2022-06-22

Block an Application from accessing Internet with Windows Firewall

 

$ProgramName = 'ProgramName';
$ProgramPaths = @();
$ProgramPaths += "$env:ProgramFiles\ProgramName";

$BlockIPs = @("1.0.0.0-9.255.255.255", "11.0.0.0-126.255.255.255", "128.0.0.0-172.15.255.255", "172.33.0.0-192.167.255.255", "192.169.0.0-255.255.255.255")

#----------------------------------------------------------

$Remove = New-NetFirewallRule -DisplayName "RemovePrepare" -Group ($ProgramName + 'Block') -Direction Outbound -Program "C:\windows\system32\calc.exe" -Action Block -RemoteAddress $BlockIPs;
Remove-NetFirewallRule -Group ($ProgramName + 'Block') -Confirm:$False;

$ProgramEXEFile = @();
foreach ($ProgramPath in $ProgramPaths) {
$ProgramEXEFile += Get-ChildItem $ProgramPath -Recurse | where {$_.extension -eq ".exe"};
};

$ProgramEXEFile | % {

$FWRuleDesc = $_.FullName;
$FWRuleDesc = $FWRuleDesc.Replace($env:ProgramFiles,"PGFiles");
$FWRuleDesc = $FWRuleDesc.Replace($env:WinDir,"WIN");
$FWRuleDesc = $FWRuleDesc.Replace(" ","");
$FWRuleDesc = $FWRuleDesc.Replace("\","-");
$FWRuleDesc = $FWRuleDesc.Replace(".exe","");
$FWRuleDesc = $FWRuleDesc.Replace("Backup","BAK");

New-NetFirewallRule -DisplayName $FWRuleDesc -Group ($ProgramName + 'Block') -Direction Outbound -Program $_.FullName -Action Block -RemoteAddress $BlockIPs;
}

沒有留言:

張貼留言