diff --git a/windows_ip_blacklist/start.bat b/windows_ip_blacklist/start.bat new file mode 100644 index 0000000..83477d6 --- /dev/null +++ b/windows_ip_blacklist/start.bat @@ -0,0 +1,88 @@ +@echo off +chcp 65001 >nul +setlocal enabledelayedexpansion + +:: 检查管理员权限 +net session >nul 2>&1 +if %ERRORLEVEL% neq 0 ( + echo [错误] 请右键以管理员身份运行此脚本! + pause + exit /b 1 +) + +set "RULE_NAME=IP黑名单" +set "LIST_FILE=%~dp0blacklist.txt" + +:: 检查黑名单文件是否存在 +if not exist "%LIST_FILE%" ( + echo [错误] 未找到 %LIST_FILE% + echo 请在同目录下创建 blacklist.txt,每行一个IP + pause + exit /b 1 +) + +:: 读取IP列表,拼成逗号分隔 +set "IPLIST=" +set "COUNT=0" +for /f "usebackq tokens=*" %%i in ("%LIST_FILE%") do ( + set "line=%%i" + :: 跳过空行 + if not "!line!"=="" ( + :: 跳过#注释行 + if not "!line:~0,1!"=="#" ( + if defined IPLIST ( + set "IPLIST=!IPLIST!,!line!" + ) else ( + set "IPLIST=!line!" + ) + set /a COUNT+=1 + ) + ) +) + +if not defined IPLIST ( + echo [错误] blacklist.txt 中没有有效的IP地址 + pause + exit /b 1 +) + +echo ======================================== +echo Windows 防火墙 IP 黑名单批量设置 +echo ======================================== +echo. +echo 规则名称: %RULE_NAME% +echo IP 数量: %COUNT% +echo. + +:: 如果规则已存在,先删除 +netsh advfirewall firewall show rule name="%RULE_NAME%" >nul 2>&1 +if %ERRORLEVEL% equ 0 ( + echo [1/2] 规则已存在,正在删除旧规则... + netsh advfirewall firewall delete rule name="%RULE_NAME%" >nul 2>&1 + if !ERRORLEVEL! equ 0 ( + echo 旧规则已删除 + ) else ( + echo [警告] 旧规则删除失败 + ) +) else ( + echo [1/2] 规则不存在,跳过删除 +) + +:: 创建新规则 +echo. +echo [2/2] 正在创建新规则... +netsh advfirewall firewall add rule name="%RULE_NAME%" dir=in action=block remoteip=%IPLIST% protocol=any profile=any + +if %ERRORLEVEL% equ 0 ( + echo. + echo ======================================== + echo 封禁成功!共封禁 %COUNT% 个IP + echo ======================================== +) else ( + echo. + echo [错误] 规则创建失败! + echo 可能原因:IP数量过多,请分批添加(每批建议不超过500个) +) + +echo. +pause \ No newline at end of file