Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Deletes all predefined Firewall rules and delete DNScache service. Then blocks all inbound and outbound traffic and allow system to connect.
@echo off
::1#Delete DNSCache Service
::sc.exe stop "Dnscache"
::sc.exe delete "Dnscache"
reg.exe delete "HKLM\SYSTEM\CurrentControlSet\Services\Dnscache" /F
pause
::2#
for %%X in (
"HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Defaults\FirewallPolicy\FirewallRules"
"HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules"
"HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedInterfaces"
"HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices" ) do (
reg delete %%X /F
)
set X="HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices"
%~dp0\SetACL.exe -on %X% -ot reg -rec cont_obj -actn setowner -ownr "n:Everyone"
%~dp0\SetACL.exe -on %X% -ot reg -rec cont_obj -actn ace -ace "n:Everyone;p:full"
pause
::3#
for %%X in (
Defaults
Parameters ) do (
for %%Y in (
DomainProfile
PublicProfile
StandardProfile ) do (
reg add "HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\%%X\FirewallPolicy\%%Y" /V "DefaultInboundAction" /T REG_DWORD /D "1" /F
reg add "HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\%%X\FirewallPolicy\%%Y" /V "DefaultOutboundAction" /T REG_DWORD /D "1" /F
reg add "HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\%%X\FirewallPolicy\%%Y" /V "DisableNotifications" /T REG_DWORD /D "0" /F
reg add "HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\%%X\FirewallPolicy\%%Y" /V "DisableUnicastResponsesToMulticastBroadcast" /T REG_DWORD /D "1" /F
reg add "HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\%%X\FirewallPolicy\%%Y" /V "EnableFirewall" /T REG_DWORD /D "1" /F
reg delete "HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\%%X\FirewallPolicy\%%Y\Logging" /F
)
)
netsh advfirewall set allprofiles firewallpolicy blockinbound,blockoutbound
pause
::4#
::netsh advfirewall firewall add rule Name=System Program=System Action=allow Dir=Out
Powershell New-NetFirewallRule -DisplayName "~System" -Name "System" -Direction Outbound -Program System -Action Allow
::END-44#
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.