c# 提取大陆地区IP让服务器只允许中国大陆地区IP访问

  C# 控制台生成执行脚本

using Microsoft.SqlServer.Server;
using System;
using System.Collections.Generic;
using System.Data;
using System.IO;
using System.Linq;

class Program
{
    static void Main()
    {
        // 文件下载地址：https://www.ip2location.com/free/visitor-blocker
        // Download List
        // Country        IP Version        Output Format
        // China          IPv4              CIDR
        // 下载的文件firewall.txt.gz 解压后为 firewall.txt

        string inputPath = "firewall.txt"; // 输入文件路径
        string outputPathtxt = "firewall_rules.txt"; // 输出文件路径
        string outputPathbat = "firewall_rules.bat"; // 输出文件路径
        int mergeBatchSize = 10; // 每批合并的规则数量

        // 1. 读取并解析为范围
        List<IpRange> ranges = new List<IpRange>();
        foreach (var line in File.ReadAllLines(inputPath))
        {
            string trimmed = line.Trim();
            if (string.IsNullOrEmpty(trimmed) || !trimmed.Contains("/")) continue;

            var range = CidrToRange(trimmed);
            if (range != null)
                ranges.Add(range);
        }

        // 2. 合并相邻的 IP 范围
        var mergedRanges = MergeIpRanges(ranges);

        // 3. 按照 mergeBatchSize 每10条合并为一条规则
        List<string> ipList = new List<string>();

        // 将合并后的规则按每10个分批次生成
        for (int i = 0; i < mergedRanges.Count; i += mergeBatchSize)
        {
            var batch = mergedRanges.Skip(i).Take(mergeBatchSize).ToList();
            // 获取第一条和最后一条的起始和结束 IP
            var startIp = UintToIp(batch.First().Start);
            var endIp = UintToIp(batch.Last().End);
            ipList.Add($"{startIp}-{endIp}");
        }

        int ruleIndex = 1;
        List<string> firewallRules = new List<string>();

        // 添加本地和内网 IP 允许规则
        firewallRules.Add("netsh advfirewall firewall add rule name=\"Allow Local and Internal Network IPs\" dir=in action=allow protocol=TCP localport=80,443 remoteip=10.0.0.0/8 enable=yes");
        firewallRules.Add("netsh advfirewall firewall add rule name=\"Allow Local and Internal Network IPs\" dir=in action=allow protocol=TCP localport=80,443 remoteip=172.16.0.0/12 enable=yes");
        firewallRules.Add("netsh advfirewall firewall add rule name=\"Allow Local and Internal Network IPs\" dir=in action=allow protocol=TCP localport=80,443 remoteip=192.168.0.0/16 enable=yes");

        string beginName = "";
        List<string> to10Rule = new List<string>();
        for (int i = 0; i < ipList.Count; i++)
        {
            if (i > 0 && i % 10 == 0)
            {
                beginName = beginName + "-" + ipList[i].Split('.')[0];
                string ruleName = $"Allow_CN_IP_{beginName}_{ruleIndex}";
                string rule = $"netsh advfirewall firewall add rule name=\"{ruleName}\" dir=in action=allow remoteip={string.Join(",", to10Rule)} localport=80,443 protocol=TCP enable=yes";
                firewallRules.Add(rule);
                to10Rule.Clear();
                ruleIndex++;
                beginName = "";
            }
            else
            {
                if (i >= 0 && string.IsNullOrWhiteSpace(beginName))
                {
                    beginName = ipList[i].Split('.')[0];
                }
                to10Rule.Add(ipList[i]);
            }
        }

        firewallRules.Add("pause");
        File.WriteAllLines(outputPathtxt, ipList);
        // 4. 将防火墙规则写入文件
        File.WriteAllLines(outputPathbat, firewallRules);
        Console.WriteLine($"防火墙规则已写入 {outputPathbat}");
    }

