我创建了以下脚本,基本上是为了完全阻止所有内容并仅允许我想要的内容通过,但是它不允许我喜欢的内容通过互联网。有人能看出我的规则有问题吗?目前它们非常通用。
@ECHO OFF
ECHO ========================================= Brendan Thompson - Firewall Policy - v1.0 =========================================
ECHO ----------------------------------------- Removing All Firewall Rules -----------------------------------------
ECHO Deleting all Incoming Firewall Rules
netsh advfirewall firewall delete rule name=all dir=in profile=any
ECHO Deleting all Outgoing Firewall Rules
netsh advfirewall firewall delete rule name=all dir=out profile=any
ECHO Delete all Remaining Firewall Rules
netsh advfirewall firewall delete rule name=all
ECHO ----------------------------------------- Initial Profile Setup -----------------------------------------
ECHO Block all Incoming and Outgoing Traffic on Domain Profile
netsh advfirewall set domainprofile firewallpolicy blockinbound,blockoutbound
ECHO Block all Incoming and Outgoing Traffic on Private Profile
netsh advfirewall set privateprofile firewallpolicy blockinbound,blockoutbound
ECHO Block all Incoming and Outgoing Traffic on Public Profile
netsh advfirewall set publicprofile firewallpolicy blockinbound,blockoutbound
ECHO ----------------------------------------- Domain and Private Profile - Incoming Application Exceptions -----------------------------------------
netsh advfirewall firewall add rule name="APP - BROWSER - Internet Explorer" dir=in action=allow profile=domain,private program="C:\Program Files\Internet Explorer\iexplore.exe"
ECHO ----------------------------------------- Domain and Private Profile - Outgoing Application Exceptions -----------------------------------------
netsh advfirewall firewall add rule name="APP - BROWSER - Internet Explorer" dir=out action=allow profile=domain,private program="C:\Program Files\Internet Explorer\iexplore.exe"
ECHO ----------------------------------------- Domain and Private Profile - Incoming Port Exceptions -----------------------------------------
netsh advfirewall firewall add rule name="PORT - GENERAL - HTTP (80) - TCP" dir=in action=allow protocol=TCP localport=80
netsh advfirewall firewall add rule name="PORT - GENERAL - HTTP (80) - UDP" dir=in action=allow protocol=UDP localport=80
ECHO ----------------------------------------- Domain and Private Profile - Outgoing Port Exceptions -----------------------------------------
netsh advfirewall firewall add rule name="PORT - GENERAL - HTTP (80) - TCP" dir=out action=allow protocol=TCP localport=80
netsh advfirewall firewall add rule name="PORT - GENERAL - HTTP (80) - UDP" dir=out action=allow protocol=UDP localport=80
有什么想法导致我无法浏览网页,到底出了什么问题?:S
--布伦丹
答案1
您的规则错误。对于Incoming Port Exceptions,您必须允许来自端口 的流量80到高端口(1024 - 65535)。
并且Outgoing Port Exceptions,您必须允许来自高端口(1024 - 65535)前往港口80
你的流量看起来像这样
- Begin: You send HTTP request
YourPC(High port) ----> (80)Webserver
- Then : Webserver send HTTP respone
YourPC(High port) <---- (80)Webserver
您的规则不允许这些流量,它只允许流量到您的机器端口 80。
答案2
您需要允许 DNS 出站 (dst udp/53)。我建议在所有配置文件上启用 Windows 防火墙日志记录,并查看日志“c:\windows\system32\logfiles\pfirewall.log”以查看被阻止的内容。
您的出站 IE 规则也需要将“localport”切换为“remoteport”