比第三版更新如下:
1.黑名單,白名單去重
2.異常處理
@echo off
setlocal enabledelayedexpansion
cd /d %~dp0
goto loop
:loop
set isCClass=false
set num=0
netstat -aon>net.txt
for /f "tokens=*" %%i in (net.txt) do (
set row=%%i
if !num! gtr 1 (
for /f "tokens=1,2,3,4,5* delims= " %%a in ("!row!") do (
set flag=%%a
if "!flag!" equ "TCP" (
set fadd=%%c
for /f "tokens=1,2* delims=:" %%m in ("!fadd!") do (
set addr=%%m
set port=%%n
if not "!addr!"=="127.0.0.1" (
if not "!addr!"=="0.0.0.0" (
if not "!addr!"=="[" (
if not "!addr!"=="*" (
for /f "tokens=1,2* delims=." %%w in ("!addr!") do (
call :ipGPS !addr!
)
)
)
)
)
)
)
)
)
set /a num+=1
)
ping -n 60 127.0>nul
goto loop
:ipGPS
set adr=%1
echo Set objXML = CreateObject("MSXML2.ServerXMLHTTP")>ipFind.vbs
echo Set objFSO = CreateObject("Scripting.FileSystemObject")>>ipFind.vbs
echo objXML.open "GET","https://www.ip-address.org/lookup/ip-locator.php?track=!adr!",false>>ipFind.vbs
echo objXML.send()>>ipFind.vbs
echo Set objFile = objFSO.CreateTextFile("ipFind.txt",true)>>ipFind.vbs
echo objFile.close>>ipFind.vbs
echo Set objTextFile = objFSO.OpenTextFile ("ipFind.txt", 8, True)>>ipFind.vbs
echo objTextFile.WriteLine(objXML.responseText)>>ipFind.vbs
echo objTextFile.Close>>ipFind.vbs
start /wait wscript /b /t:600 ipFind.vbs
set rownumber=1
if exist ipFind.txt (
FOR /F "tokens=*" %%i in (ipFind.txt) do (
if "!rownumber!"=="276" (
FOR /F "tokens=1,2* delims=:" %%a in ("%%i") do (
set group=%%b
FOR /F "tokens=1,2,3* delims= " %%x in ("%%b") do (
if "%%z"=="" (
set char2=%%y
set server=!char2:~0,-6!
) else (
set server=%%y
)
set isLocal=false
if "!server!"=="Telecom" (
set isLocal=true
)
if "!server!"=="Unicom" (
set isLocal=true
)
if "!server!"=="Mobile" (
set isLocal=true
)
if "!server!"=="Telecommunications" (
set isLocal=true
)
if "!server!"=="Communications" (
set isLocal=true
)
if "!server!"=="Cloud" (
set isLocal=true
)
if "!group:~0,-6!"==" Cloudflare" (
set isLocal=true
)
if "!group:~0,-6!"==" Verizon Business" (
set isLocal=true
)
if "!group:~0,-6!"==" Akamai Technologies" (
set isLocal=true
)
if "!group:~0,-6!"==" Aliyun Computing Co." (
set isLocal=true
)
if "!group:~0,-6!"==" Tencent cloud computing" (
set isLocal=true
)
if "!isLocal!"=="true" (
set isBL=false
if exist blacklist.txt (
for /f "tokens=1,2,3* delims= " %%m in (blacklist.txt) do (
set srv=%%m
for /f "tokens=1,2,3,4* delims=:" %%r in ("!srv!") do (
set addrs=%%s:%%t
if "!addrs!"=="!addr!:!port!" (
set isBL=true
)
)
)
)
if "!isBL!"=="false" (
netsh advfirewall firewall add rule name=denyIn-!adr! protocol=tcp dir=in action=block remoteip=!adr! remoteport=!port!
netsh advfirewall firewall add rule name=denyOut-!addr! protocol=tcp dir=out action=block remoteip=!adr! remoteport=!port!
echo ip地址:!addr!:!port! 組織:!group:~0,-6!>>blacklist.txt
echo.>>blacklist.txt
echo.>>blacklist.txt
)
) else (
set isWL=false
if exist whitelist.txt (
for /f "tokens=1,2,3* delims= " %%m in (whitelist.txt) do (
set srv=%%m
for /f "tokens=1,2,3,4* delims=:" %%r in ("!srv!") do (
set addrs=%%s:%%t
if "!addrs!"=="!addr!:!port!" (
set isWL=true
)
)
)
)
if "!isWL!"=="false" (
echo ip地址:!addr!:!port! 組織:!group:~0,-6!>>whitelist.txt
echo.>>whitelist.txt
echo.>>whitelist.txt
)
)
)
)
)
set /A rownumber=rownumber+1
)
)
(全文完)