    // 将 CIDR 转换为 IP 范围（起始 IP 和结束 IP）
    static IpRange CidrToRange(string cidr)
    {
        var parts = cidr.Split('/');
        if (parts.Length != 2) return null;

        string ip = parts[0];
        int prefixLength = int.Parse(parts[1]);

        uint ipStart = IpToUint(ip);
        uint mask = uint.MaxValue << (32 - prefixLength);
        uint network = ipStart & mask;
        uint broadcast = network | ~mask;

        return new IpRange { Start = network, End = broadcast };
    }

    // 将 IP 字符串转换为 uint
    static uint IpToUint(string ip)
    {
        var parts = ip.Split('.');
        return (uint)(int.Parse(parts[0]) << 24 |
                      int.Parse(parts[1]) << 16 |
                      int.Parse(parts[2]) << 8 |
                      int.Parse(parts[3]));
    }

    // 将 uint 转换为 IP 字符串
    static string UintToIp(uint ip)
    {
        return string.Join(".",
            (ip >> 24) & 0xFF,
            (ip >> 16) & 0xFF,
            (ip >> 8) & 0xFF,
            ip & 0xFF);
    }

    // 合并相邻的 IP 范围
    static List<IpRange> MergeIpRanges(List<IpRange> ranges)
    {
        var sortedRanges = ranges.OrderBy(r => r.Start).ToList();
        var mergedRanges = new List<IpRange>();

        uint currentStart = sortedRanges[0].Start;
        uint currentEnd = sortedRanges[0].End;

        foreach (var range in sortedRanges.Skip(1))
        {
            // 如果当前范围与下一个范围重叠或相邻
            if (range.Start <= currentEnd + 1)
            {
                currentEnd = Math.Max(currentEnd, range.End); // 合并范围
            }
            else
            {
                mergedRanges.Add(new IpRange { Start = currentStart, End = currentEnd }); // 添加已合并的范围
                currentStart = range.Start;
                currentEnd = range.End;
            }
        }

        // 添加最后一个合并后的范围
        mergedRanges.Add(new IpRange { Start = currentStart, End = currentEnd });

        return mergedRanges;
    }

}

// 表示一个 IP 范围
public class IpRange
{
    public uint Start { get; set; }
    public uint End { get; set; }
}

　　

懒人一键脚本：firewall_rules.bat 截止2025.05.09 涵盖中国大陆地区IP，先禁用80 443 默认配置。

netsh advfirewall firewall add rule name="Allow Local and Internal Network IPs" dir=in action=allow protocol=TCP localport=80,443 remoteip=10.0.0.0/8 enable=yes
netsh advfirewall firewall add rule name="Allow Local and Internal Network IPs" dir=in action=allow protocol=TCP localport=80,443 remoteip=172.16.0.0/12 enable=yes
netsh advfirewall firewall add rule name="Allow Local and Internal Network IPs" dir=in action=allow protocol=TCP localport=80,443 remoteip=192.168.0.0/16 enable=yes

netsh advfirewall firewall add rule name="Allow_CN_IP_1-17_1" dir=in action=allow remoteip=1.0.1.0-1.8.255.255,1.10.0.0-1.117.255.255,1.119.0.0-5.181.227.255,8.37.238.0-14.1.3.255,14.1.24.0-14.135.255.255,14.144.0.0-16.2.143.255,17.81.2.0-17.81.144.255,17.81.146.0-17.81.202.255,17.81.204.0-17.81.251.47,17.85.6.64-17.87.138.161 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_17-38_2" dir=in action=allow remoteip=17.88.207.192-17.93.227.255,17.93.232.0-23.161.8.255,23.229.47.0-23.236.233.223,27.0.128.0-27.54.79.255,27.54.152.0-27.109.126.159,27.109.126.192-27.129.255.255,27.131.220.0-36.1.255.255,36.4.0.0-36.251.255.255,36.254.0.0-38.47.159.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_38-43_3" dir=in action=allow remoteip=38.196.176.0-40.77.236.255,40.77.254.64-42.7.255.255,42.48.0.0-42.99.115.255,42.99.120.0-42.201.127.255,42.202.0.0-43.224.83.255,43.224.100.0-43.225.123.255,43.225.180.0-43.227.147.255,43.227.152.0-43.228.155.255,43.228.188.0-43.229.223.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_43-43_4" dir=in action=allow remoteip=43.231.80.0-43.240.87.255,43.240.124.0-43.241.255.255,43.242.8.0-43.243.19.255,43.243.88.0-43.246.112.255,43.246.228.0-43.248.7.255,43.248.20.0-43.249.139.255,43.249.144.0-43.250.119.255,43.250.128.0-43.251.11.255,43.251.36.0-43.254.11.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_43-45_5" dir=in action=allow remoteip=43.254.136.0-43.255.87.255,43.255.96.0-44.31.28.255,44.31.42.0-44.31.231.255,44.31.234.0-44.32.185.255,44.32.188.0-44.61.0.79,44.61.7.184-44.61.63.255,44.63.0.11-45.40.255.255,45.45.225.0-45.113.43.255,45.113.56.0-45.114.3.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_45-45_6" dir=in action=allow remoteip=45.115.120.0-45.115.251.255,45.116.16.0-45.117.23.255,45.117.68.0-45.120.167.255,45.120.240.0-45.123.39.255,45.123.44.0-45.124.39.255,45.124.44.0-45.125.27.255,45.125.44.0-45.127.131.255,45.127.144.0-45.140.205.255,45.148.127.0-45.249.39.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_45-60_7" dir=in action=allow remoteip=45.251.16.0-45.253.123.255,45.253.132.0-45.255.251.255,46.248.24.0-49.143.233.32,49.143.233.34-52.95.255.159,52.130.0.0-58.66.63.255,58.66.144.0-58.144.255.255,58.154.0.0-59.148.19.142,59.151.0.0-59.153.95.255,59.153.116.0-60.63.255.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_60-67_8" dir=in action=allow remoteip=60.245.128.0-61.14.223.255,61.14.240.0-61.87.255.255,61.128.0.0-62.153.153.255,62.153.155.88-62.159.220.95,62.159.220.104-63.209.188.6,63.216.32.16-64.138.13.223,64.138.141.30-64.235.255.111,64.237.118.252-66.220.7.88,66.220.7.91-67.199.158.167 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_68-93_9" dir=in action=allow remoteip=68.79.0.0-69.174.123.175,69.230.192.0-72.163.241.255,72.163.248.0-74.91.20.95,74.91.20.136-76.7.88.199,76.7.88.216-80.76.39.255,80.239.200.96-84.200.173.175,84.200.174.160-84.200.184.95,84.200.185.80-85.209.43.255,85.209.217.0-93.113.109.159 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_98-103_10" dir=in action=allow remoteip=98.124.135.88-98.124.140.71,98.124.140.96-101.50.15.255,101.50.56.0-101.96.255.255,101.99.96.0-101.110.127.255,101.120.0.0-101.233.255.255,101.234.64.0-103.1.91.255,103.1.168.0-103.4.171.255,103.4.184.0-103.6.79.255,103.6.108.0-103.8.111.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_103-103_11" dir=in action=allow remoteip=103.10.140.0-103.12.235.255,103.13.12.0-103.14.139.255,103.14.156.0-103.16.127.255,103.17.40.0-103.18.215.255,103.18.224.0-103.20.115.255,103.20.128.0-103.21.243.255,103.22.0.0-103.23.231.255,103.24.24.0-103.25.43.255,103.25.48.0-103.26.135.