Port blocking über IP-Sicherheitsrichtlinien

User Rating: 5 / 5

Star ActiveStar ActiveStar ActiveStar ActiveStar Active
 
Details
Category: Batch
Created: Sunday, 01 January 2012 10:25
Last Updated: Friday, 10 November 2017 18:59
Published: Sunday, 01 January 2012 10:25
Written by Frank
Hits: 11101

@ECHO OFF
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: Erstellt am: 26.03.2003 ::
:: durch: Frank ::
:: Version: 1.00 ::
:: Funktion: Port blocking über IP-Sicherheitsrichtlinien::
:: geändert am: 26.03.2003 ::
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: set OS2000=
:: ver |find /i "2000" && set OS2000=yes
:: IF NOT "%OS2000%"=="yes" GOTO :EOL
SET text=Bitte Computernamen eingeben und Return!
SET text2=Bitte den Port eingeben und Return!
::COPY TEXT2POL.DLL %SystemRoot%\system32>NUL
::COPY IPSECUTIL.DLL %SystemRoot%\system32>NUL
::COPY reg.exe %SystemRoot%\system32>NUL
::COPY ipseccmd.exe %SystemRoot%\system32>NUL
cls
ECHO ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ»
ECHO.º º
ECHO.º 1 Aktivate Port blocking º
ECHO.º 2 Deaktivate Port blocking º
ECHO.º 3 Delete Port blocking º
ECHO.º 4 Beenden º
ECHO.º Bitte ausw„hlen º
ECHO ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍͼ
choice /C1234>NUL /N
IF ERRORLEVEL 4 GOTO :EOL
IF ERRORLEVEL 3 GOTO :gone
IF ERRORLEVEL 2 GOTO :off
IF ERRORLEVEL 1 GOTO :on
:on
ECHO. %text%
SET /p pc=
ECHO. %text2%
SET /p port=
:: NET USE \\%pc%\ipc$ password /user:%pc%\administrator>NUL
ipseccmd \\%pc% -w REG -p "Block_TCP_%port%" -r "Block Inbound TCP %port% Rule" -f 0=*:%port%:TCP -n BLOCK -x
ipseccmd \\%pc% -w REG -p "Block_TCP_%port%" -r "Block Inbound UDP %port% Rule" -f 0=*:%port%:UDP -n BLOCK
GOTO :up
:off
ECHO. %text%
SET /p pc=
ECHO. %text2%
SET /p port=
:: NET USE \\%pc%\ipc$ password /user:%pc%\administrator>NUL
ipseccmd \\%pc% -w REG -p "Block_TCP_%port%" -r "Block Inbound UDP %port% Rule" -f 0=*:%port%:UDP -n BLOCK -y
ipseccmd \\%pc% -w REG -p "Block_TCP_%port%" -r "Block Inbound TCP %port% Rule" -f 0=*:%port%:TCP -n BLOCK -y
GOTO :up
:gone
ECHO. %text%
SET /p pc=
ECHO. %text2%
SET /p port=
:: NET USE \\%pc%\ipc$ password /user:%pc%\administrator>NUL
ipseccmd \\%pc% -w REG -p "Block_TCP_%port%" -r "Block Inbound UDP %port% Rule" -f 0=*:%port%:UDP -n BLOCK -y
ipseccmd \\%pc% -w REG -p "Block_TCP_%port%" -r "Block Inbound TCP %port% Rule" -f 0=*:%port%:TCP -n BLOCK -y
ipseccmd \\%pc% -w REG -p "Block_TCP_%port%" -r "Block Inbound UDP %port% Rule" -f 0=*:%port%:UDP -n BLOCK -o
ipseccmd \\%pc% -w REG -p "Block_TCP_%port%" -r "Block Inbound TCP %port% Rule" -f 0=*:%port%:TCP -n BLOCK -o
:up
:: GPUpdate /target:Computer /Force>NUL 2>NUL
:: Secedit wurde bei 2003/XP durch GPUpdate ersetzt! Remoteausführung nicht möglich.
:: SECEDIT /REFRESHPOLICY MACHINE_POLICY /ENFORCE>NUL
:: SECEDIT /REFRESHPOLICY USER_POLICY /ENFORCE>NUL
:EOL
:: NET USE \\%pc%\ipc$ /d>NUL