Symantec Endpoint Protection - Add Firewall Rule

Author Message
yfki

  • Total Posts : 97
  • Scores: 0
  • Reward points : 0
  • Joined: 12/12/2007
  • Status: offline
Symantec Endpoint Protection - Add Firewall Rule Monday, November 09, 2009 8:12 AM (permalink)
0
 '''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
 'Script for adding applications to existing firewall rule In Symantec Endpoint Protection --Thx to TNO for the XML Syntax
 'Just right click an app, and 1,2,3, firewalled.
 'SMC.exe params: http://service1.symantec.com/SUPPORT/ent-security.nsf/904c88a5602c2de3882573410063493c/d02aafed7241b975802573aa0037fb30?OpenDocument
 'Script Expects:
         '1) Firewall Rule named "Black Applications"
         '2) Have SMC.exe in global path
         '3) Export/Import config from here: C:\Windows\Scripts\SEP_FW.xml      
 'Add To registry as follows
 '[HKEY_CLASSES_ROOT\*\shell\Add Firewall Rule\command]
 '@="WScript.exe \"C:\\Windows\\Scripts\\AddFireWallRule.vbs\" \"%1\""
 '''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
 
 
 Dim WshShell : Set WshShell = CreateObject("Wscript.Shell")
 
 If WScript.Arguments.Count = 1 Then
     ApplicationPath = WScript.Arguments.Item(0)
 Else
     WScript.Quit
 End If
 
 'Get clean export from SEP
 strCMD = "smc -exportadvrule C:\Windows\Scripts\SEP_FW.xml"
 WshShell.Run "%COMSPEC% /C " & strCMD, 0, False
 
 'Get applciation path and name
 Dim objRegex : Set objRegex = CreateObject("Vbscript.Regexp")
     objRegex.Global = True
     objRegex.IgnoreCase = True
     objRegEx.Pattern = "(\w{1,100})(\.)(.+)"
 
 Set FileName = objRegex.Execute(ApplicationPath)
     ApplicationName = FileName(0).SubMatches(0)
     ApplicationPath = WScript.Arguments.Item(0)
 
 'Load in the export from SEP and append new applciation
 Dim xmlDoc : Set xmlDoc = CreateObject("Msxml2.DomDocument.3.0")
 xmlDoc.async = False
 xmlDoc.load "C:\Windows\Scripts\SEP_FW.xml"
 'Give script some time here
 WScript.Sleep 3000
 Dim newTag : Set newTag = xmlDoc.createElement("Executable")
 With newTag
     .setAttribute "FileName",ApplicationPath
     .setAttribute "Enable","1"
     .setAttribute "Version", "0"
 End With
 'Append childnode
 xmlDoc.selectSingleNode("//AdvancedRules/AdvancedRule[@Description='Black Applications']/ApplicationGroup").appendChild(newTag)
 xmlDoc.save "C:\Windows\Scripts\SEP_FW.xml"
 
 'Import the new config, thus adding to the existing rule in SEP
 strCMD = "smc -importadvrule C:\Windows\Scripts\SEP_FW.xml"
 
 On Error Resume Next      
     WshShell.Run "%COMSPEC% /C " & strCMD, 0, False
 If Err.Number <> 0 Then
     WshShell.Popup "Error Occured Adding Firewall Rule for: " & ApplicationName, 2
 Else
     WshShell.Popup "Firewall Rule Added for: " & ApplicationName, 2
 End If

 
#1

    Online Bookmarks Sharing: Share/Bookmark

    Jump to:

    Current active users

    There are 0 members and 1 guests.

    Icon Legend and Permission

    • New Messages
    • No New Messages
    • Hot Topic w/ New Messages
    • Hot Topic w/o New Messages
    • Locked w/ New Messages
    • Locked w/o New Messages
    • Read Message
    • Post New Thread
    • Reply to message
    • Post New Poll
    • Submit Vote
    • Post reward post
    • Delete my own posts
    • Delete my own threads
    • Rate post

    2000-2012 ASPPlayground.NET Forum Version 3.9