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_103-103_12" dir=in action=allow remoteip=103.28.184.0-103.30.99.255,103.30.104.0-103.31.171.255,103.31.200.0-103.36.75.255,103.36.96.0-103.37.75.255,103.37.92.128-103.38.59.255,103.38.76.0-103.39.91.255,103.39.100.0-103.40.223.255,103.40.228.0-103.42.27.255,103.42.32.0-103.43.187.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_103-103_13" dir=in action=allow remoteip=103.44.224.0-103.47.24.255,103.47.36.0-103.48.95.255,103.48.148.0-103.49.197.64,103.49.197.66-103.52.43.255,103.52.72.0-103.53.147.255,103.53.152.40-103.54.243.255,103.55.80.0-103.56.35.255,103.56.56.0-103.57.59.255,103.57.76.0-103.60.47.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_103-103_14" dir=in action=allow remoteip=103.62.55.0-103.63.211.255,103.63.240.0-103.66.35.255,103.66.40.0-103.66.181.75,103.66.182.0-103.68.103.255,103.68.128.0-103.71.3.255,103.71.48.0-103.72.147.255,103.72.172.0-103.73.243.255,103.73.248.0-103.75.115.255,103.75.120.0-103.77.75.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_103-103_15" dir=in action=allow remoteip=103.79.36.0-103.80.187.255,103.80.192.0-103.81.167.255,103.81.183.90-103.82.107.255,103.82.224.0-103.84.3.255,103.84.12.0-103.85.179.255,103.85.186.0-103.87.135.255,103.87.180.0-103.89.31.255,103.89.96.0-103.90.173.255,103.90.176.0-103.91.239.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_103-103_16" dir=in action=allow remoteip=103.93.28.0-103.94.75.255,103.94.88.0-103.95.155.255,103.95.216.0-103.97.75.255,103.97.112.0-103.98.103.255,103.98.124.0-103.99.79.255,103.99.104.0-103.100.71.255,103.100.88.0-103.101.151.255,103.101.180.0-103.103.207.255,103.103.220.0-103.105.63.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_103-103_17" dir=in action=allow remoteip=103.106.196.0-103.107.195.255,103.107.208.0-103.109.51.255,103.109.88.0-103.111.67.255,103.111.172.0-103.113.239.255,103.114.4.0-103.115.55.255,103.115.68.0-103.116.123.255,103.116.128.0-103.117.191.255,103.117.220.0-103.119.227.255,103.120.52.0-103.121.95.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_103-103_18" dir=in action=allow remoteip=103.123.88.0-103.125.47.255,103.125.132.0-103.126.47.255,103.126.100.0-103.131.155.255,103.131.168.0-103.133.15.255,103.133.40.0-103.135.167.255,103.135.176.0-103.137.183.255,103.137.236.0-103.139.3.255,103.139.22.0-103.139.213.255,103.140.14.0-103.141.243.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_103-103_19" dir=in action=allow remoteip=103.142.190.0-103.143.135.255,103.143.174.0-103.145.43.255,103.145.86.0-103.146.231.255,103.146.236.0-103.149.111.255,103.149.156.0-103.150.73.255,103.150.122.0-103.151.5.255,103.151.44.0-103.152.77.255,103.152.120.0-103.152.251.255,103.153.4.0-103.153.161.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_103-103_20" dir=in action=allow remoteip=103.155.110.0-103.156.175.255,103.156.186.0-103.158.201.255,103.158.224.0-103.161.15.255,103.161.102.0-103.163.33.255,103.163.46.0-103.165.45.255,103.165.52.0-103.167.101.255,103.168.98.0-103.170.213.255,103.171.32.0-103.175.115.255,103.175.118.0-103.179.79.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_103-103_21" dir=in action=allow remoteip=103.186.136.0-103.190.123.255,103.191.102.0-103.192.255.255,103.193.40.0-103.195.155.255,103.195.160.0-103.198.23.255,103.198.60.0-103.199.167.255,103.199.196.0-103.202.47.255,103.202.56.0-103.203.143.255,103.203.164.0-103.204.199.255,103.204.212.0-103.205.139.