Block multiple programs through Windows Firewall - 1 Click

Discussion in 'Scripting' started by Mr.X, Feb 25, 2016.

  1. Mr.X

    Mr.X MDL Guru

    Jul 14, 2013
    8,575
    15,646
    270
    #1 Mr.X, Feb 25, 2016
    Last edited by a moderator: Apr 20, 2017
    I found this script on a web forum, when I was looking for an easy way to add every executable in a folder to a firewall rule. This is tested for Windows 7 and Windows 8, and running the script inside a folder will automatically block outgoing Internet access for every program inside the folder. The script creates a separate rule for every program.

    Code:
    @echo off
REM      BATCH FILE CREATED BY CHARLES DE HAVILLAND 10/09/2015
REM https://sites.google.com/site/mytools4000/home/allow-block-multiple-programs-through-windows-7-firewall
cls
net session >nul 2>&1
    if %errorLevel% == 0 (
        echo.
    ) else (
        GOTO :NOPERM
    )
SETLOCAL EnableDelayedExpansion
for /F "tokens=1,2 delims=#" %%a in ('"prompt #$H#$E# & echo on & for %%b in (1) do rem"') do (
  set "DEL=%%a"
)
@cd /d "%~dp0"
for %%* in (.) do set RULENAME=%%~nx*
ECHO|set /p ="- Add "
call :ColorText 0a "Block In & Out "
ECHO  Firewall rules for all *.exe ^& *.dll files
ECHO.
ECHO|set /p = "- located at '"
  call :ColorText 0b "%CD%'" 
ECHO  (inc subfolders)
ECHO.
ECHO|set /p = "- creating "
  call :ColorText 1b "%RULENAME%"
ECHO  as the Firewall rule name ?
ECHO.
ECHO.
ECHO.
ECHO Press any key to continue  or  CTRL+C to terminate now ...
pause >nul
cls
Echo.
FOR /r %%G in ("*.exe") Do (@echo %%G
NETSH advfirewall firewall add rule name="%RULENAME%-%%~nxG" dir=in program="%%G" action="block" enable="yes")
FOR /r %%G in ("*.exe") Do (@echo %%G
NETSH advfirewall firewall add rule name="%RULENAME%-%%~nxG" dir=out program="%%G" action="block" enable="yes")
FOR /r %%G in ("*.dll") Do (@echo %%G
NETSH advfirewall firewall add rule name="%RULENAME%-%%~nxG" dir=in program="%%G" action="block" enable="yes")
FOR /r %%G in ("*.dll") Do (@echo %%G
NETSH advfirewall firewall add rule name="%RULENAME%-%%~nxG" dir=out program="%%G" action="block" enable="yes")
Echo.
  call :ColorText 0a "done"
ECHO|set /p =" ... Goodbye"
ECHO.
ECHO.
ECHO Press a key to exit ...
pause >nul
goto :eof


:ColorText
echo off
<nul set /p ".=%DEL%" > "%~2"
findstr /v /a:%1 /R "^$" "%~2" nul
del "%~2" > nul 2>&1
goto :eof


:Finish
Echo.
Echo.
Echo Batch ended...
Goto :END


:NOPERM
ECHO.
ECHO - You must run this file in Administrator mode
ECHO.
ECHO.
ECHO.
ECHO|SET /p ="- Press any key to exit ..."
Pause >NUL
ECHO   goodbye
ECHO.
ECHO.
:END

    https://sites.google.com/site/mytoo...-multiple-programs-through-windows-7-firewall


    1. What do you think?
    2. Is it good enough?
    3. Can it get improved?
    4. Most important could someone write an "UNDO" script to revert its changes? I know one can delete the created rules manually but just asking...