一键实现--强制通过VPN上网,VPN断线就断网

2017-03-24 13:43:34 68 21834 6
原帖是这里:强制通过VPN上网,VPN断线就断网
https://www.t00ls.com/thread-38739-1-1.html

看了之后好碉堡啊,以前还是通过监控网卡状态来判断VPN是否掉了然后禁用本地网卡,监控网卡状态总还是有延迟的!!!
BUT,现在GFW什么的很坑啊,时不时的给你掐断一下你的VPN通道,然而你本地VPN还在尝试重连,监听程序判断仍然没有断网,这里就有个延迟,鬼知道中间都发生了什么,是不是已经被登记快递地址了。

看了Twi1ight的文,感觉好猥琐啊。我喜欢!
但就是本人有点懒,凭什么linux下几条命令就搞定了,windows还要瞅半天的界面!
找点空子就看了下怎么写命令windows一键实现。
这里再标原创有点坑了,命令随便研究下就能写了,随意吧,谁让我懒。

很简单,三条命令搞定:
netsh advfirewall set allprofiles firewallpolicy allowinbound,blockoutbound
netsh advfirewall firewall add rule name="allowvpn1" dir=out action=allow enable=yes remoteip="10.0.0.1"
netsh advfirewall firewall add rule name="allowvpnremote1" dir=out action=allow enable=yes interfacetype=ras
还是这三步对防火墙进行设置:
1. 默认阻止所有出口流量
2. 在本地连接上设置允许通向VPN服务器的出口流量
3. 允许所有流量通过vpn链接出去

然后嫌麻烦,弄了个稍微人性化的bat一键版:



注:适合vista及以上版本,win7 8 10,server2008 2012 2016等。  03本应该也可以,命令好像不太一样,03不安全,抛弃。
需要管理员权限运行!!
说明:
可以重复添加IP及IP段范围地址,IP地址或范围段以英文逗号,隔开。多次添加会发现规则里有很多个重名的规则信息,这不影响。删除的时候是根据规则命名全部删除!
bat如下:
@echo off
TITLE Set forced through the VPN to the Internet , plz run as administrator!  by t00ls.net
:menu
echo.
echo ===============================================================================
echo.
echo 1. Set forced through the VPN to the Internet , plz run as administrator
echo 2. Delete your setttings in 1 , plz run as administrator
echo 3. Query your settings IP
echo 4. exit
echo.                                                                by t00ls.net
echo.

set /p select=plz select:  
if /i "%select%"=="1" goto 1
if /i "%select%"=="2" goto 2
if /i "%select%"=="3" goto 3
if /i "%select%"=="4" goto 4
echo error select&pause&%0
:1
echo.
echo  Examples:
echo          10.0.0.1 or 10.0.0.1-10.0.0.254 or 10.0.0.1/24
echo          10.0.0.1,192.168.1.1,10.10.10.0/24
echo          use , to separate multiple IPs
echo.
set /p ip=Set Your IP Address:
echo netsh advfirewall set allprofiles firewallpolicy allowinbound,blockoutbound
netsh advfirewall set allprofiles firewallpolicy allowinbound,blockoutbound
echo netsh advfirewall firewall add rule name="allowvpn1" dir=out action=allow enable=yes remoteip="%ip%"
netsh advfirewall firewall add rule name="allowvpn1" dir=out action=allow enable=yes remoteip="%ip%"
echo netsh advfirewall firewall add rule name="allowvpnremote1" dir=out action=allow enable=yes interfacetype=ras
netsh advfirewall firewall add rule name="allowvpnremote1" dir=out action=allow enable=yes interfacetype=ras
goto menu

:2
echo.
echo netsh advfirewall set allprofiles firewallpolicy allowinbound,allowoutbound
netsh advfirewall set allprofiles firewallpolicy allowinbound,allowoutbound
echo netsh advfirewall firewall delete rule name="allowvpn1"
netsh advfirewall firewall delete rule name="allowvpn1"
echo netsh advfirewall firewall delete rule name="allowvpnremote1"
netsh advfirewall firewall delete rule name="allowvpnremote1"
goto menu

:3
echo.
echo You have set the IP
netsh advfirewall firewall show rule name="allowvpn1" |findstr IP
if %errorlevel% NEQ 0 (echo.
echo ----Not Found IP----
echo.
echo.) else echo.
goto menu

:4
exit
自评TCV:0

关于作者

dllk43篇文章1016篇回复

评论68次

要评论?请先  登录  或  注册