@echo off chcp 65001 >nul setlocal enabledelayedexpansion :: 检查管理员权限 net session >nul 2>&1 if %ERRORLEVEL% neq 0 ( echo [错误] 请右键以管理员身份运行此脚本! pause exit /b 1 ) set "RULE_NAME=IP黑名单" set "LIST_FILE=%~dp0blacklist.txt" :: 检查黑名单文件是否存在 if not exist "%LIST_FILE%" ( echo [错误] 未找到 %LIST_FILE% echo 请在同目录下创建 blacklist.txt,每行一个IP pause exit /b 1 ) :: 读取IP列表,拼成逗号分隔 set "IPLIST=" set "COUNT=0" for /f "usebackq tokens=*" %%i in ("%LIST_FILE%") do ( set "line=%%i" :: 跳过空行 if not "!line!"=="" ( :: 跳过#注释行 if not "!line:~0,1!"=="#" ( if defined IPLIST ( set "IPLIST=!IPLIST!,!line!" ) else ( set "IPLIST=!line!" ) set /a COUNT+=1 ) ) ) if not defined IPLIST ( echo [错误] blacklist.txt 中没有有效的IP地址 pause exit /b 1 ) echo ======================================== echo Windows 防火墙 IP 黑名单批量设置 echo ======================================== echo. echo 规则名称: %RULE_NAME% echo IP 数量: %COUNT% echo. :: 如果规则已存在,先删除 netsh advfirewall firewall show rule name="%RULE_NAME%" >nul 2>&1 if %ERRORLEVEL% equ 0 ( echo [1/2] 规则已存在,正在删除旧规则... netsh advfirewall firewall delete rule name="%RULE_NAME%" >nul 2>&1 if !ERRORLEVEL! equ 0 ( echo 旧规则已删除 ) else ( echo [警告] 旧规则删除失败 ) ) else ( echo [1/2] 规则不存在,跳过删除 ) :: 创建新规则 echo. echo [2/2] 正在创建新规则... netsh advfirewall firewall add rule name="%RULE_NAME%" dir=in action=block remoteip=%IPLIST% protocol=any profile=any if %ERRORLEVEL% equ 0 ( echo. echo ======================================== echo 封禁成功!共封禁 %COUNT% 个IP echo ======================================== ) else ( echo. echo [错误] 规则创建失败! echo 可能原因:IP数量过多,请分批添加(每批建议不超过500个) ) echo. pause