stackoom
  简体   繁体   中英

Batch script to block IP in windows firewall

 原文  2014-04-15 08:21:28       windows/ security/ batch-file/ ip-address/ windows-firewall

Question

I am creating a batch script to deal with the brute forcing through RDC on my server.

The way I plan on doing this is by making windows run my script when a failed RDC is logged in windows security log. I will add a whitelist to prevent trusted IP addresses from being blocked. It will also log how many times the IP has tried to login, and if it fails more than 5 times in a row, it will be blocked.

Problem is, I don't know how to pass the IP from the logged event to the batch script.

The Windows Server 2008 R2 event viewer has an ability to start a program when a specific event (With a event number) occurs. It has a box for arguments that can be passed onto the program that I can specify (which will be this batch script). However, It does not specify what arguments it can pass on (I want the IP to be passed onto the batch script... that is all).

Any help would be greatly appreciated.

1 answers

solution1
 0  2014-04-15 08:56:00

I managed to fix it myself, using this . I adapted the one he had over to include $(IpAddress) and got it working after a bit of mucking around.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Script to import long list of IP addresses into Windows Firewall? Code block comment syntax in Windows batch script is windows firewall on or off script Anyway to install/uninstall firewall rules with batch script? Block Windows Shutdown with Batch Windows Batch If Block Syntax make a batch script foward an IP Windows batch shift not working in if block Translating batch to script (Windows) Wildcard * in a Windows Batch Script
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM