Windows – Is it possible to Block An Application from Accessing the Internet with cmd

batch filecommand linenetworkingwindows

Normally, I would use FireWall to Block An Application from Accessing the Internet. But I don't want to setup my FireWall system for just an application.

What I want is: create an bat file to start an application. The bat file similar to this.

If I run the bat file, the application is blocked from accessing internet. If I run the application directly, the application can access internet.

Is it possible to do that?

Best Answer

You could add firewall rule to block any incoming and outgoing traffic before running the application and disable (or delete) the firewall rules after exiting.

Setup block rules

:: Variables
set RULE_NAME=TemporaryBlock
set PROGRAM=C:\Program Files (x86)\App\app.exe

netsh advfirewall firewall add rule name="%RULE_NAME%" dir=in action=block profile=any program="%PROGRAM%"
netsh advfirewall firewall add rule name="%RULE_NAME%" dir=out action=block profile=any program="%PROGRAM%"

Run the app with internet blocked

@echo off

:: Variables
set RULE_NAME=TemporaryBlock
set PROGRAM=C:\Program Files (x86)\App\app.exe

:: Block the app
netsh advfirewall firewall set rule name="%RULE_NAME%" dir=in new enable=yes
netsh advfirewall firewall set rule name="%RULE_NAME%" dir=out new enable=yes

:: Running the app
start "" /wait "%PROGRAM%"

:: Disable the firewall rules
netsh advfirewall firewall set rule name="%RULE_NAME%" dir=in new enable=no
netsh advfirewall firewall set rule name="%RULE_NAME%" dir=out new enable=no

Details

documentation: netsh advfirewall firewall add rule -?
you could also create and delete the rules everytime you run the app, but I like creating the rules once and then just enabling or disabling it more
you need admin rights

Related Solutions

Windows – Tool to easily block Internet access completely for Windows

You don't specify whether you need local connectivity as well. If you don't, the so-simple-someone-could-easily-overlook-it, 100% foolproof solution is to just unplug the network cable.

Windows – How to Open a Console Application with a Given Window Size

I spent a few hours today to implement a small C# application that can wrap another console application and adjust the window size of the console host.

console-wrapper is easy to use. It only expects a couple of command line parameters:

Usage: console-wrapper.exe [OPTIONS]

Options:

      --subject=VALUE        The application that should be started by the
                               console wrapper.
      --width=VALUE          The desired width of the console window.
      --height=VALUE         The desired height of the console window.
  -h, -?, --help             Shows this help message

--width and --height are used to set the size of the resulting console window. --subject can be used optionally, if it is omitted, the remaining parameters are treated as the command (with parameters) to start.

So the final call I'm using now in our startup script is:

START "MongoDB" database\console-wrapper.exe --width=140 --height=70 %~dp0database\mongodb\bin\mongod.exe --dbpath %~dp0database\data --rest

The resulting window will have the requested size and upon hitting Ctrl+C, the window will close (after having properly shut down the contained process).