This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(262.40000000000003, 57.00000000000001%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETH%3C/text%3E%3C/svg%3E)
I need to create a rule with allows the program name without the full path because each software version has an EXE file opening some sockets like this:
C:\Program Files\aaaa\version001\TARGET.EXE
C:\Program Files\aaaa\version002\TARGET.EXE
C:\Program Files\aaaa\version003\TARGET.EXE
C:\Program Files\aaaa\version004\TARGET.EXE
C:\Program Files\aaaa\version005\TARGET.EXE
C:\Program Files\aaaa\version006\TARGET.EXE
: : :
Firstly, I created a script that adds all the EXE files to the new inbound rule one by one. But there are so many version folders today. Therefore, I need to simplify them and make one rule.
The question is how to make a rule that allows TARGET.EXE without full path. As an alternative solution, it is also nice that I can make a rule allows "C:\%Program Files%\aaaa*\TARGET.EXE" instead.
If I can add it, I will implement this in a script using HNetCfg object.
Hello @takumi harayama
May be a bit simplistic but I would workaround using a batch file that finds each file in the folders from the starting path C:\Program Files\aaaa\ then a DO to set the firewall rule.
@ setlocal enableextensions
@ cd /d "C:\Program Files\aaaa\"
for /R %%a in (TARGET.EXE) do (
netsh advfirewall firewall add rule name="Blocked with Batchfile %%a" dir=out program="%%a" action=block
)
Hope this helps with your query,
-----------
--If the reply is helpful, please Upvote and Accept as answer--