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_103-103_22" dir=in action=allow remoteip=103.207.220.0-103.209.219.255,103.210.20.0-103.211.227.255,103.211.248.0-103.212.231.255,103.212.252.0-103.215.39.255,103.215.44.0-103.216.157.255,103.216.224.0-103.219.67.255,103.219.84.0-103.222.19.255,103.222.24.0-103.224.83.255,103.224.220.0-103.226.183.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_103-103_23" dir=in action=allow remoteip=103.228.12.0-103.229.63.255,103.229.136.0-103.230.99.255,103.230.110.0-103.231.187.255,103.231.244.0-103.233.107.255,103.233.128.0-103.234.183.255,103.234.244.0-103.236.99.255,103.236.116.0-103.238.7.255,103.238.16.0-103.239.47.255,103.239.68.0-103.240.43.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_103-103_24" dir=in action=allow remoteip=103.241.172.0-103.242.223.255,103.242.240.0-103.244.235.255,103.244.252.0-103.246.159.255,103.247.168.0-103.248.195.255,103.248.212.0-103.249.247.255,103.249.252.0-103.250.255.255,103.251.32.0-103.252.39.255,103.252.64.0-103.253.207.255,103.253.220.0-103.254.196.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_104-104_25" dir=in action=allow remoteip=104.28.66.15-104.28.83.77,104.28.99.0-104.28.120.73,104.28.120.76-104.28.193.39,104.28.193.101-104.28.208.72,104.28.208.126-104.28.216.62,104.28.216.132-104.28.223.183,104.28.223.200-104.28.230.177,104.28.231.200-104.28.243.12,104.28.243.41-104.28.252.213 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_106-111_26" dir=in action=allow remoteip=106.0.2.0-106.11.80.255,106.11.82.0-106.11.178.255,106.11.180.0-106.95.255.255,106.108.0.0-110.19.255.255,110.34.40.0-110.75.127.255,110.75.130.0-110.76.10.255,110.76.12.0-110.157.255.255,110.165.32.0-111.30.187.255,111.30.190.0-111.181.255.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_111-115_27" dir=in action=allow remoteip=111.223.4.0-112.73.31.255,112.73.64.0-113.18.255.255,113.21.232.0-113.129.255.255,113.130.96.0-113.212.103.255,113.212.184.0-114.107.255.255,114.110.0.0-114.113.252.255,114.113.255.0-114.132.255.255,114.135.0.0-115.29.255.255,115.31.64.0-115.123.255.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_116-117_28" dir=in action=allow remoteip=116.1.0.0-116.68.143.255,116.68.176.0-116.92.121.2,116.92.121.5-116.92.248.146,116.92.248.150-116.92.253.14,116.92.253.46-116.92.254.20,116.92.254.26-116.92.254.230,116.92.254.234-116.197.167.255,116.198.0.0-116.213.255.255,116.214.32.0-117.15.255.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_117-119_29" dir=in action=allow remoteip=117.103.16.0-117.122.255.255,117.124.0.0-118.66.255.255,118.67.112.0-118.126.255.255,118.127.128.0-118.188.127.255,118.188.160.0-118.193.15.255,118.193.48.0-118.239.255.255,118.242.0.0-119.29.255.255,119.30.48.0-119.42.255.255,119.44.0.0-119.103.255.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_119-122_30" dir=in action=allow remoteip=119.252.96.0-120.88.15.255,120.90.0.0-121.5.255.255,121.8.0.0-121.55.63.255,121.56.0.0-121.79.191.255,121.89.0.0-121.239.255.255,121.248.0.0-122.8.75.255,122.8.84.0-122.10.195.255,122.10.200.0-122.115.75.255,122.115.80.0-122.198.63.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_122-130_31" dir=in action=allow remoteip=122.255.64.0-123.101.255.255,123.103.0.0-123.176.95.255,123.177.0.0-123.253.243.255,123.254.96.0-124.47.63.255,124.64.0.0-124.150.137.255,124.151.0.0-124.242.255.255,124.243.192.0-125.98.255.255,125.104.0.0-125.254.255.255,128.1.203.0-130.244.208.168 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_136-143_32" dir=in action=allow remoteip=136.0.133.0-139.5.163.255,139.5.192.0-139.148.255.255,139.155.0.0-139.183.255.255,139.186.0.0-140.143.255.255,140.179.0.0-140.205.127.255,140.205.129.0-140.205.190.255,140.205.192.0-140.205.234.255,140.205.238.0-140.242.216.255,140.242.223.0-142.214.135.