdrawSoft\MindMaster\MindMaster.exe"
Split-Path $path -Leaf

idwma

回复 3# 5i365

1. 'in','out'|%{netsh advfirewall firewall add rule name="$RULENAME1" dir=$_ action=block program="C:\Program Files\Mozilla Firefox\firefox.exe"}
   
2.     (gi "C:\Program Files (x86)\EdrawSoft\MindMaster\MindMaster.exe").basename

复制代码

5i365

回复 4# idwma


    感谢大侠帮忙完善, 贴出完善后的代码, 供坛友参考:

1. $pp = "C:\Program Files\Mozilla Firefox\firefox.exe"
   
2. 
   
3. $Rule_name = $((gi $pp).basename)
   
4. $Rule = netsh advfirewall firewall show rule name="$Rule_name" $nul
   
5. 
   
6. if ($?)
   
7. {
   
8.         echo "$Rule_name 规则已存在"
   
9. }
   
10. else
    
11. {
    
12.         echo "$Rule_name 规则不存在, 创建中..."
    
13.         'in', 'out' | foreach{ netsh advfirewall firewall add rule name="$Rule_name" dir=$_ action=block program=$pp }
    
14. }
    

复制代码