diff --git a/cleanW10.ps1 b/cleanW10.ps1 index 9717fe9..eea54de 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -26,7 +26,10 @@ function BlockHost { [object]$params ) if ( $params.ContainsKey('file') ) { - Foreach ($line in Get-Content $params.file ){ BlockHost -params @{host=$line;firewall=$params.firewall} } + if ( -not $params.ContainsKey('firewall') -or $params.firewall -eq "" ) { + $params.firewall = $false + } + Get-Content $params.file | where { $_ -notmatch "^#.*$|^$" } | Foreach{ BlockHost -params @{host=$_;firewall=$params.firewall} } } elseif ( $params.ContainsKey('host') -and $params.host -ne "" ) { Write-Host "`n`tBlock host $($params.host) : " @@ -63,14 +66,15 @@ function BlockHostByIP { param( [string]$hostname ) - $resolv = Resolve-DnsName $hostname -ErrorAction SilentlyContinue | select Address,Type | Where { $_.type -match "^A{1,4}$" } + #$resolv = [system.net.Dns]::GetHostAddresses($hostname) | Select IPAddressToString + $resolv = Resolve-DnsName $hostname -ErrorAction SilentlyContinue | Where { $_.type -match "^A{1,4}$" } | select Address $resolv | Foreach { - Write-Host -NoNewLine "`t`t" - if ($_.Address -match $IP4_REGEX ) { Write-Debug "Found a valid IPv4 $($_.Address)" } + Write-Host -NoNewLine "`t" $ip = $_.Address + Write-Debug "Found a valid IP $ip" $rule = Get-NetFirewallAddressFilter | Where-Object { $_.RemoteAddress -eq $ip } | Get-NetFirewallRule if ( $rule ) { - write-host -NoNewLine "FW Rule exist : " + write-host -NoNewLine "`tFW Rule exist : " write-host -ForegroundColor yellow $rule.name } else { @@ -106,10 +110,11 @@ function FwBlockOutputIP { else { $name = $FW_RULE_NAME_PREFIX + "_IP_" + $params.name + "-" + $params.ip } - Write-Host -NoNewline "`tAdd FW IP rule $name ($($params.ip)) : " - if ( Get-NetFirewallRule -Name $name -ErrorAction SilentlyContinue) { - Write-Host -ForegroundColor Yellow "already exist" - return + Write-Host -NoNewline "`tAdd FW IP rule $name ($($params.ip)) : " + $rule = Get-NetFirewallAddressFilter | Where-Object { $_.RemoteAddress -eq $params.ip } | Get-NetFirewallRule + if ( $rule ) { + write-host -NoNewLine " exist : " + write-host -ForegroundColor yellow $rule.name } else { Try { diff --git a/modules.d/BlockHosts/mcafee.txt b/modules.d/BlockHosts/mcafee.txt deleted file mode 100644 index 631f973..0000000 --- a/modules.d/BlockHosts/mcafee.txt +++ /dev/null @@ -1,2 +0,0 @@ -su3.mcafee.com -sm.mcafee.com diff --git a/modules.d/FW_BlockIP/skype-msn.txt b/modules.d/FW_BlockIP/skype-msn.txt index d7e518d..a15ccf7 100644 --- a/modules.d/FW_BlockIP/skype-msn.txt +++ b/modules.d/FW_BlockIP/skype-msn.txt @@ -26,10 +26,4 @@ 157.56.109.8 157.56.123.82 157.56.114.104 -157.56.194.24 -207.46.11.252 -207.46.194.8 -207.46.194.10 -207.46.194.14 -207.46.194.25 -207.46.194.33 \ No newline at end of file +157.56.194.24 \ No newline at end of file diff --git a/modules.d/FW_BlockIP/telemetry.txt b/modules.d/FW_BlockIP/telemetry.txt index b35786f..75cac75 100644 --- a/modules.d/FW_BlockIP/telemetry.txt +++ b/modules.d/FW_BlockIP/telemetry.txt @@ -325,11 +325,6 @@ 204.79.197.213 207.123.34.126 207.123.56.252 -207.46.7.252 -207.46.101.29 -207.46.114.58 -207.46.114.61 -207.46.223.94 207.68.166.254 212.30.134.204 212.30.134.205 @@ -349,7 +344,7 @@ 195.138.255.0-195.138.255.255 213.199.179.0-213.199.179.255 191.232.139.2-191.232.139.255 -=23.55.155.27 +23.55.155.27 23.214.171.90 64.4.11.25 65.52.100.46 @@ -363,4 +358,4 @@ 221.221.112.129 221.221.112.145 221.221.112.160 -221.221.112.203 +221.221.112.203 \ No newline at end of file diff --git a/modules.d/BlockHosts.conf b/modules.d/FW_Hosts.conf similarity index 85% rename from modules.d/BlockHosts.conf rename to modules.d/FW_Hosts.conf index 195bd0f..f65f46a 100644 --- a/modules.d/BlockHosts.conf +++ b/modules.d/FW_Hosts.conf @@ -10,7 +10,7 @@ }, { "action" : "BlockHost", - "file" : "ms-skype-messeger.txt" + "file" : "ms-skype-messenger.txt" } ] } diff --git a/modules.d/BlockHosts/base.txt b/modules.d/FW_Hosts/base.txt similarity index 97% rename from modules.d/BlockHosts/base.txt rename to modules.d/FW_Hosts/base.txt index 7480605..451d401 100644 --- a/modules.d/BlockHosts/base.txt +++ b/modules.d/FW_Hosts/base.txt @@ -29,7 +29,6 @@ a23-67-60-97.deploy.static.akamaitechnologies.com a23-9-123-27.deploy.static.akamaitechnologies.com a569.g.akamai.net activity.windows.com -ad.doubleclick.net ads.msn.com ads.msn.com.nsatc.net ads1.msads.net @@ -66,7 +65,10 @@ e2236.g.akamaiedge.net e7173.g.akamaiedge.net e8011.g.akamaiedge.net fe1.update.microsoft.com.akadns.net -fe2.update.microsoft.com.akadns.net + +#Problem with windows update +#fe2.update.microsoft.com.akadns.net + fe3.delivery.dsp.mp.microsoft.com.nsatc.net feedback.microsoft-hohm.com feedback.search.microsoft.com @@ -138,13 +140,11 @@ survey.watson.microsoft.com t.urs.microsoft.com.nsatc.net telecommand.telemetry.microsoft.com telemetry.appex.bing.net -telemetry.appex.bing.net:443 telemetry.appex.search.prod.ms.akadns.net telemetry.microsoft.com telemetry.urs.microsoft.com tunnel.cfw.trustedsource.org uci.officeapps.live.com -updatekeepalive.mcafee.com urs.smartscreen.microsoft.com v10.vortex-win.data.microsoft.com vortex-sandbox.data.glbdns2.microsoft.com @@ -158,4 +158,4 @@ watson.telemetry.microsoft.com wes.df.telemetry.microsoft.com win10.ipv6.microsoft.com www.msftconnecttest.com -www.msftncsi.com +www.msftncsi.com \ No newline at end of file diff --git a/modules.d/BlockHosts/ms-skype-messenger.txt b/modules.d/FW_Hosts/ms-skype-messenger.txt similarity index 93% rename from modules.d/BlockHosts/ms-skype-messenger.txt rename to modules.d/FW_Hosts/ms-skype-messenger.txt index 9acce47..2cd994b 100644 --- a/modules.d/BlockHosts/ms-skype-messenger.txt +++ b/modules.d/FW_Hosts/ms-skype-messenger.txt @@ -17,10 +17,9 @@ live.rads.msn.com m.hotmail.com mscrl.microsoft.com msnbot-65-55-108-23.search.msn.com -preview.msn.com rad.live.com rad.msn.com rpt.msn.com s.gateway.messenger.live.com otf.msn.com -ui.skype.com +ui.skype.com \ No newline at end of file