Created
April 4, 2018 20:21
-
-
Save Biswa96/4341e43d7a617ea212790fae8c9a22da to your computer and use it in GitHub Desktop.
Deletes all predefined Firewall rules and delete DNScache service. Then blocks all inbound and outbound traffic and allow system to connect.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @echo off | |
| ::1#Delete DNSCache Service | |
| ::sc.exe stop "Dnscache" | |
| ::sc.exe delete "Dnscache" | |
| reg.exe delete "HKLM\SYSTEM\CurrentControlSet\Services\Dnscache" /F | |
| pause | |
| ::2# | |
| for %%X in ( | |
| "HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Defaults\FirewallPolicy\FirewallRules" | |
| "HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules" | |
| "HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedInterfaces" | |
| "HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices" ) do ( | |
| reg delete %%X /F | |
| ) | |
| set X="HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices" | |
| %~dp0\SetACL.exe -on %X% -ot reg -rec cont_obj -actn setowner -ownr "n:Everyone" | |
| %~dp0\SetACL.exe -on %X% -ot reg -rec cont_obj -actn ace -ace "n:Everyone;p:full" | |
| pause | |
| ::3# | |
| for %%X in ( | |
| Defaults | |
| Parameters ) do ( | |
| for %%Y in ( | |
| DomainProfile | |
| PublicProfile | |
| StandardProfile ) do ( | |
| reg add "HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\%%X\FirewallPolicy\%%Y" /V "DefaultInboundAction" /T REG_DWORD /D "1" /F | |
| reg add "HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\%%X\FirewallPolicy\%%Y" /V "DefaultOutboundAction" /T REG_DWORD /D "1" /F | |
| reg add "HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\%%X\FirewallPolicy\%%Y" /V "DisableNotifications" /T REG_DWORD /D "0" /F | |
| reg add "HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\%%X\FirewallPolicy\%%Y" /V "DisableUnicastResponsesToMulticastBroadcast" /T REG_DWORD /D "1" /F | |
| reg add "HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\%%X\FirewallPolicy\%%Y" /V "EnableFirewall" /T REG_DWORD /D "1" /F | |
| reg delete "HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\%%X\FirewallPolicy\%%Y\Logging" /F | |
| ) | |
| ) | |
| netsh advfirewall set allprofiles firewallpolicy blockinbound,blockoutbound | |
| pause | |
| ::4# | |
| ::netsh advfirewall firewall add rule Name=System Program=System Action=allow Dir=Out | |
| Powershell New-NetFirewallRule -DisplayName "~System" -Name "System" -Direction Outbound -Program System -Action Allow | |
| ::END-44# |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
New-NetFirewallRulecmdlet in PowerShell ornetsh advfirewall firewallcommand can be used for that.