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_144-154_33" dir=in action=allow remoteip=144.48.220.0-146.75.189.3,146.196.56.0-150.0.255.255,150.115.0.0-150.223.255.255,150.242.0.0-150.242.227.255,150.242.232.0-153.3.255.255,153.34.0.0-154.18.4.32,154.18.4.34-154.18.4.208,154.18.4.210-154.18.5.88,154.18.5.90-154.18.159.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_154-160_34" dir=in action=allow remoteip=154.81.40.0-156.107.136.139,156.107.136.144-157.10.119.255,157.10.130.0-157.20.247.255,157.23.178.0-157.119.167.255,157.119.172.0-157.167.231.40,157.167.231.188-157.255.255.255,158.26.192.0-159.221.232.255,159.226.0.0-160.22.83.255,160.22.148.0-160.30.199.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_160-172_35" dir=in action=allow remoteip=160.250.14.0-160.250.253.255,161.120.0.0-162.14.19.14,162.14.19.16-163.47.7.255,163.53.0.0-163.61.203.255,163.61.214.0-163.223.157.255,163.223.173.0-166.63.11.127,166.63.14.216-168.160.255.255,170.33.0.0-172.97.91.255,172.98.192.204-172.226.47.31 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_175-180_36" dir=in action=allow remoteip=175.46.0.0-175.176.159.255,175.176.176.0-180.87.10.26,180.88.0.0-180.148.255.255,180.149.128.0-180.210.215.255,180.210.224.0-180.223.1.60,180.223.1.62-180.223.3.253,180.223.3.255-180.223.4.89,180.223.4.92-180.223.4.171,180.223.4.173-180.223.5.27 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_180-185_37" dir=in action=allow remoteip=180.223.5.83-180.223.5.133,180.223.5.135-180.223.6.217,180.223.6.219-180.233.95.255,180.233.144.0-182.23.191.255,182.23.200.0-182.92.255.255,182.96.0.0-182.247.255.255,182.254.0.0-183.91.131.255,183.91.136.0-183.182.81.223,183.182.82.0-185.55.52.159 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_185-199_38" dir=in action=allow remoteip=185.141.90.64-188.131.255.255,188.190.1.0-192.64.196.255,192.102.204.0-192.171.230.255,192.186.155.128-192.198.116.159,192.241.71.192-193.200.222.175,193.233.255.0-195.12.225.95,195.146.16.0-198.11.191.255,198.16.70.104-198.175.103.255,198.245.71.80-199.66.95.249 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_202-202_39" dir=in action=allow remoteip=202.3.128.0-202.6.103.255,202.6.108.0-202.8.123.255,202.8.128.0-202.12.2.255,202.12.17.0-202.14.69.255,202.14.73.0-202.14.125.255,202.14.127.0-202.14.213.255,202.14.219.0-202.20.90.255,202.20.94.0-202.21.154.255,202.21.156.0-202.38.137.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_202-202_40" dir=in action=allow remoteip=202.40.135.0-202.41.128.255,202.41.130.0-202.44.51.255,202.44.67.0-202.46.21.255,202.46.32.0-202.52.34.255,202.52.47.0-202.59.215.255,202.59.236.0-202.61.123.255,202.61.127.0-202.65.111.255,202.66.168.0-202.72.47.255,202.72.80.0-202.74.255.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_202-202_41" dir=in action=allow remoteip=202.80.192.0-202.87.95.255,202.88.32.0-202.90.193.255,202.90.196.0-202.92.255.255,202.93.252.0-202.97.40.69,202.97.40.71-202.97.73.121,202.97.73.123-202.122.7.255,202.122.32.0-202.125.127.255,202.125.176.0-202.130.39.255,202.130.224.0-202.136.239.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_202-203_42" dir=in action=allow remoteip=202.146.184.0-202.150.47.255,202.150.56.0-202.153.194.223,202.157.192.0-202.164.15.255,202.164.96.0-202.168.143.255,202.168.160.0-202.173.6.255,202.173.8.0-202.180.215.255,202.181.8.0-202.191.95.255,202.192.0.0-203.0.91.255,203.0.96.0-203.0.146.