0

I didn't make it. https://lifestream.kr/90 (Original address)

It's made by someone else.

I was going to write this.

But it doesn't work because of an error.

I am a Windows 11 user.

Set-ExecutionPolicy RemoteSigned

I entered as follows

d:

.\test.ps1

#############Config#################
$countryCode="KP" #차단할 나라의 CountryCode
#$geoIPcvsPath="d:\GeoIPCountryWhois.csv"
$geoIPcvsPath="\GeoIPCountryWhois.csv"
$ruleName="blockCountry"
#############Config#################
 
 
$geoData=Import-Csv $geoIPcvsPath -header sIP, eIP, start, end, cc, cn |  where-object {$_.cc –eq $countryCode}
$geoDataTotal=$geoData.Count
$remoteIP=""
 
 
######  룰이 있는 지 체크 ########
function ruleExistsChk ($ruleName)
{
    $fw=New-object -comObject HNetCfg.FwPolicy2; # http://blogs.technet.com/b/jamesone/archive/2009/02/18/how-to-manage-the-windows-firewall-settings-with-powershell.aspx
    $RuleCHK=$fw.rules | where-object {$_.name –eq $ruleName}
    if(!$RuleCHK){
    #$deny_rule_name + " 룰이 생성되어 있지 않습니다."; exit;
    netsh advfirewall firewall add rule name="$ruleName" localip=any dir=in action=block profile="any" interfacetype="any"
    }
}
######  룰이 있는 지 체크 ########
 
 
$count=1
foreach ($geoIP in $geoData)
{
    #$remoteIP+=@($geoIP.sIP+"-"+$geoIP.eIP+",") #배열로 저장.
     $remoteIP+=$geoIP.sIP+"-"+$geoIP.eIP+","
      
     #remoteAddr가 한개의 룰에 약 300개 이상이면 등록이 안됨. 안전하게 200으로 설정.
    if(($count%200) -eq 0)
    {
        $makeRuleName=$ruleName+$countryCode+$count
        ruleExistsChk($makeRuleName)
        netsh advfirewall firewall set rule name=$makeRuleName new remoteip="$remoteIP"
        $remoteIP=""
    }elseif($geoDataTotal -eq $count){
        $makeRuleName=$ruleName+$countryCode+$count
        ruleExistsChk($makeRuleName)
        netsh advfirewall firewall set rule name=$makeRuleName new remoteip="$remoteIP"
        $remoteIP=""
    }
 
     $count++
 
}

error png

https://i.stack.imgur.com/2w8ar.png

What's the problem?

Help me.

It's blocking the Chinese ip.

Or blocking North Korea's IP. My goal.

Thank you.

https://download.ip2location.com/lite/

IP2LOCATION-LITE-DB1.CSV.ZIP

IP2LOCATION-LITE-DB1.CSV to rename GeoIPCountryWhois.csv

original file GeoIPCountryWhois.csv

"1.0.0.0","1.0.0.255","16777216","16777471","AU","Australia"
"1.0.1.0","1.0.3.255","16777472","16778239","CN","China"
"1.0.4.0","1.0.7.255","16778240","16779263","AU","Australia"
"1.0.8.0","1.0.15.255","16779264","16781311","CN","China"

.

Free version file IP2LOCATION-LITE-DB1.CSV

"0","16777215","-","-"
"16777216","16777471","US","United States of America"
"16777472","16778239","CN","China"
"16778240","16779263","AU","Australia"
"16779264","16781311","CN","China"
"16781312","16785407","JP","Japan"

So I can't apply the new file

krdondon
  • 35
  • 4
  • The `-eq` operator in your script is prefixed with `–` (EN DASH, [`U+2013`](http://www.fileformat.info/info/unicode/char/2013)) character instead of the usual ASCII-range  `-` (HYPHEN-MINUS, [`U+002D`](http://www.fileformat.info/info/unicode/char/2d)). That in itself is _not_ a problem, but because it looks like your UTF-8-encoded script file _lacks a BOM_, it is misinterpreted by _Windows PowerShell_. The solution is to save your script file as UTF-8 _with BOM_; see the linked duplicate for details. – mklement0 Jun 02 '22 at 14:19
  • Thanks, it works great. my additional questions. `$countryCode="RU,CN,KP" #` Can't I enter multiple countries at the same time? – krdondon Jun 02 '22 at 15:53
  • `$countryCode="RU,CN,KP"` creates a _single string_, whereas `$countryCode="RU", "CN", "KP"` creates an _array_ of strings - but you need to handle the latter accordingly, such as by using `-in` instead of `-eq`; e.g. `'RU' -in $countryCode` If you have further questions, I suggest you create a _new_ question post. – mklement0 Jun 02 '22 at 15:58
  • I have another concern. This is to use the file 'IP2LOCATION-LITE-DB1.CSV'. The file 'GeoIPCountryWhois.csv' is outdated. – krdondon Jun 02 '22 at 23:48
  • And it was paid. So a new version is not available now. However, the problem is that the file 'IP2LOCATION-LITE-DB1.CSV' is a little different, so it is not recognized by the command above. – krdondon Jun 02 '22 at 23:48
  • I modified my question At the bottom... about the different files. – krdondon Jun 02 '22 at 23:56
  • Again, please create a _new_ question post for follow-up questions. – mklement0 Jun 03 '22 at 01:22

0 Answers0