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_203-203_43" dir=in action=allow remoteip=203.1.90.0-203.2.150.255,203.2.152.0-203.3.68.255,203.3.72.0-203.3.143.255,203.4.132.0-203.5.5.255,203.5.7.0-203.5.120.255,203.5.172.0-203.6.139.255,203.6.142.0-203.7.151.255,203.7.158.0-203.8.91.255,203.8.110.0-203.8.203.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_203-203_44" dir=in action=allow remoteip=203.9.96.0-203.11.70.255,203.11.76.0-203.11.143.255,203.11.180.0-203.12.91.255,203.12.100.0-203.12.226.255,203.12.240.0-203.13.227.255,203.13.233.0-203.14.115.255,203.14.118.0-203.15.89.255,203.15.105.0-203.15.241.255,203.15.246.0-203.16.133.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_203-203_45" dir=in action=allow remoteip=203.17.56.0-203.17.249.255,203.17.255.0-203.18.87.255,203.18.100.0-203.18.208.255,203.18.211.0-203.19.61.255,203.19.64.0-203.19.149.255,203.19.156.0-203.20.17.255,203.20.40.0-203.20.119.255,203.20.122.0-203.21.10.255,203.21.18.0-203.21.145.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_203-203_46" dir=in action=allow remoteip=203.22.99.0-203.22.246.255,203.22.252.0-203.23.112.255,203.23.130.0-203.23.231.255,203.23.249.0-203.24.74.255,203.24.79.0-203.24.161.255,203.24.167.0-203.25.46.255,203.25.64.0-203.25.164.255,203.25.166.0-203.25.236.255,203.25.242.0-203.26.80.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_203-203_47" dir=in action=allow remoteip=203.26.173.0-203.26.232.255,203.27.0.0-203.27.81.255,203.27.88.0-203.27.241.255,203.27.250.0-203.28.86.255,203.28.88.0-203.28.185.255,203.28.187.0-203.29.57.255,203.29.61.0-203.29.112.255,203.29.120.0-203.29.234.255,203.29.248.0-203.30.111.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_203-203_48" dir=in action=allow remoteip=203.30.220.0-203.31.51.255,203.31.54.0-203.31.162.255,203.31.174.0-203.31.229.255,203.31.248.0-203.32.76.255,203.32.81.0-203.32.187.255,203.32.192.0-203.33.64.255,203.33.67.0-203.33.159.255,203.33.174.0-203.33.250.255,203.34.4.0-203.34.76.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_203-203_49" dir=in action=allow remoteip=203.34.240.0-203.55.93.255,203.55.101.0-203.55.221.255,203.55.224.0-203.56.85.255,203.56.95.0-203.56.187.255,203.56.192.0-203.56.252.255,203.56.254.0-203.57.71.255,203.57.73.0-203.57.222.255,203.57.224.0-203.62.231.255,203.62.234.0-203.79.15.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_203-203_50" dir=in action=allow remoteip=203.82.224.0-203.88.63.255,203.88.192.0-203.91.127.255,203.92.0.0-203.99.31.255,203.99.80.0-203.105.159.255,203.107.0.0-203.118.251.255,203.119.24.0-203.132.63.255,203.134.240.0-203.148.87.255,203.149.92.0-203.161.180.255,203.161.183.0-203.174.4.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_203-210_51" dir=in action=allow remoteip=203.189.112.0-203.191.31.255,203.191.64.0-203.202.239.255,203.205.64.0-203.205.239.255,203.205.241.0-203.212.95.255,203.215.146.0-205.198.47.255,205.198.108.0-206.182.199.215,206.182.200.128-207.209.226.47,207.226.217.160-208.81.205.255,208.175.230.81-210.7.63.255 localport=80,443 protocol=TCP enable=yes
netsh advfirewall firewall add rule name="Allow_CN_IP_210-219_52" dir=in action=allow remoteip=210.72.0.0-211.71.255.255,211.80.0.0-211.152.148.254,211.152.149.64-211.152.150.71,211.152.150.96-212.60.11.63,212.60.11.176-213.137.95.255,213.199.169.0-218.30.62.255,218.30.64.0-218.247.255.255,218.249.0.0-219.158.5.173,219.158.5.175-219.158.98.5 localport=80,443 protocol=TCP enable=yes
pause